TCP Cookie Transactions (TCPCT)
RFC 6013

 
Document Type RFC - Experimental (January 2011; No errata)
Last updated 2013-03-02
Stream ISE
Formats plain text pdf html
Stream ISE state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 6013 (Experimental)
Telechat date
Responsible AD Lars Eggert
Send notices to William.Allen.Simpson@Gmail.com, rfc-ise@rfc-editor.org
Independent Submission                                        W. Simpson
Request for Comments: 6013                                    DayDreamer
Category: Experimental                                      January 2011
ISSN: 2070-1721

                    TCP Cookie Transactions (TCPCT)

Abstract

   TCP Cookie Transactions (TCPCT) deter spoofing of connections and
   prevent resource exhaustion, eliminating Responder (server) state
   during the initial handshake.  The Initiator (client) has sole
   responsibility for ensuring required delays between connections.  The
   cookie exchange may carry data, limited to inhibit amplification and
   reflection denial of service attacks.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for examination, experimental implementation, and
   evaluation.

   This document defines an Experimental Protocol for the Internet
   community.  This is a contribution to the RFC Series, independently
   of any other RFC stream.  The RFC Editor has chosen to publish this
   document at its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6013.

Simpson                       Experimental                      [Page 1]
RFC 6013                 TCP Cookie Transactions            January 2011

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

   This document may not be modified, and derivative works of it may not
   be created, except to format it for publication as an RFC or to
   translate it into languages other than English.

Simpson                       Experimental                      [Page 2]
RFC 6013                 TCP Cookie Transactions            January 2011

Table of Contents

   1. Introduction ....................................................4
      1.1. Terminology ................................................4
   2. Protocol Overview ...............................................4
      2.1. Message Summary (Simplified) ...............................6
      2.2. Compatibility and Transparency .............................7
      2.3. Fully Loaded Cookies .......................................7
      2.4. TCP Header Extension .......................................8
      2.5. <SYN> Option Handling ......................................9
   3. Protocol Details ................................................9
      3.1. TCP Cookie Option .........................................10
      3.2. TCP Cookie-Pair Standard Option ...........................10
      3.3. TCP Cookie-less Option ....................................11
      3.4. TCP Timestamps Extended Option ............................11
      3.5. Cookie Generation .........................................13
   4. Cookie Exchange ................................................16
      4.1. Initiator <SYN> ...........................................16
      4.2. Responder <SYN,ACK(SYN)> ..................................17
      4.3. Initiator <ACK(SYN)> ......................................17
      4.4. Responder <ACK> ...........................................18
      4.5. Simultaneous Open .........................................18
   5. Accelerated Close ..............................................19
      5.1. Initiator Close ...........................................20
      5.2. Responder Close ...........................................20
   6. Accelerated Open ...............................................21
      6.1. Initiator <SYN> Data ......................................21
      6.2. Responder <SYN,ACK(SYN)> Data .............................22
      6.3. Initiator <ACK(SYN)> Data .................................23
      6.4. Responder <ACK> Data ......................................24
   7. Advisory Reset .................................................24
   8. Interactions with Other Options ................................24
      8.1. TCP Selective Acknowledgment ..............................25
      8.2. TCP Timestamps ............................................25
Show full document text