idnits 2.17.1 draft-ietf-tcpm-urgent-data-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC2606-compliant FQDNs in the document. == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. -- The draft header indicates that this document updates RFC1011, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document updates RFC1122, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document updates RFC793, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC793, updated by this document, for RFC5378 checks: 1981-09-01) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 4, 2010) is 5165 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'UNPv1' is defined on line 370, but no explicit reference was found in the text ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) ** Downref: Normative reference to an Unknown state RFC: RFC 1011 Summary: 3 errors (**), 0 flaws (~~), 4 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TCP Maintenance and Minor F. Gont 3 Extensions (tcpm) UTN/FRH 4 Internet-Draft A. Yourtchenko 5 Updates: 793, 1011, 1122 Cisco 6 (if approved) March 4, 2010 7 Intended status: Standards Track 8 Expires: September 5, 2010 10 On the implementation of the TCP urgent mechanism 11 draft-ietf-tcpm-urgent-data-05.txt 13 Abstract 15 This document analyzes how current TCP implementations process TCP 16 urgent indications, and how the behavior of some widely-deployed 17 middle-boxes affect how urgent indications are processed by end 18 systems. This document updates the relevant specifications such that 19 they accommodate current practice in processing TCP urgent 20 indications, provides advice to applications that make use of the 21 urgent mechanism, and raises awareness about the reliability of TCP 22 urgent indications in the current Internet. 24 Status of this Memo 26 This Internet-Draft is submitted to IETF in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF), its areas, and its working groups. Note that 31 other groups may also distribute working documents as Internet- 32 Drafts. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 The list of current Internet-Drafts can be accessed at 40 http://www.ietf.org/ietf/1id-abstracts.txt. 42 The list of Internet-Draft Shadow Directories can be accessed at 43 http://www.ietf.org/shadow.html. 45 This Internet-Draft will expire on September 5, 2010. 47 Copyright Notice 48 Copyright (c) 2010 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (http://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 64 2. Specification of the TCP urgent mechanism . . . . . . . . . . 4 65 2.1. Semantics of urgent indications . . . . . . . . . . . . . 4 66 2.2. Semantics of the Urgent Pointer . . . . . . . . . . . . . 5 67 2.3. Allowed length of urgent data . . . . . . . . . . . . . . 5 68 3. Current implementation practice of TCP urgent data . . . . . . 5 69 3.1. Semantics of urgent indications . . . . . . . . . . . . . 5 70 3.2. Semantics of the Urgent Pointer . . . . . . . . . . . . . 6 71 3.3. Allowed length of urgent data . . . . . . . . . . . . . . 6 72 3.4. Interaction of middle-boxes with TCP urgent indications . 7 73 4. Updating RFC 793, RFC 1011, and RFC 1122 . . . . . . . . . . . 7 74 5. Advice to new applications employing TCP . . . . . . . . . . . 7 75 6. Advice to applications that make use of the urgent 76 mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . 8 77 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 78 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 79 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8 80 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 81 10.1. Normative References . . . . . . . . . . . . . . . . . . . 9 82 10.2. Informative References . . . . . . . . . . . . . . . . . . 9 83 Appendix A. Survey of the processing of TCP urgent 84 indications by some popular TCP implementations . . . 10 85 A.1. FreeBSD . . . . . . . . . . . . . . . . . . . . . . . . . 10 86 A.2. Linux . . . . . . . . . . . . . . . . . . . . . . . . . . 10 87 A.3. NetBSD . . . . . . . . . . . . . . . . . . . . . . . . . . 10 88 A.4. OpenBSD . . . . . . . . . . . . . . . . . . . . . . . . . 11 89 A.5. Cisco IOS software . . . . . . . . . . . . . . . . . . . . 11 90 A.6. Microsoft Windows 2000, Service Pack 4 . . . . . . . . . . 11 91 A.7. Microsoft Windows 2008 . . . . . . . . . . . . . . . . . . 11 92 A.8. Microsoft Windows 95 . . . . . . . . . . . . . . . . . . . 12 93 Appendix B. Changes from previous versions of the draft (to 94 be removed by the RFC Editor before publishing 95 this document as an RFC) . . . . . . . . . . . . . . 12 96 B.1. Changes from draft-ietf-tcpm-urgent-data-04 . . . . . . . 12 97 B.2. Changes from draft-ietf-tcpm-urgent-data-03 . . . . . . . 12 98 B.3. Changes from draft-ietf-tcpm-urgent-data-02 . . . . . . . 12 99 B.4. Changes from draft-ietf-tcpm-urgent-data-01 . . . . . . . 12 100 B.5. Changes from draft-ietf-tcpm-urgent-data-00 . . . . . . . 12 101 B.6. Changes from draft-gont-tcpm-urgent-data-01 . . . . . . . 13 102 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13 104 1. Introduction 106 This document analyzes how some current TCP implementations process 107 TCP urgent indications, and how the behavior of some widely-deployed 108 middle-boxes affect the processing of urgent indications by hosts. 109 This document updates RFC 793 [RFC0793], RFC 1011 [RFC1011], and RFC 110 1122 [RFC1122] such that they accommodate current practice in 111 processing TCP urgent indications, provides advice to applications 112 using the urgent mechanism, and raises awareness about the 113 reliability of TCP urgent indications in the current Internet. 115 Section 2 describes what the current IETF specifications state with 116 respect to TCP urgent indications. Section 3 describes how some 117 current TCP implementations actually process TCP urgent indications. 118 Section 4 updates RFC 793 [RFC0793], RFC 1011 [RFC1011], and RFC 1122 119 [RFC1122], such that they accommodate current practice in processing 120 TCP urgent indications. Section 5 provides advice to to new 121 applications employing TCP, with respect to the TCP urgent mechanism. 122 Section 6 provides advice to existing applications that use or rely 123 on the TCP urgent mechanism. 125 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 126 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 127 document are to be interpreted as described in RFC 2119 [RFC2119]. 129 2. Specification of the TCP urgent mechanism 131 2.1. Semantics of urgent indications 133 TCP incorporates an "urgent mechanism" that allows the sending user 134 to stimulate the receiving user to accept some "urgent data" and to 135 permit the receiving TCP to indicate to the receiving user when all 136 the currently known urgent data have been received by the user. 138 The TCP urgent mechanism permits a point in the data stream to be 139 designated as the end of urgent information. Whenever this point is 140 in advance of the receive sequence number (RCV.NXT) at the receiving 141 TCP, that TCP must tell the user to go into "urgent mode"; when the 142 receive sequence number catches up to the urgent pointer, the TCP 143 must tell user to go into "normal mode" [RFC0793]. This means, for 144 example, that data that was received as "normal data" might become 145 "urgent data" if an urgent indication is received in some successive 146 TCP segment before that data is consumed by the TCP user. 148 The URG control flag indicates that the "Urgent Pointer" field is 149 meaningful and must be added to the segment sequence number to yield 150 the urgent pointer. The absence of this flag indicates that there is 151 no urgent data outstanding [RFC0793]. 153 The TCP urgent mechanism is NOT a mechanism for sending "out-of-band" 154 data: the so-called "urgent data" should be delivered "in-line" to 155 the TCP user. 157 2.2. Semantics of the Urgent Pointer 159 There is some ambiguity in RFC 793 [RFC0793] with respect to the 160 semantics of the Urgent Pointer. Section 3.1 (page 17) of RFC 793 161 [RFC0793] states that the Urgent Pointer "communicates the current 162 value of the urgent pointer as a positive offset from the sequence 163 number in this segment. The urgent pointer points to the sequence 164 number of the octet following the urgent data. This field is only be 165 interpreted in segments with the URG control bit set". However, 166 Section 3.9 (page 56) of RFC 793 [RFC0793] states, when describing 167 the processing of the SEND call in the ESTABLISHED and CLOSE-WAIT 168 states, that "If the urgent flag is set, then SND.UP <- SND.NXT-1 and 169 set the urgent pointer in the outgoing segments". 171 RFC 1011 [RFC1011] clarified this ambiguity in RFC 793 stating that 172 "Page 17 is wrong. The urgent pointer points to the last octet of 173 urgent data (not to the first octet of non-urgent data)". RFC 1122 174 [RFC1122] formally updated RFC 793 by stating, in Section 4.2.2.4 175 (page 84), that "the urgent pointer points to the sequence number of 176 the LAST octet (not LAST+1) in a sequence of urgent data." 178 2.3. Allowed length of urgent data 180 RFC 793 [RFC0793] allows TCP peers to send urgent data of any length, 181 as the TCP urgent mechanism simply provides a pointer to an 182 interesting point in the data stream. In this respect, Section 183 4.2.2.4 (page 84) of RFC 1122 explicitly states that "A TCP MUST 184 support a sequence of urgent data of any length". 186 3. Current implementation practice of TCP urgent data 188 3.1. Semantics of urgent indications 190 As discussed in Section 1, the TCP urgent mechanism simply permits a 191 point in the data stream to be designated as the end of urgent 192 information, but does NOT provide a mechanism for sending out of band 193 data. 195 Unfortunately, virtually all TCP implementations process TCP urgent 196 data differently. By default, the last byte of "urgent data" is 197 delivered "out of band" to the application. That is, it is not 198 delivered as part of the normal data stream. For example, the "out 199 of band" byte is read by an application when a recv(2) system call 200 with the MSG_OOB flag set is issued. 202 Most implementations provide a socket option (SO_OOBINLINE) that 203 allows an application to override the (broken) default processing of 204 urgent data, so that it is delivered "in band" to the application, 205 thus providing the semantics intended by the IETF specifications. 207 3.2. Semantics of the Urgent Pointer 209 All the popular implementations that the authors of this document 210 have been able to test interpret the semantics of the TCP Urgent 211 Pointer as specified in Section 3.1 of RFC 793. This means that even 212 when RFC 1122 officially updated RFC 793 to clarify the ambiguity in 213 the semantics of the Urgent Pointer, this clarification was never 214 reflected into actual implementations (i.e., virtually all 215 implementations default to the semantics of the urgent pointer 216 specified in Section 3.1 of RFC 793). 218 Some operating systems provide a system-wide toggle to override this 219 behavior, and interpret the semantics of the Urgent Pointer as 220 clarified in RFC 1122. However, this system-wide toggle has been 221 found to be inconsistent. For example, Linux provides the sysctl 222 "tcp_stdurg" (i.e., net.ivp4.tcp_stdurg) that, when set, supposedly 223 changes the system behavior to interpret the semantics of the TCP 224 Urgent Pointer as specified in RFC 1122. However, this sysctl 225 changes the semantics of the Urgent Pointer only for incoming 226 segments, but not for outgoing segments. This means that if this 227 sysctl is set, an application might be unable to interoperate with 228 itself if both the TCP sender and the TCP receiver are running on the 229 same host. 231 3.3. Allowed length of urgent data 233 While Section 4.2.2.4 (page 84) of RFC 1122 explicitly states that "A 234 TCP MUST support a sequence of urgent data of any length", in 235 practice all those implementations that interpret TCP urgent 236 indications as a mechanism for sending out-of-band data keep a buffer 237 of a single byte for storing the "last byte of urgent data". Thus, 238 if successive indications of urgent data are received before the 239 application reads the pending "out of band" byte, that pending byte 240 will be discarded (i.e., overwritten by the new byte of urgent data). 242 In order to avoid urgent data from being discarded, some 243 implementations queue each of the received "urgent bytes", so that 244 even if another urgent indication is received before the pending 245 urgent data are consumed by the application, those bytes do not need 246 to be discarded. Some of these implementations have been known to 247 fail to enforce any limits on the amount of urgent data that they 248 queue, thus resulting vulnerable to trivial resource exhaustion 249 attacks [CPNI-TCP]. 251 It should be reinforced that the aforementioned implementations are 252 broken. The TCP urgent mechanism is not a mechanism for delivering 253 out-of-band data. 255 3.4. Interaction of middle-boxes with TCP urgent indications 257 As a result of the publication of Network Intrusion Detection (NIDs) 258 evasion techniques based on TCP urgent indications [phrack], some 259 middle-boxes clear the urgent indications by clearing the URG flag 260 and setting the Urgent Pointer to zero. This causes the "urgent 261 data" to become "in line" (that is, accessible by the read(2) call or 262 the recv(2) call without the MSG_OOB flag) in the case of those TCP 263 implementations that implement the urgent mechanism as out-of-band 264 data (as described in Section 3.1). An example of such a middle-box 265 is the Cisco PIX firewall [Cisco-PIX]. This should discourage 266 applications from depending on urgent indications for their correct 267 operation, as urgent indications may not be not reliable in the 268 current Internet. 270 4. Updating RFC 793, RFC 1011, and RFC 1122 272 Considering that as long as both the TCP sender and the TCP receiver 273 implement the same semantics for the Urgent Pointer there is no 274 functional difference in having the Urgent Pointer point to "the 275 sequence number of the octet following the urgent data" vs. "the last 276 octet of urgent data", and since all known implementations interpret 277 the semantics of the Urgent Pointer as pointing to "the sequence 278 number of the octet following the urgent data", we hereby update RFC 279 793 [RFC0793], RFC 1011 [RFC1011], and RFC 1122 [RFC1122], such that 280 "the urgent pointer points to the sequence number of the octet 281 following the urgent data" (in segments with the URG control bit 282 set), thus accommodating virtually all existing TCP implementations. 284 5. Advice to new applications employing TCP 286 As a result of the issues discussed in Section 3.2 and Section 3.4, 287 new applications SHOULD NOT employ the TCP urgent mechanism. 288 However, TCP implementations MUST still include support for the 289 urgent mechanism such that existing applications can still use it. 291 6. Advice to applications that make use of the urgent mechanism 293 Even though applications SHOULD NOT employ the urgent mechanism, 294 applications that still decide to employ it MUST set the SO_OOBINLINE 295 socket option, such that "urgent data" is delivered inline, as 296 intended by the IETF specifications. 298 7. Security Considerations 300 Given that there are two different interpretations of the semantics 301 of the Urgent Pointer in current implementations (e.g., depending on 302 the value of the tcp_stdurg sysctl), and that middle-boxes (such as 303 packet scrubbers) or the end-systems themselves could cause the 304 urgent data to be processed "in band", there exists ambiguity in how 305 "urgent data" sent by a TCP will be processed by the intended 306 recipient. This might make it difficult for a Network Intrusion 307 Detection System (NIDS) to track the application-layer data 308 transferred to the destination system, and thus lead to false 309 negatives or false positives in the NIDS [CPNI-TCP]. 311 Probably the best way to avoid the security implications of TCP 312 urgent data is to avoid having applications use the TCP urgent 313 mechanism altogether. Packet scrubbers could probably be configured 314 to clear the URG bit, and set the Urgent Pointer to zero. This would 315 basically cause the urgent data to be put "in band". However, this 316 might cause interoperability problems or undesired behavior in the 317 applications running on top of TCP. 319 8. IANA Considerations 321 This document has no actions for IANA. 323 9. Acknowledgements 325 The authors of this document would like to thank (in alphabetical 326 order) David Borman, Wesley Eddy, John Heffner, Alfred Hoenes, Carlos 327 Pignataro, Anantha Ramaiah, Joe Touch, Michael Welzl, Dan Wing, and 328 Alexander Zimmermann for providing valuable feedback on earlier 329 versions of this document. 331 Additionally, Fernando would like to thank David Borman and Joe Touch 332 for a fruitful discussion about TCP urgent mode at IETF 73 333 (Minneapolis). 335 10. References 337 10.1. Normative References 339 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, 340 RFC 793, September 1981. 342 [RFC1011] Reynolds, J. and J. Postel, "Official Internet protocols", 343 RFC 1011, May 1987. 345 [RFC1122] Braden, R., "Requirements for Internet Hosts - 346 Communication Layers", STD 3, RFC 1122, October 1989. 348 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 349 Requirement Levels", BCP 14, RFC 2119, March 1997. 351 10.2. Informative References 353 [CPNI-TCP] 354 Gont, F., "Security Assessment of the Transmission Control 355 Protocol (TCP)", http://www.cpni.gov.uk/Docs/ 356 tn-03-09-security-assessment-TCP.pdf, 2009. 358 [Cisco-PIX] 359 Cisco PIX, "http://www.cisco.com/en/US/docs/security/asa/ 360 asa70/command/reference/tz.html#wp1288756". 362 [FreeBSD] The FreeBSD project, "http://www.freebsd.org". 364 [Linux] The Linux Project, "http://www.kernel.org". 366 [NetBSD] The NetBSD project, "http://www.netbsd.org". 368 [OpenBSD] The OpenBSD project, "http://www.openbsd.org". 370 [UNPv1] Stevens, W., "UNIX Network Programming, Volume 1. 371 Networking APIs: Sockets and XTI", Prentice Hall PTR , 372 1997. 374 [Windows2000] 375 Microsoft Windows 2000, "http://technet.microsoft.com/ 376 en-us/library/bb726981(printer).aspx". 378 [Windows95] 379 Microsoft Windows 95, 380 "ftp://ftp.demon.co.uk/pub/mirrors/win95netfaq/ 381 faq-c.html". 383 [phrack] Ko, Y., Ko, S., and M. Ko, "NIDS Evasion Method named 384 "SeolMa"", Phrack Magazine, Volume 0x0b, Issue 0x39, Phile 385 #0x03 of 0x12 http://www.phrack.org/ 386 issues.html?issue=57&id=3#article, 2001. 388 Appendix A. Survey of the processing of TCP urgent indications by some 389 popular TCP implementations 391 A.1. FreeBSD 393 FreeBSD 8.0 [FreeBSD] interprets the semantics of the urgent pointer 394 as specified in Section 4 of this document. It does not provide any 395 sysctl to override this behavior. 397 FreeBSD provides the SO_OOBINLINE socket option that, when set, 398 causes TCP "urgent data" to remain "in band". That is, it will be 399 accessible by the read(2) call or the recv(2) call without the 400 MSG_OOB flag. 402 FreeBSD supports only one byte of urgent data. That is, only the 403 byte preceding the Urgent Pointer is considered as "urgent data". 405 A.2. Linux 407 Linux 2.6.15-53-386 [Linux] interprets the semantics of the urgent 408 pointer as specified in Section 4 of this document. It provides the 409 net.ipv4.tcp_stdurg sysctl to override this behavior to interpret the 410 Urgent Pointer as specified in RFC 1122 [RFC1122]. However, this 411 sysctl only affects the processing of incoming segments (the Urgent 412 Pointer in outgoing segments will still be set as specified in 413 Section 4 of this document). 415 Linux provides the SO_OOBINLINE socket option that, when set, causes 416 TCP "urgent data" to remain "in band". That is, it will be 417 accessible by the read(2) call or the recv(2) call without the 418 MSG_OOB flag. 420 Linux supports only one byte of urgent data. That is, only the byte 421 preceding the Urgent Pointer is considered as "urgent data". 423 A.3. NetBSD 425 NetBSD 5.0.1 [NetBSD] interprets the semantics of the urgent pointer 426 as specified in Section 4 of this document. It does not provide any 427 sysctl to override this behavior. 429 NetBSD provides the SO_OOBINLINE socket option that, when set, causes 430 TCP "urgent data" to remain "in band". That is, it will be 431 accessible by the read(2) call or the recv(2) call without the 432 MSG_OOB flag. 434 NetBSD supports only one byte of urgent data. That is, only the byte 435 preceding the Urgent Pointer is considered as "urgent data". 437 A.4. OpenBSD 439 OpenBSD 4.2 [OpenBSD] interprets the semantics of the urgent pointer 440 as specified in Section 4 of this document. It does not provide any 441 sysctl to override this behavior. 443 OpenBSD provides the SO_OOBINLINE socket option that, when set, 444 causes TCP urgent data to remain "in band". That is, it will be 445 accessible by the read(2) or recv(2) calls without the MSG_OOB flag. 447 OpenBSD supports only one byte of urgent data. That is, only the 448 byte preceding the Urgent Pointer is considered as "urgent data". 450 A.5. Cisco IOS software 452 Cisco IOS Software Releases 12.2(18)SXF7, 12.4(15)T7 interpret the 453 semantics of the urgent pointer as specified in Section 4 of this 454 document. 456 The behavior is consistent with having the SO_OOBINLINE socket option 457 turned on, i.e. the data is processed "in band". 459 A.6. Microsoft Windows 2000, Service Pack 4 461 Microsoft Windows 2000 [Windows2000] interprets the semantics of the 462 urgent pointer as specified in Section 4 of this document. It 463 provides the TcpUseRFC1122UrgentPointer system-wide variable to 464 override this behavior, interpreting the Urgent Pointer as specified 465 in RFC 1122 [RFC1122]. 467 Tests performed with a sample server application compiled using the 468 cygwin environment has shown that the default behavior is to return 469 the urgent data "in band". 471 A.7. Microsoft Windows 2008 473 Microsoft Windows 2008 interprets the semantics of the urgent pointer 474 as specified in Section 4 of this document. 476 A.8. Microsoft Windows 95 478 Microsoft Windows 95 interprets the semantics of the urgent pointer 479 as specified in Section 4 of this document. It provides the 480 BSDUrgent system-wide variable to override this behavior, 481 interpreting the Urgent Pointer as specified in RFC 1122 [RFC1122]. 482 Windows 95 supports only one byte of urgent data. That is, only the 483 byte preceding the Urgent Pointer is considered as "urgent data". 484 [Windows95] 486 Appendix B. Changes from previous versions of the draft (to be removed 487 by the RFC Editor before publishing this document as an 488 RFC) 490 B.1. Changes from draft-ietf-tcpm-urgent-data-04 492 o Fixes grammar errors wrt the term "data" (thanks to David Borman, 493 once again ;-) ) 495 B.2. Changes from draft-ietf-tcpm-urgent-data-03 497 o Addresses feedback sent by David Borman, and nit pointed out by 498 John Heffner. 500 B.3. Changes from draft-ietf-tcpm-urgent-data-02 502 o Addresses WGLC feedback submitted by Michael Welzl, Anantha 503 Ramaiah, and Wesley Eddy. 505 B.4. Changes from draft-ietf-tcpm-urgent-data-01 507 o Fixes reference to Cisco IOS Software (layer 8+ stuff ;-) ). 509 o Cleaned-up Appendix A.5. 511 B.5. Changes from draft-ietf-tcpm-urgent-data-00 513 o Minor editorial changes. 515 o Incorporated the specific changes/advice stated in 516 http://www.ietf.org/mail-archive/web/tcpm/current/msg04548.html in 517 different sections (Section 4, Section 5, Section 6). 519 B.6. Changes from draft-gont-tcpm-urgent-data-01 521 o Draft resubmitted as draft-ietf, as a result of wg consensus on 522 adopting the document as a tcpm wg item. 524 Authors' Addresses 526 Fernando Gont 527 Universidad Tecnologica Nacional / Facultad Regional Haedo 528 Evaristo Carriego 2644 529 Haedo, Provincia de Buenos Aires 1706 530 Argentina 532 Phone: +54 11 4650 8472 533 Email: fernando@gont.com.ar 534 URI: http://www.gont.com.ar 536 Andrew Yourtchenko 537 Cisco 538 De Kleetlaan, 7 539 Diegem B-1831 540 Belgium 542 Phone: +32 2 704 5494 543 Email: ayourtch@cisco.com