idnits 2.17.1 draft-ietf-tcpm-ao-test-vectors-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. == There are 1 instance of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 3, 2022) is 784 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 TCPM J. Touch 2 Internet Draft Independent consultant 3 Intended status: Informational J. Kuusisaari 4 Expires: September 2022 Infinera 5 March 3, 2022 7 TCP-AO Test Vectors 8 draft-ietf-tcpm-ao-test-vectors-09.txt 10 Abstract 12 This document provides test vectors to validate implementations of 13 the two mandatory authentication algorithms specified for the TCP 14 Authentication Option over both IPv4 and IPv6. This includes 15 validation of the key derivation function (KDF) based on a set of 16 test connection parameters as well as validation of the message 17 authentication code (MAC). Vectors are provided for both currently 18 required pairs of KDF and MAC algorithms: KDF_HMAC_SHA1 and HMAC- 19 SHA-1-96, and KDF_AES_128_CMAC and AES-128-CMAC-96. The vectors also 20 validate both whole TCP segments as well as segments whose options 21 are excluded for middlebox traversal. 23 Status of this Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF), its areas, and its working groups. Note that 30 other groups may also distribute working documents as Internet- 31 Drafts. 33 The list of current Internet-Drafts can be accessed at 34 http://www.ietf.org/ietf/1id-abstracts.txt 36 The list of Internet-Draft Shadow Directories can be accessed at 37 https://www.ietf.org/shadow.html 39 Internet-Drafts are draft documents valid for a maximum of six 40 months and may be updated, replaced, or obsoleted by other documents 41 at any time. It is inappropriate to use Internet-Drafts as 42 reference material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on September 3, 2022. 46 Copyright and License Notice 48 Copyright (c) 2022 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (http://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with 56 respect to this document. Code Components extracted from this 57 document must include Revised BSD License text as described in 58 Section 4.e of the Trust Legal Provisions and are provided without 59 warranty as described in the Revised BSD License. 61 Table of Contents 63 1. Introduction...................................................3 64 2. Conventions used in this document..............................4 65 3. Input Test Vectors.............................................4 66 3.1. TCP Connection Parameters.................................4 67 3.1.1. TCP-AO parameters....................................4 68 3.1.2. Active (client) side parameters......................4 69 3.1.3. Passive (server) side parameters.....................5 70 3.1.4. Other IP fields and options..........................5 71 3.1.5. Other TCP fields and options.........................5 72 4. IPv4 SHA-1 Output Test Vectors.................................5 73 4.1. HMAC-SHA-1-96 (default - covers TCP options)..............6 74 4.1.1. Send (client) SYN (covers options)...................6 75 4.1.2. Receive (server) SYN-ACK (covers options)............6 76 4.1.3. Send (client) non-SYN (covers options)...............7 77 4.1.4. Receive (server) non-SYN (covers options)............7 78 4.2. HMAC-SHA-1-96 (omits TCP options).........................8 79 4.2.1. Send (client) SYN (omits options)....................8 80 4.2.2. Receive (server) SYN-ACK (omits options).............8 81 4.2.3. Send (client) non-SYN (omits options)................9 82 4.2.4. Receive (server) non-SYN (omits options)............10 83 5. IPv4 AES-128 Output Test Vectors..............................10 84 5.1. AES-128-CMAC-96 (default - covers TCP options)...........10 85 5.1.1. Send (client) SYN (covers options)..................10 86 5.1.2. Receive (server) SYN-ACK (covers options)...........11 87 5.1.3. Send (client) non-SYN (covers options)..............12 88 5.1.4. Receive (server) non-SYN (covers options)...........12 89 5.2. AES-128-CMAC-96 (omits TCP options)......................13 90 5.2.1. Send (client) SYN (omits options)...................13 91 5.2.2. Receive (server) SYN-ACK (omits options)............13 92 5.2.3. Send (client) non-SYN (omits options)...............14 93 5.2.4. Receive (server) non-SYN (omits options)............14 94 6. IPv6 SHA-1 Output Test Vectors................................15 95 6.1. HMAC-SHA-1-96 (default - covers TCP options).............15 96 6.1.1. Send (client) SYN (covers options)..................15 97 6.1.2. Receive (server) SYN-ACK (covers options)...........16 98 6.1.3. Send (client) non-SYN (covers options)..............16 99 6.1.4. Receive (server) non-SYN (covers options)...........17 100 6.2. HMAC-SHA-1-96 (omits TCP options)........................18 101 6.2.1. Send (client) SYN (omits options)...................18 102 6.2.2. Receive (server) SYN-ACK (omits options)............18 103 6.2.3. Send (client) non-SYN (omits options)...............19 104 6.2.4. Receive (server) non-SYN (omits options)............19 105 7. IPv6 AES-128 Output Test Vectors..............................20 106 7.1. AES-128-CMAC-96 (default - covers TCP options)...........20 107 7.1.1. Send (client) SYN (covers options)..................20 108 7.1.2. Receive (server) SYN-ACK (covers options)...........21 109 7.1.3. Send (client) non-SYN (covers options)..............21 110 7.1.4. Receive (server) non-SYN (covers options)...........22 111 7.2. AES-128-CMAC-96 (omits TCP options)......................23 112 7.2.1. Send (client) SYN (omits options)...................23 113 7.2.2. Receive (server) SYN-ACK (omits options)............23 114 7.2.3. Send (client) non-SYN (omits options)...............24 115 7.2.4. Receive (server) non-SYN (omits options)............24 116 8. Observed Implementation Errors................................25 117 8.1. Algorithm issues.........................................25 118 8.2. Algorithm parameters.....................................25 119 8.3. String handling issues...................................26 120 8.4. Header coverage issues...................................26 121 9. Security Considerations.......................................26 122 10. IANA Considerations..........................................26 123 11. References...................................................27 124 11.1. Normative References....................................27 125 11.2. Informative References..................................27 126 12. Acknowledgments..............................................28 128 1. Introduction 130 This document provides test vectors to validate the correct 131 implementation of the TCP Authentication Option (TCP-AO) [RFC5925] 132 and its mandatory cryptographic algorithms defined in [RFC5926]. It 133 includes the specification of all endpoint parameters to generate 134 the variety of TCP segments covered by different keys and MAC 135 coverage, i.e., both the default case and the variant where TCP 136 options are ignored for middlebox traversal. It also includes both 137 default key derivation functions (KDFs) and MAC generation 138 algorithms [RFC5926] and lists common pitfalls of implementing the 139 algorithms correctly. 141 The experimental extension to support NAT traversal [RFC6978] is not 142 included in the provided test vectors. 144 This document provides test vectors from multiple implementations 145 that have been validated against each other for interoperability. 147 2. Conventions used in this document 149 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 150 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 151 "OPTIONAL" in this document are to be interpreted as described in 152 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 153 capitals, as shown here. 155 3. Input Test Vectors 157 3.1. TCP Connection Parameters 159 The following parameters are used throughout this suite of test 160 vectors. The terms 'active' and 'passive' are used as defined for 161 TCP [RFC793]. 163 3.1.1. TCP-AO parameters 165 The following values are used for all exchanges. This suite does not 166 test key switchover. The KeyIDs are as indicated for TCP-AO 167 [RFC5925]. The Master_Key is used to derive the traffic keys 168 [RFC5926]. 170 Active (client) side KeyID: 61 decimal (0x3d hexadecimal) 172 Passive (server) side KeyID: 84 decimal (0x54 hexadecimal) 174 Master_Key: "testvector" (length = 10 bytes) 176 3.1.2. Active (client) side parameters 178 The following endpoint parameters are used on the active side of the 179 TCP connection, i.e., the side that initiates the TCP SYN. 181 For IPv4: 10.11.12.13 (dotted decimal) 183 For IPv6: fd00::1 (IPv6 hexadecimal) 184 TCP port: (varies) 186 3.1.3. Passive (server) side parameters 188 The following endpoint parameters are used for the passive side of 189 the TCP connection, i.e., the side that responds with a TCP SYN-ACK. 191 For IPv4: 172.27.28.29 (dotted decimal) 193 For IPv6: fd00::2 (IPv6 hexadecimal) 195 TCP port = 179 decimal (BGP) 197 3.1.4. Other IP fields and options 199 No IP options are used in these test vectors. 201 All IPv4 packets use the following other parameters [RFC791]: DSCP = 202 111000 binary (CS7) as is typical for BGP, ECN = 00 binary, set DF, 203 and clear MF. 205 IPv4 uses a TTL of 255 decimal; IPv6 uses a hop limit of 255 206 decimal. 208 All IPv6 packets use the following other parameters [RFC8200]: 209 traffic class = 0xe0 hexadecimal (DSCP = 111000 binary CS7, as is 210 typical for BGP, with ECN = 00 binary) and no EHs. 212 3.1.5. Other TCP fields and options 214 The SYN and SYN-ACK segments include MSS [RFC793], NOP, WindowScale 215 [RFC7323], SACK Permitted [RFC2018], TimeStamp [RFC7323], and TCP-AO 216 [RFC5925], in that order. 218 All other example segments include NOP, NOP, TimeStamp, and TCP-AO, 219 in that order. 221 All segment URG pointers are zero [RFC793]. All segments with data 222 set the PSH flag [RFC793]. 224 Each TCP connection below uses the Initial Sequence Numbers (ISNs) 225 as indicated at the front of each corresponding section. 227 4. IPv4 SHA-1 Output Test Vectors 229 The SHA-1 KDF and MAC algorithms, KDF_HMAC_SHA1 and HMAC-SHA-1-96, 230 are computed as specified for TCP-AO [RFC5926]. 232 In the following sections, all values are indicated as 2-digit 233 hexadecimal values with spacing per line representing the contents 234 of 16 consecutive bytes, as is typical for data dumps. The IP/TCP 235 data indicates the entire IP packet, including the TCP segment and 236 its options (whether covered by TCP-AO or not, as indicated), 237 including TCP-AO. 239 4.1. HMAC-SHA-1-96 (default - covers TCP options) 241 4.1.1. Send (client) SYN (covers options) 243 Client ISN = 0xfbfbab5a 245 Send_SYN_traffic_key: 247 6d 63 ef 1b 02 fe 15 09 d4 b1 40 27 07 fd 7b 04 248 16 ab b7 4f 250 IPv4/TCP: 252 45 e0 00 4c dd 0f 40 00 ff 06 bf 6b 0a 0b 0c 0d 253 ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5a 00 00 00 00 254 e0 02 ff ff ca c4 00 00 02 04 05 b4 01 03 03 08 255 04 02 08 0a 00 15 5a b7 00 00 00 00 1d 10 3d 54 256 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 258 MAC: 260 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 262 4.1.2. Receive (server) SYN-ACK (covers options) 264 Server ISN = 0x11c14261 266 Receive_SYN_traffic_key: 268 d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 269 79 7f ea 96 271 IPv4/TCP: 273 45 e0 00 4c 65 06 40 00 ff 06 37 75 ac 1b 1c 1d 274 0a 0b 0c 0d 00 b3 e9 d7 11 c1 42 61 fb fb ab 5b 275 e0 12 ff ff 37 76 00 00 02 04 05 b4 01 03 03 08 276 04 02 08 0a 84 a5 0b eb 00 15 5a b7 1d 10 54 3d 277 ee ab 0f e2 4c 30 10 81 51 16 b3 be 279 MAC: 281 ee ab 0f e2 4c 30 10 81 51 16 b3 be 283 4.1.3. Send (client) non-SYN (covers options) 285 Send_other_traffic_key: 287 d2 e5 9c 65 ff c7 b1 a3 93 47 65 64 63 b7 0e dc 288 24 a1 3d 71 290 IPv4/TCP: 292 45 e0 00 87 36 a1 40 00 ff 06 65 9f 0a 0b 0c 0d 293 ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5b 11 c1 42 62 294 c0 18 01 04 a1 62 00 00 01 01 08 0a 00 15 5a c1 295 84 a5 0b eb 1d 10 3d 54 70 64 cf 99 8c c6 c3 15 296 c2 c2 e2 bf ff ff ff ff ff ff ff ff ff ff ff ff 297 ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 298 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 299 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 300 06 00 64 00 01 01 00 302 MAC: 304 70 64 cf 99 8c c6 c3 15 c2 c2 e2 bf 306 4.1.4. Receive (server) non-SYN (covers options) 308 Receive_other_traffic_key: 310 d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 311 79 7f ea 96 313 IPv4/TCP: 315 45 e0 00 87 1f a9 40 00 ff 06 7c 97 ac 1b 1c 1d 316 0a 0b 0c 0d 00 b3 e9 d7 11 c1 42 62 fb fb ab 9e 317 c0 18 01 00 40 0c 00 00 01 01 08 0a 84 a5 0b f5 318 00 15 5a c1 1d 10 54 3d a6 3f 0e cb bb 2e 63 5c 319 95 4d ea c7 ff ff ff ff ff ff ff ff ff ff ff ff 320 ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 321 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 322 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 323 06 00 64 00 01 01 00 325 MAC: 327 a6 3f 0e cb bb 2e 63 5c 95 4d ea c7 329 4.2. HMAC-SHA-1-96 (omits TCP options) 331 4.2.1. Send (client) SYN (omits options) 333 Client ISN = 0xcb0efbee 335 Send_SYN_traffic_key: 337 30 ea a1 56 0c f0 be 57 da b5 c0 45 22 9f b1 0a 338 42 3c d7 ea 340 IPv4/TCP: 342 45 e0 00 4c 53 99 40 00 ff 06 48 e2 0a 0b 0c 0d 343 ac 1b 1c 1d ff 12 00 b3 cb 0e fb ee 00 00 00 00 344 e0 02 ff ff 54 1f 00 00 02 04 05 b4 01 03 03 08 345 04 02 08 0a 00 02 4c ce 00 00 00 00 1d 10 3d 54 346 80 af 3c fe b8 53 68 93 7b 8f 9e c2 348 MAC: 350 80 af 3c fe b8 53 68 93 7b 8f 9e c2 352 4.2.2. Receive (server) SYN-ACK (omits options) 354 Server ISN = 0xacd5b5e1 355 Receive_SYN_traffic_key: 357 b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41a 358 01 a8 30 7f 360 IPv4/TCP: 362 45 e0 00 4c 32 84 40 00 ff 06 69 f7 ac 1b 1c 1d 363 0a 0b 0c 0d 00 b3 ff 12 ac d5 b5 e1 cb 0e fb ef 364 e0 12 ff ff 38 8e 00 00 02 04 05 b4 01 03 03 08 365 04 02 08 0a 57 67 72 f3 00 02 4c ce 1d 10 54 3d 366 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 368 MAC: 370 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 372 4.2.3. Send (client) non-SYN (omits options) 374 Send_other_traffic_key: 376 f3 db 17 93 d7 91 0e cd 80 6c 34 f1 55 ea 1f 00 377 34 59 53 e3 379 IPv4/TCP: 381 45 e0 00 87 a8 f5 40 00 ff 06 f3 4a 0a 0b 0c 0d 382 ac 1b 1c 1d ff 12 00 b3 cb 0e fb ef ac d5 b5 e2 383 c0 18 01 04 6c 45 00 00 01 01 08 0a 00 02 4c ce 384 57 67 72 f3 1d 10 3d 54 71 06 08 cc 69 6c 03 a2 385 71 c9 3a a5 ff ff ff ff ff ff ff ff ff ff ff ff 386 ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 387 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 388 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 389 06 00 64 00 01 01 00 391 MAC: 393 71 06 08 cc 69 6c 03 a2 71 c9 3a a5 395 4.2.4. Receive (server) non-SYN (omits options) 397 Receive_other_traffic_key: 399 b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41 400 01 a8 30 7f 402 IPv4/TCP: 404 45 e0 00 87 54 37 40 00 ff 06 48 09 ac 1b 1c 1d 405 0a 0b 0c 0d 00 b3 ff 12 ac d5 b5 e2 cb 0e fc 32 406 c0 18 01 00 46 b6 00 00 01 01 08 0a 57 67 72 f3 407 00 02 4c ce 1d 10 54 3d 97 76 6e 48 ac 26 2d e9 408 ae 61 b4 f9 ff ff ff ff ff ff ff ff ff ff ff ff 409 ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 410 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 411 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 412 06 00 64 00 01 01 00 414 MAC: 416 97 76 6e 48 ac 26 2d e9 ae 61 b4 f9 418 5. IPv4 AES-128 Output Test Vectors 420 The AES-128 KDF and MAC algorithms, KDF_AES_128_CMAC and AES-128- 421 CMAC-96, are computed as specified for TCP-AO [RFC5926]. 423 In the following sections, all values are indicated as 2-digit 424 hexadecimal values with spacing per line representing the contents 425 of 16 consecutive bytes, as is typical for data dumps. The IP/TCP 426 data indicates the entire IP packet, including the TCP segment and 427 its options (whether covered by TCP-AO or not, as indicated), 428 including TCP-AO. 430 5.1. AES-128-CMAC-96 (default - covers TCP options) 432 5.1.1. Send (client) SYN (covers options) 434 Client ISN = 0x787a1ddf 435 Send_SYN_traffic_key: 437 f5 b8 b3 d5 f3 4f db b6 eb 8d 4a b9 66 0e 60 e3 439 IP/TCP: 441 45 e0 00 4c 7b 9f 40 00 ff 06 20 dc 0a 0b 0c 0d 442 ac 1b 1c 1d c4 fa 00 b3 78 7a 1d df 00 00 00 00 443 e0 02 ff ff 5a 0f 00 00 02 04 05 b4 01 03 03 08 444 04 02 08 0a 00 01 7e d0 00 00 00 00 1d 10 3d 54 445 e4 77 e9 9c 80 40 76 54 98 e5 50 91 447 MAC: 449 e4 77 e9 9c 80 40 76 54 98 e5 50 91 451 5.1.2. Receive (server) SYN-ACK (covers options) 453 Server ISN = 0xfadd6de9 455 Receive_SYN_traffic_key: 457 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 459 IPv4/TCP: 461 45 e0 00 4c 4b ad 40 00 ff 06 50 ce ac 1b 1c 1d 462 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d e9 78 7a 1d e0 463 e0 12 ff ff f3 f2 00 00 02 04 05 b4 01 03 03 08 464 04 02 08 0a 93 f4 e9 e8 00 01 7e d0 1d 10 54 3d 465 d6 ad a7 bc 4c dd 53 6d 17 69 db 5f 467 MAC: 469 d6 ad a7 bc 4c dd 53 6d 17 69 db 5f 471 5.1.3. Send (client) non-SYN (covers options) 473 Send_other_traffic_key: 475 8c 8a e0 e8 37 1e c5 cb b9 7e a7 9d 90 41 83 91 477 IPv4/TCP: 479 45 e0 00 87 fb 4f 40 00 ff 06 a0 f0 0a 0b 0c 0d 480 ac 1b 1c 1d c4 fa 00 b3 78 7a 1d e0 fa dd 6d ea 481 c0 18 01 04 95 05 00 00 01 01 08 0a 00 01 7e d0 482 93 f4 e9 e8 1d 10 3d 54 77 41 27 42 fa 4d c4 33 483 ef f0 97 3e ff ff ff ff ff ff ff ff ff ff ff ff 484 ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 485 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 486 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 487 06 00 64 00 01 01 00 489 MAC: 491 77 41 27 42 fa 4d c4 33 ef f0 97 3e 493 5.1.4. Receive (server) non-SYN (covers options) 495 Receive_other_traffic_key: 497 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 499 IPv4/TCP: 501 45 e0 00 87 b9 14 40 00 ff 06 e3 2b ac 1b 1c 1d 502 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d ea 78 7a 1e 23 503 c0 18 01 00 e7 db 00 00 01 01 08 0a 93 f4 e9 e8 504 00 01 7e d0 1d 10 54 3d f6 d9 65 a7 83 82 a7 48 505 45 f7 2d ac ff ff ff ff ff ff ff ff ff ff ff ff 506 ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 507 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 508 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 509 06 00 64 00 01 01 00 511 MAC: 513 f6 d9 65 a7 83 82 a7 48 45 f7 2d ac 515 5.2. AES-128-CMAC-96 (omits TCP options) 517 5.2.1. Send (client) SYN (omits options) 519 Client ISN = 0x389bed71 521 Send_SYN_traffic_key: 523 2c db ae 13 92 c4 94 49 fa 92 c4 50 97 35 d5 0e 525 IPv4/TCP: 527 45 e0 00 4c f2 2e 40 00 ff 06 aa 4c 0a 0b 0c 0d 528 ac 1b 1c 1d da 1c 00 b3 38 9b ed 71 00 00 00 00 529 e0 02 ff ff 70 bf 00 00 02 04 05 b4 01 03 03 08 530 04 02 08 0a 00 01 85 e1 00 00 00 00 1d 10 3d 54 531 c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 533 MAC: 535 c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 537 5.2.2. Receive (server) SYN-ACK (omits options) 539 Server ISN = 0xd3844a6f 541 Receive_SYN_traffic_key: 543 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a 545 IPv4/TCP: 547 45 e0 00 4c 6c c0 40 00 ff 06 2f bb ac 1b 1c 1d 548 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 6f 38 9b ed 72 549 e0 12 ff ff e4 45 00 00 02 04 05 b4 01 03 03 08 550 04 02 08 0a ce 45 98 38 00 01 85 e1 1d 10 54 3d 551 3a 6a bb 20 7e 49 b1 be 71 36 db 90 553 MAC: 555 3a 6a bb 20 7e 49 b1 be 71 36 db 90 557 5.2.3. Send (client) non-SYN (omits options) 559 Send_other_traffic_key: 561 03 5b c4 00 a3 41 ff e5 95 f5 9f 58 00 50 06 ca 563 IPv4/TCP: 565 45 e0 00 87 ee 91 40 00 ff 06 ad ae 0a 0b 0c 0d 566 ac 1b 1c 1d da 1c 00 b3 38 9b ed 72 d3 84 4a 70 567 c0 18 01 04 88 51 00 00 01 01 08 0a 00 01 85 e1 568 ce 45 98 38 1d 10 3d 54 75 85 e9 e9 d5 c3 ec 85 569 7b 96 f8 37 ff ff ff ff ff ff ff ff ff ff ff ff 570 ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 571 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 572 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 573 06 00 64 00 01 01 00 575 MAC: 577 75 85 e9 e9 d5 c3 ec 85 7b 96 f8 37 579 5.2.4. Receive (server) non-SYN (omits options) 581 Receive_other_traffic_key: 583 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a 585 IPv4/TCP: 587 45 e0 00 87 6a 21 40 00 ff 06 32 1f ac 1b 1c 1d 588 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 70 38 9b ed 72 589 c0 18 01 00 04 49 00 00 01 01 08 0a ce 45 98 38 590 00 01 85 e1 1d 10 54 3d 5c 04 0f d9 23 33 04 76 591 5c 09 82 f4 ff ff ff ff ff ff ff ff ff ff ff ff 592 ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 593 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 594 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 595 06 00 64 00 01 01 00 597 MAC: 599 5c 04 0f d9 23 33 04 76 5c 09 82 f4 601 6. IPv6 SHA-1 Output Test Vectors 603 The SHA-1 KDF and MAC algorithms, KDF_HMAC_SHA1 and HMAC-SHA-1-96, 604 are computed as specified for TCP-AO [RFC5926]. 606 6.1. HMAC-SHA-1-96 (default - covers TCP options) 608 6.1.1. Send (client) SYN (covers options) 610 Client ISN = 0x176a833f 612 Send_SYN_traffic_key: 614 62 5e c0 9d 57 58 36 ed c9 b6 42 84 18 bb f0 69 615 89 a3 61 bb 617 IPv6/TCP: 619 6e 08 91 dc 00 38 06 40 fd 00 00 00 00 00 00 00 620 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 621 00 00 00 00 00 00 00 02 f7 e4 00 b3 17 6a 83 3f 622 00 00 00 00 e0 02 ff ff 47 21 00 00 02 04 05 a0 623 01 03 03 08 04 02 08 0a 00 41 d0 87 00 00 00 00 624 1d 10 3d 54 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f 626 MAC: 628 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f 630 6.1.2. Receive (server) SYN-ACK (covers options) 632 Server ISN = 0x3f51994b 634 Receive_SYN_traffic_key: 636 e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 637 71 eb cb 4a 639 IPv6/TCP: 641 6e 01 00 9e 00 38 06 40 fd 00 00 00 00 00 00 00 642 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 643 00 00 00 00 00 00 00 01 00 b3 f7 e4 3f 51 99 4b 644 17 6a 83 40 e0 12 ff ff bf ec 00 00 02 04 05 a0 645 01 03 03 08 04 02 08 0a bd 33 12 9b 00 41 d0 87 646 1d 10 54 3d f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 648 MAC: 650 f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 652 6.1.3. Send (client) non-SYN (covers options) 654 Send_other_traffic_key: 656 1e d8 29 75 f4 ea 44 4c 61 58 0c 5b d9 0d bd 61 657 bb c9 1b 7e 659 IPv6/TCP: 661 6e 08 91 dc 00 73 06 40 fd 00 00 00 00 00 00 00 662 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 663 00 00 00 00 00 00 00 02 f7 e4 00 b3 17 6a 83 40 664 3f 51 99 4c c0 18 01 00 32 9c 00 00 01 01 08 0a 665 00 41 d0 91 bd 33 12 9b 1d 10 3d 54 bf 08 05 fe 666 b4 ac 7b 16 3d 6f cd f2 ff ff ff ff ff ff ff ff 667 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 668 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 669 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 670 e8 02 08 40 06 00 64 00 01 01 00 672 MAC: 674 bf 08 05 fe b4 ac 7b 16 3d 6f cd f2 676 6.1.4. Receive (server) non-SYN (covers options) 678 Receive_other_traffic_key: 680 e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 681 71 eb cb 4a 683 IPv6/TCP: 685 6e 01 00 9e 00 73 06 40 fd 00 00 00 00 00 00 00 686 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 687 00 00 00 00 00 00 00 01 00 b3 f7 e4 3f 51 99 4c 688 17 6a 83 83 c0 18 01 00 ee 6e 00 00 01 01 08 0a 689 bd 33 12 a5 00 41 d0 91 1d 10 54 3d 6c 48 12 5c 690 11 33 5b ab 9a 07 a7 97 ff ff ff ff ff ff ff ff 691 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 692 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 693 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 694 e8 02 08 40 06 00 64 00 01 01 00 696 MAC: 698 6c 48 12 5c 11 33 5b ab 9a 07 a7 97 700 6.2. HMAC-SHA-1-96 (omits TCP options) 702 6.2.1. Send (client) SYN (omits options) 704 Client ISN = 0x020c1e69 706 Send_SYN_traffic_key: 708 31 a3 fa f6 9e ff ae 52 93 1b 7f 84 54 67 31 5c 709 27 0a 4e dc 711 IPv6/TCP: 713 6e 07 8f cd 00 38 06 40 fd 00 00 00 00 00 00 00 714 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 715 00 00 00 00 00 00 00 02 c6 cd 00 b3 02 0c 1e 69 716 00 00 00 00 e0 02 ff ff a4 1a 00 00 02 04 05 a0 717 01 03 03 08 04 02 08 0a 00 9d b9 5b 00 00 00 00 718 1d 10 3d 54 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 720 MAC: 722 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 724 6.2.2. Receive (server) SYN-ACK (omits options) 726 Server ISN = 0xeba3734d 728 Receive_SYN_traffic_key: 730 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 731 c7 fa 91 bd 733 IPv6/TCP: 735 6e 0a 7e 1f 00 38 06 40 fd 00 00 00 00 00 00 00 736 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 737 00 00 00 00 00 00 00 01 00 b3 c6 cd eb a3 73 4d 738 02 0c 1e 6a e0 12 ff ff 77 4d 00 00 02 04 05 a0 739 01 03 03 08 04 02 08 0a 5e c9 9b 70 00 9d b9 5b 740 1d 10 54 3d 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d 742 MAC: 744 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d 746 6.2.3. Send (client) non-SYN (omits options) 748 Send_other_traffic_key: 750 b3 4e ed 6a 93 96 a6 69 f1 c4 f4 f5 76 18 f3 65 751 6f 52 c7 ab 753 IPv6/TCP: 755 6e 07 8f cd 00 73 06 40 fd 00 00 00 00 00 00 00 756 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 757 00 00 00 00 00 00 00 02 c6 cd 00 b3 02 0c 1e 6a 758 eb a3 73 4e c0 18 01 00 83 e6 00 00 01 01 08 0a 759 00 9d b9 65 5e c9 9b 70 1d 10 3d 54 48 bd 09 3b 760 19 24 e0 01 19 2f 5b f0 ff ff ff ff ff ff ff ff 761 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 762 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 763 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 764 e8 02 08 40 06 00 64 00 01 01 00 766 MAC: 768 48 bd 09 3b 19 24 e0 01 19 2f 5b f0 770 6.2.4. Receive (server) non-SYN (omits options) 772 Receive_other_traffic_key: 774 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 775 c7 fa 91 bd 777 IPv6/TCP: 779 6e 0a 7e 1f 00 73 06 40 fd 00 00 00 00 00 00 00 780 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 781 00 00 00 00 00 00 00 01 00 b3 c6 cd eb a3 73 4e 782 02 0c 1e ad c0 18 01 00 71 6a 00 00 01 01 08 0a 783 5e c9 9b 7a 00 9d b9 65 1d 10 54 3d 55 9a 81 94 784 45 b4 fd e9 8d 9e 13 17 ff ff ff ff ff ff ff ff 785 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 786 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 787 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 788 e8 02 08 40 06 00 64 00 01 01 00 790 MAC: 792 55 9a 81 94 45 b4 fd e9 8d 9e 13 17 794 7. IPv6 AES-128 Output Test Vectors 796 The AES-128 KDF and MAC algorithms, KDF_AES_128_CMAC and AES-128- 797 CMAC-96, are computed as specified for TCP-AO [RFC5926]. 799 7.1. AES-128-CMAC-96 (default - covers TCP options) 801 7.1.1. Send (client) SYN (covers options) 803 Client ISN = 0x193cccec 805 Send_SYN_traffic_key: 807 fa 5a 21 08 88 2d 39 d0 c7 19 29 17 5a b1 b7 b8 809 IP/TCP: 811 6e 04 a7 06 00 38 06 40 fd 00 00 00 00 00 00 00 812 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 813 00 00 00 00 00 00 00 02 f8 5a 00 b3 19 3c cc ec 814 00 00 00 00 e0 02 ff ff de 5d 00 00 02 04 05 a0 815 01 03 03 08 04 02 08 0a 13 e4 ab 99 00 00 00 00 816 1d 10 3d 54 59 b5 88 10 74 81 ac 6d c3 92 70 40 818 MAC: 820 59 b5 88 10 74 81 ac 6d c3 92 70 40 822 7.1.2. Receive (server) SYN-ACK (covers options) 824 Server ISN = 0xa6744ecb 826 Receive_SYN_traffic_key: 828 cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 830 IPv6/TCP: 832 6e 06 15 20 00 38 06 40 fd 00 00 00 00 00 00 00 833 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 834 00 00 00 00 00 00 00 01 00 b3 f8 5a a6 74 4e cb 835 19 3c cc ed e0 12 ff ff ea bb 00 00 02 04 05 a0 836 01 03 03 08 04 02 08 0a 71 da ab c8 13 e4 ab 99 837 1d 10 54 3d dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 839 MAC: 841 dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 843 7.1.3. Send (client) non-SYN (covers options) 845 Send_other_traffic_key: 847 61 74 c3 55 7a be d2 75 74 db a3 71 85 f0 03 00 849 IPv6/TCP: 851 6e 04 a7 06 00 73 06 40 fd 00 00 00 00 00 00 00 852 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 853 00 00 00 00 00 00 00 02 f8 5a 00 b3 19 3c cc ed 854 a6 74 4e cc c0 18 01 00 32 80 00 00 01 01 08 0a 855 13 e4 ab a3 71 da ab c8 1d 10 3d 54 7b 6a 45 5c 856 0d 4f 5f 01 83 5b aa b3 ff ff ff ff ff ff ff ff 857 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 858 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 859 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 860 e8 02 08 40 06 00 64 00 01 01 00 862 MAC: 864 7b 6a 45 5c 0d 4f 5f 01 83 5b aa b3 866 7.1.4. Receive (server) non-SYN (covers options) 868 Receive_other_traffic_key: 870 cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 872 IPv6/TCP: 874 6e 06 15 20 00 73 06 40 fd 00 00 00 00 00 00 00 875 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 876 00 00 00 00 00 00 00 01 00 b3 f8 5a a6 74 4e cc 877 19 3c cd 30 c0 18 01 00 52 f4 00 00 01 01 08 0a 878 71 da ab d3 13 e4 ab a3 1d 10 54 3d c1 06 9b 7d 879 fd 3d 69 3a 6d f3 f2 89 ff ff ff ff ff ff ff ff 880 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 881 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 882 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 883 e8 02 08 40 06 00 64 00 01 01 00 885 MAC: 887 c1 06 9b 7d fd 3d 69 3a 6d f3 f2 89 889 7.2. AES-128-CMAC-96 (omits TCP options) 891 7.2.1. Send (client) SYN (omits options) 893 Client ISN = 0xb01da74a 895 Send_SYN_traffic_key: 897 a9 4f 51 12 63 e4 09 3d 35 dd 81 8c 13 bb bf 53 899 IPv6/TCP: 901 6e 09 3d 76 00 38 06 40 fd 00 00 00 00 00 00 00 902 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 903 00 00 00 00 00 00 00 02 f2 88 00 b3 b0 1d a7 4a 904 00 00 00 00 e0 02 ff ff 75 ff 00 00 02 04 05 a0 905 01 03 03 08 04 02 08 0a 14 27 5b 3b 00 00 00 00 906 1d 10 3d 54 3d 45 b4 34 2d e8 bb 15 30 84 78 98 908 MAC: 910 3d 45 b4 34 2d e8 bb 15 30 84 78 98 912 7.2.2. Receive (server) SYN-ACK (omits options) 914 Server ISN = 0xa6246145 916 Receive_SYN_traffic_key: 918 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a 920 IPv6/TCP: 922 6e 0c 60 0a 00 38 06 40 fd 00 00 00 00 00 00 00 923 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 924 00 00 00 00 00 00 00 01 00 b3 f2 88 a6 24 61 45 925 b0 1d a7 4b e0 12 ff ff a7 0c 00 00 02 04 05 a0 926 01 03 03 08 04 02 08 0a 17 82 24 5b 14 27 5b 3b 927 1d 10 54 3d 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 929 MAC: 931 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 933 7.2.3. Send (client) non-SYN (omits options) 935 Send_other_traffic_key: 937 4f b2 08 6e 40 2c 67 90 79 ed 65 d4 bf 97 69 3d 939 IPv6/TCP: 941 6e 09 3d 76 00 73 06 40 fd 00 00 00 00 00 00 00 942 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 943 00 00 00 00 00 00 00 02 f2 88 00 b3 b0 1d a7 4b 944 a6 24 61 46 c0 18 01 00 c3 6d 00 00 01 01 08 0a 945 14 27 5b 4f 17 82 24 5b 1d 10 3d 54 29 0c f4 14 946 cc b4 7a 33 32 76 e7 f8 ff ff ff ff ff ff ff ff 947 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 948 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 949 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 950 e8 02 08 40 06 00 64 00 01 01 00 952 MAC: 954 29 0c f4 14 cc b4 7a 33 32 76 e7 f8 956 7.2.4. Receive (server) non-SYN (omits options) 958 Receive_other_traffic_key: 960 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a 962 IPv6/TCP: 964 6e 0c 60 0a 00 73 06 40 fd 00 00 00 00 00 00 00 965 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 966 00 00 00 00 00 00 00 01 00 b3 f2 88 a6 24 61 46 967 b0 1d a7 8e c0 18 01 00 34 51 00 00 01 01 08 0a 968 17 82 24 65 14 27 5b 4f 1d 10 54 3d 99 51 5f fc 969 d5 40 34 99 f6 19 fd 1b ff ff ff ff ff ff ff ff 970 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 971 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 972 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 973 e8 02 08 40 06 00 64 00 01 01 00 975 MAC: 977 99 51 5f fc d5 40 34 99 f6 19 fd 1b 979 8. Observed Implementation Errors 981 The following is a partial list of implementation errors that this 982 set of test vectors is intended to validate. 984 8.1. Algorithm issues 986 o Underlying implementation of HMAC-SHA-1-96 or AES-128-CMAC-96 987 does not pass their corresponding test vectors [RFC2202] 988 [RFC4493] 990 o The SNE algorithm does not consider corner cases, possibly 991 because the pseudocode in [RFC5925] was not intended as complete, 992 as discussed in [RFC9187], the latter of which includes its own 993 validation sequence. 995 8.2. Algorithm parameters 997 o KDF context length is incorrect, e.g., it does not include TCP 998 header length + payload length (it should, per 5.2 of TCP-AO 999 [RFC5925]) 1001 o KDF calculation does not start from counter i = 1 (it should, per 1002 Sec. 3.1.1 of the TCP-AO crypto algorithms [RFC5926]) 1004 o KDF calculation does not include output length in bits, contained 1005 in two bytes in network byte order (it should, per Sec. 3.1.1 of 1006 the TCP-AO crypto algorithms [RFC5926]) 1008 o KDF uses keys generated from current TCP segment sequence numbers 1009 (KDF should use only local and remote ISNs or zero, as indicated 1010 in Sec. 5.2 of TCP-AO [RFC5925]) 1012 8.3. String handling issues 1014 The strings indicated in TCP-AO and its algorithms are indicated as 1015 a sequence of bytes of known length. In some implementations, string 1016 lengths are indicated by a terminal value (e.g., zero in C). This 1017 terminal value is not included as part of the string for 1018 calculations. 1020 o Password includes the last zero-byte (it should not) 1022 o Label "TCP-AO" includes the last zero byte (it should not) 1024 8.4. Header coverage issues 1026 o TCP checksum and/or MAC is not zeroed properly before calculation 1027 (both should be) 1029 o TCP header is not included in the MAC calculation (it should be) 1031 o TCP options are not included in the MAC calculation by default. 1033 There is a separate parameter in the Master Key Tuple (MKT) 1034 [RFC5925] to ignore options; this document provides test vectors for 1035 both options-included and options-excluded cases. 1037 9. Security Considerations 1039 This document is intended to assist in the validation of 1040 implementations of TCP-AO, to further enable its more widespread use 1041 as a security mechanism to authenticate not only TCP payload 1042 contents but the TCP headers and protocol. 1044 The Master_Key of "testvector" used here for test vector generation 1045 SHOULD NOT be used operationally. 1047 10. IANA Considerations 1049 This document contains no IANA issues. This section should be 1050 removed upon publication as an RFC. 1052 11. References 1054 11.1. Normative References 1056 [RFC791] Postel, J., "Internet Protocol," RFC 791, Sept. 1981. 1058 [RFC793] Postel, J., "Transmission Control Protocol," RFC 793, 1059 September 1981. 1061 [RFC2018] Mathis, M., J. Mahdavi, S. Floyd, A. Romanow, "TCP 1062 Selective Acknowledgment Options," RFC 2018, Oct. 1996. 1064 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1065 Requirement Levels," BCP 14, RFC 2119, March 1997. 1067 [RFC5925] Touch, J., A. Mankin, R. Bonica, "The TCP Authentication 1068 Option," RFC 5925, June 2010. 1070 [RFC5926] Lebovitz, G., and E. Rescorla, "Cryptographic Algorithms 1071 for the TCP Authentication Option (TCP-AO)," RFC 5926, 1072 June 2010. 1074 [RFC6978] Touch, J., "A TCP Authentication Option Extension for NAT 1075 Traversal," RFC 6978, July 2013. 1077 [RFC7323] Borman, D., B. Braden, V. Jacobson, R. Scheffenegger, Ed., 1078 "TCP Extensions for High Performance," RFC 7323, Sept. 1079 2014. 1081 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1082 2119 Key Words," RFC 8174, May 2017. 1084 [RFC8200] Deering, S., R. Hinden, "Internet Protocol Version 6 1085 (IPv6) Specification," RFC 8200, Jul. 2017. 1087 11.2. Informative References 1089 [RFC2202] Cheng, P., and R. Glenn, "Test Cases for HMAC-MD5 and 1090 HMAC-SHA-1," RFC 2202, Sept. 1997. 1092 [RFC4493] Song, JH, R. Poovendran, J. Lee, T. Iwata, "The AES-CMAC 1093 Algorithm," RFC 4493, June 2006. 1095 [RFC9187] Touch, J., "Sequence Number Extension for Windowed 1096 Protocols," RFC 9187, Jan. 2022. 1098 12. Acknowledgments 1100 This document was prepared using 2-Word-v2.0.template.dot. 1102 Authors' Addresses 1104 Joe Touch 1105 Manhattan Beach, CA 90266 USA 1106 Phone: +1 (310) 560-0334 1107 Email: touch@strayalpha.com 1109 Juhamatti Kuusisaari 1110 Infinera Corporation 1111 Sinimaentie 6c 1112 FI-02630 Espoo, Finland 1113 Email: jkuusisaari@infinera.com