idnits 2.17.1 draft-ietf-tcpm-urgent-data-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC2606-compliant FQDNs in the document. == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. -- The draft header indicates that this document updates RFC1011, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document updates RFC1122, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document updates RFC793, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC793, updated by this document, for RFC5378 checks: 1981-09-01) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 16, 2010) is 4939 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'UNPv1' is defined on line 392, but no explicit reference was found in the text ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) ** Downref: Normative reference to an Unknown state RFC: RFC 1011 Summary: 2 errors (**), 0 flaws (~~), 4 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TCP Maintenance and Minor F. Gont 3 Extensions (tcpm) UTN/FRH 4 Internet-Draft A. Yourtchenko 5 Updates: 793, 1011, 1122 Cisco 6 (if approved) October 16, 2010 7 Intended status: Standards Track 8 Expires: April 19, 2011 10 On the implementation of the TCP urgent mechanism 11 draft-ietf-tcpm-urgent-data-07.txt 13 Abstract 15 This document analyzes how current TCP implementations process TCP 16 urgent indications, and how the behavior of some widely-deployed 17 middle-boxes affect how urgent indications are processed by end 18 systems. This document updates the relevant specifications such that 19 they accommodate current practice in processing TCP urgent 20 indications, raises awareness about the reliability of TCP urgent 21 indications in the Internet and recommends against the use of the 22 urgent indications (but provides advice to applications in case that 23 they do). 25 Status of this Memo 27 This Internet-Draft is submitted to IETF in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at http://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on April 19, 2011. 42 Copyright Notice 44 Copyright (c) 2010 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (http://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 60 2. Specification of the TCP urgent mechanism . . . . . . . . . . 4 61 2.1. Semantics of urgent indications . . . . . . . . . . . . . 4 62 2.2. Semantics of the Urgent Pointer . . . . . . . . . . . . . 5 63 2.3. Allowed length of urgent data . . . . . . . . . . . . . . 5 64 3. Current implementation practice of TCP urgent data . . . . . . 6 65 3.1. Semantics of urgent indications . . . . . . . . . . . . . 6 66 3.2. Semantics of the Urgent Pointer . . . . . . . . . . . . . 6 67 3.3. Allowed length of urgent data . . . . . . . . . . . . . . 7 68 3.4. Interaction of middle-boxes with TCP urgent indications . 7 69 4. Updating RFC 793, RFC 1011, and RFC 1122 . . . . . . . . . . . 7 70 5. Advice to new applications employing TCP . . . . . . . . . . . 8 71 6. Advice to applications that make use of the urgent 72 mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . 8 73 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 74 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 75 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 9 76 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 77 10.1. Normative References . . . . . . . . . . . . . . . . . . . 9 78 10.2. Informative References . . . . . . . . . . . . . . . . . . 9 79 Appendix A. Survey of the processing of TCP urgent 80 indications by some popular TCP implementations . . . 10 81 A.1. FreeBSD . . . . . . . . . . . . . . . . . . . . . . . . . 10 82 A.2. Linux . . . . . . . . . . . . . . . . . . . . . . . . . . 11 83 A.3. NetBSD . . . . . . . . . . . . . . . . . . . . . . . . . . 11 84 A.4. OpenBSD . . . . . . . . . . . . . . . . . . . . . . . . . 11 85 A.5. Cisco IOS software . . . . . . . . . . . . . . . . . . . . 12 86 A.6. Microsoft Windows 2000, Service Pack 4 . . . . . . . . . . 12 87 A.7. Microsoft Windows 2008 . . . . . . . . . . . . . . . . . . 12 88 A.8. Microsoft Windows 95 . . . . . . . . . . . . . . . . . . . 12 89 Appendix B. Changes from previous versions of the draft (to 90 be removed by the RFC Editor before publishing 91 this document as an RFC) . . . . . . . . . . . . . . 12 92 B.1. Changes from draft-ietf-tcpm-urgent-data-06 . . . . . . . 12 93 B.2. Changes from draft-ietf-tcpm-urgent-data-05 . . . . . . . 13 94 B.3. Changes from draft-ietf-tcpm-urgent-data-04 . . . . . . . 13 95 B.4. Changes from draft-ietf-tcpm-urgent-data-03 . . . . . . . 13 96 B.5. Changes from draft-ietf-tcpm-urgent-data-02 . . . . . . . 13 97 B.6. Changes from draft-ietf-tcpm-urgent-data-01 . . . . . . . 13 98 B.7. Changes from draft-ietf-tcpm-urgent-data-00 . . . . . . . 13 99 B.8. Changes from draft-gont-tcpm-urgent-data-01 . . . . . . . 13 100 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13 102 1. Introduction 104 This document analyzes how some current TCP implementations process 105 TCP urgent indications, and how the behavior of some widely-deployed 106 middle-boxes affect the processing of urgent indications by hosts. 107 This document updates RFC 793 [RFC0793], RFC 1011 [RFC1011], and RFC 108 1122 [RFC1122] such that they accommodate current practice in 109 processing TCP urgent indications, provides advice to applications 110 using the urgent mechanism, and raises awareness about the 111 reliability of TCP urgent indications in the current Internet. 113 Given the above issues and potential interoperability issues with 114 respect to the currently common default mode operation, it is 115 strongly recommended that applications do not employ urgent 116 indications. Nevertheless, urgent indications are still retained as 117 a mandatory part of the TCP protocol to support the few legacy 118 applications that employ them. However, it is expected that even 119 these applications will have difficulties in environments with 120 middle-boxes. 122 Section 2 describes what the current IETF specifications state with 123 respect to TCP urgent indications. Section 3 describes how some 124 current TCP implementations actually process TCP urgent indications. 125 Section 4 updates RFC 793 [RFC0793], RFC 1011 [RFC1011], and RFC 1122 126 [RFC1122], such that they accommodate current practice in processing 127 TCP urgent indications. Section 5 provides advice to to new 128 applications employing TCP, with respect to the TCP urgent mechanism. 129 Section 6 provides advice to existing applications that use or rely 130 on the TCP urgent mechanism. 132 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 133 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 134 document are to be interpreted as described in RFC 2119 [RFC2119]. 136 2. Specification of the TCP urgent mechanism 138 2.1. Semantics of urgent indications 140 TCP incorporates an "urgent mechanism" that allows the sending user 141 to stimulate the receiving user to accept some "urgent data" and to 142 permit the receiving TCP to indicate to the receiving user when all 143 the currently known urgent data have been received by the receiving 144 user. 146 The TCP urgent mechanism permits a point in the data stream to be 147 designated as the end of urgent information. Whenever this point is 148 in advance of the receive sequence number (RCV.NXT) at the receiving 149 TCP, that TCP must tell the user to go into "urgent mode"; when the 150 receive sequence number catches up to the urgent pointer, the TCP 151 must tell user to go into "normal mode" [RFC0793]. This means, for 152 example, that data that was received as "normal data" might become 153 "urgent data" if an urgent indication is received in some successive 154 TCP segment before that data is consumed by the TCP user. 156 The URG control flag indicates that the "Urgent Pointer" field is 157 meaningful and must be added to the segment sequence number to yield 158 the urgent pointer. The absence of this flag indicates that there is 159 no urgent data outstanding [RFC0793]. 161 The TCP urgent mechanism is NOT a mechanism for sending "out-of-band" 162 data: the so-called "urgent data" should be delivered "in-line" to 163 the TCP user. 165 2.2. Semantics of the Urgent Pointer 167 There is some ambiguity in RFC 793 [RFC0793] with respect to the 168 semantics of the Urgent Pointer. Section 3.1 (page 17) of RFC 793 169 [RFC0793] states that the Urgent Pointer "communicates the current 170 value of the urgent pointer as a positive offset from the sequence 171 number in this segment. The urgent pointer points to the sequence 172 number of the octet following the urgent data. This field is only be 173 interpreted in segments with the URG control bit set". However, 174 Section 3.9 (page 56) of RFC 793 [RFC0793] states, when describing 175 the processing of the SEND call in the ESTABLISHED and CLOSE-WAIT 176 states, that "If the urgent flag is set, then SND.UP <- SND.NXT-1 and 177 set the urgent pointer in the outgoing segments". 179 RFC 1011 [RFC1011] clarified this ambiguity in RFC 793 stating that 180 "Page 17 is wrong. The urgent pointer points to the last octet of 181 urgent data (not to the first octet of non-urgent data)". RFC 1122 182 [RFC1122] formally updated RFC 793 by stating, in Section 4.2.2.4 183 (page 84), that "the urgent pointer points to the sequence number of 184 the LAST octet (not LAST+1) in a sequence of urgent data." 186 2.3. Allowed length of urgent data 188 RFC 793 [RFC0793] allows TCP peers to send urgent data of any length, 189 as the TCP urgent mechanism simply provides a pointer to an 190 interesting point in the data stream. In this respect, Section 191 4.2.2.4 (page 84) of RFC 1122 explicitly states that "A TCP MUST 192 support a sequence of urgent data of any length". 194 3. Current implementation practice of TCP urgent data 196 3.1. Semantics of urgent indications 198 As discussed in Section 1, the TCP urgent mechanism simply permits a 199 point in the data stream to be designated as the end of urgent 200 information, but does NOT provide a mechanism for sending out of band 201 data. 203 Unfortunately, virtually all TCP implementations process TCP urgent 204 data differently. By default, the last byte of "urgent data" is 205 delivered "out of band" to the application. That is, it is not 206 delivered as part of the normal data stream. For example, the "out 207 of band" byte is read by an application when a recv(2) system call 208 with the MSG_OOB flag set is issued. 210 Most implementations provide a socket option (SO_OOBINLINE) that 211 allows an application to override the (broken) default processing of 212 urgent data, so that it is delivered "in band" to the application, 213 thus providing the semantics intended by the IETF specifications. 215 3.2. Semantics of the Urgent Pointer 217 All the popular implementations that the authors of this document 218 have been able to test interpret the semantics of the TCP Urgent 219 Pointer as specified in Section 3.1 of RFC 793. This means that even 220 when RFC 1122 officially updated RFC 793 to clarify the ambiguity in 221 the semantics of the Urgent Pointer, this clarification was never 222 reflected into actual implementations (i.e., virtually all 223 implementations default to the semantics of the urgent pointer 224 specified in Section 3.1 of RFC 793). 226 Some operating systems provide a system-wide toggle to override this 227 behavior, and interpret the semantics of the Urgent Pointer as 228 clarified in RFC 1122. However, this system-wide toggle has been 229 found to be inconsistent. For example, Linux provides the sysctl 230 "tcp_stdurg" (i.e., net.ipv4.tcp_stdurg) that, when set, supposedly 231 changes the system behavior to interpret the semantics of the TCP 232 Urgent Pointer as specified in RFC 1122. However, this sysctl 233 changes the semantics of the Urgent Pointer only for incoming 234 segments, but not for outgoing segments. This means that if this 235 sysctl is set, an application might be unable to interoperate with 236 itself if both the TCP sender and the TCP receiver are running on the 237 same host. 239 3.3. Allowed length of urgent data 241 While Section 4.2.2.4 (page 84) of RFC 1122 explicitly states that "A 242 TCP MUST support a sequence of urgent data of any length", in 243 practice all those implementations that interpret TCP urgent 244 indications as a mechanism for sending out-of-band data keep a buffer 245 of a single byte for storing the "last byte of urgent data". Thus, 246 if successive indications of urgent data are received before the 247 application reads the pending "out of band" byte, that pending byte 248 will be discarded (i.e., overwritten by the new byte of urgent data). 250 In order to avoid urgent data from being discarded, some 251 implementations queue each of the received "urgent bytes", so that 252 even if another urgent indication is received before the pending 253 urgent data are consumed by the application, those bytes do not need 254 to be discarded. Some of these implementations have been known to 255 fail to enforce any limits on the amount of urgent data that they 256 queue, thus resulting vulnerable to trivial resource exhaustion 257 attacks [CPNI-TCP]. 259 It should be reinforced that the aforementioned implementations are 260 broken. The TCP urgent mechanism is not a mechanism for delivering 261 out-of-band data. 263 3.4. Interaction of middle-boxes with TCP urgent indications 265 As a result of the publication of Network Intrusion Detection (NIDs) 266 evasion techniques based on TCP urgent indications [phrack], some 267 middle-boxes clear the urgent indications by clearing the URG flag 268 and setting the Urgent Pointer to zero. This causes the "urgent 269 data" to become "in line" (that is, accessible by the read(2) call or 270 the recv(2) call without the MSG_OOB flag) in the case of those TCP 271 implementations that implement the urgent mechanism as out-of-band 272 data (as described in Section 3.1). An example of such a middle-box 273 is the Cisco PIX firewall [Cisco-PIX]. This should discourage 274 applications from depending on urgent indications for their correct 275 operation, as urgent indications may not be reliable in the current 276 Internet. 278 4. Updating RFC 793, RFC 1011, and RFC 1122 280 Considering that as long as both the TCP sender and the TCP receiver 281 implement the same semantics for the Urgent Pointer there is no 282 functional difference in having the Urgent Pointer point to "the 283 sequence number of the octet following the urgent data" vs. "the last 284 octet of urgent data", and since all known implementations interpret 285 the semantics of the Urgent Pointer as pointing to "the sequence 286 number of the octet following the urgent data", we hereby update RFC 287 793 [RFC0793], RFC 1011 [RFC1011], and RFC 1122 [RFC1122], such that 288 "the urgent pointer points to the sequence number of the octet 289 following the urgent data" (in segments with the URG control bit 290 set), thus accommodating virtually all existing TCP implementations. 292 5. Advice to new applications employing TCP 294 As a result of the issues discussed in Section 3.2 and Section 3.4, 295 new applications SHOULD NOT employ the TCP urgent mechanism. 296 However, TCP implementations MUST still include support for the 297 urgent mechanism such that existing applications can still use it. 299 6. Advice to applications that make use of the urgent mechanism 301 Even though applications SHOULD NOT employ the urgent mechanism, 302 applications that still decide to employ it MUST set the SO_OOBINLINE 303 socket option, such that "urgent data" is delivered inline, as 304 intended by the IETF specifications. 306 Additionally, applications that still decide to use the urgent 307 mechanism need to be designed for correct operation even when the URG 308 flag is cleared by middleboxes. 310 7. Security Considerations 312 Multiple factors can affect the data flow that is actually delivered 313 to an application when the TCP urgent mechanism is employed; namely, 314 the two possible interpretations of the semantics of the Urgent 315 Pointer in current implementations (e.g., depending on the value of 316 the tcp_stdurg sysctl), the possible implementation of the urgent 317 mechanism as an Out-Of-Band (OOB) facility (vs. in-band as intenteded 318 by the IETF specifications), and middle-boxes (such as packet 319 scrubbers) or the end-systems themselves that could cause the "urgent 320 data" to be processed "in band". This might make it difficult for a 321 Network Intrusion Detection System (NIDS) to track the application- 322 layer data transferred to the destination system, and thus lead to 323 false negatives or false positives in the NIDS [CPNI-TCP] [phrack]. 325 Probably the best way to avoid the security implications of TCP 326 urgent data is to avoid having applications use the TCP urgent 327 mechanism altogether. Packet scrubbers could probably be configured 328 to clear the URG bit, and set the Urgent Pointer to zero. This would 329 basically cause the urgent data to be put "in band". However, this 330 might cause interoperability problems or undesired behavior in those 331 applications that rely on the TCP urgent mechanism, such as Telner 332 [RFC0854] and FTP [RFC0959]. 334 8. IANA Considerations 336 This document has no actions for IANA. 338 9. Acknowledgements 340 The authors of this document would like to thank (in alphabetical 341 order) Jari Arkko, Ron Bonica, David Borman, Dave Cridland, Ralph 342 Droms, Wesley Eddy, John Heffner, Alfred Hoenes, Alexey Melnikov, 343 Keith Moore, Carlos Pignataro, Tim Polk, Anantha Ramaiah, Joe Touch, 344 Michael Welzl, Dan Wing, and Alexander Zimmermann for providing 345 valuable feedback on earlier versions of this document. 347 Additionally, Fernando would like to thank David Borman and Joe Touch 348 for a fruitful discussion about TCP urgent mode at IETF 73 349 (Minneapolis). 351 10. References 353 10.1. Normative References 355 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, 356 RFC 793, September 1981. 358 [RFC1011] Reynolds, J. and J. Postel, "Official Internet protocols", 359 RFC 1011, May 1987. 361 [RFC1122] Braden, R., "Requirements for Internet Hosts - 362 Communication Layers", STD 3, RFC 1122, October 1989. 364 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 365 Requirement Levels", BCP 14, RFC 2119, March 1997. 367 10.2. Informative References 369 [CPNI-TCP] 370 Gont, F., "Security Assessment of the Transmission Control 371 Protocol (TCP)", http://www.cpni.gov.uk/Docs/ 372 tn-03-09-security-assessment-TCP.pdf, 2009. 374 [Cisco-PIX] 375 Cisco PIX, "http://www.cisco.com/en/US/docs/security/asa/ 376 asa70/command/reference/tz.html#wp1288756". 378 [FreeBSD] The FreeBSD project, "http://www.freebsd.org". 380 [Linux] The Linux Project, "http://www.kernel.org". 382 [NetBSD] The NetBSD project, "http://www.netbsd.org". 384 [OpenBSD] The OpenBSD project, "http://www.openbsd.org". 386 [RFC0854] Postel, J. and J. Reynolds, "Telnet Protocol 387 Specification", STD 8, RFC 854, May 1983. 389 [RFC0959] Postel, J. and J. Reynolds, "File Transfer Protocol", 390 STD 9, RFC 959, October 1985. 392 [UNPv1] Stevens, W., "UNIX Network Programming, Volume 1. 393 Networking APIs: Sockets and XTI", Prentice Hall PTR , 394 1997. 396 [Windows2000] 397 Microsoft Windows 2000, "http://technet.microsoft.com/ 398 en-us/library/bb726981(printer).aspx". 400 [Windows95] 401 Microsoft Windows 95, 402 "ftp://ftp.demon.co.uk/pub/mirrors/win95netfaq/ 403 faq-c.html". 405 [phrack] Ko, Y., Ko, S., and M. Ko, "NIDS Evasion Method named 406 "SeolMa"", Phrack Magazine, Volume 0x0b, Issue 0x39, Phile 407 #0x03 of 0x12 http://www.phrack.org/ 408 issues.html?issue=57&id=3#article, 2001. 410 Appendix A. Survey of the processing of TCP urgent indications by some 411 popular TCP implementations 413 A.1. FreeBSD 415 FreeBSD 8.0 [FreeBSD] interprets the semantics of the urgent pointer 416 as specified in Section 4 of this document. It does not provide any 417 sysctl to override this behavior. 419 FreeBSD provides the SO_OOBINLINE socket option that, when set, 420 causes TCP "urgent data" to remain "in band". That is, it will be 421 accessible by the read(2) call or the recv(2) call without the 422 MSG_OOB flag. 424 FreeBSD supports only one byte of urgent data. That is, only the 425 byte preceding the Urgent Pointer is considered as "urgent data". 427 A.2. Linux 429 Linux 2.6.15-53-386 [Linux] interprets the semantics of the urgent 430 pointer as specified in Section 4 of this document. It provides the 431 net.ipv4.tcp_stdurg sysctl to override this behavior to interpret the 432 Urgent Pointer as specified in RFC 1122 [RFC1122]. However, this 433 sysctl only affects the processing of incoming segments (the Urgent 434 Pointer in outgoing segments will still be set as specified in 435 Section 4 of this document). 437 Linux provides the SO_OOBINLINE socket option that, when set, causes 438 TCP "urgent data" to remain "in band". That is, it will be 439 accessible by the read(2) call or the recv(2) call without the 440 MSG_OOB flag. 442 Linux supports only one byte of urgent data. That is, only the byte 443 preceding the Urgent Pointer is considered as "urgent data". 445 A.3. NetBSD 447 NetBSD 5.0.1 [NetBSD] interprets the semantics of the urgent pointer 448 as specified in Section 4 of this document. It does not provide any 449 sysctl to override this behavior. 451 NetBSD provides the SO_OOBINLINE socket option that, when set, causes 452 TCP "urgent data" to remain "in band". That is, it will be 453 accessible by the read(2) call or the recv(2) call without the 454 MSG_OOB flag. 456 NetBSD supports only one byte of urgent data. That is, only the byte 457 preceding the Urgent Pointer is considered as "urgent data". 459 A.4. OpenBSD 461 OpenBSD 4.2 [OpenBSD] interprets the semantics of the urgent pointer 462 as specified in Section 4 of this document. It does not provide any 463 sysctl to override this behavior. 465 OpenBSD provides the SO_OOBINLINE socket option that, when set, 466 causes TCP urgent data to remain "in band". That is, it will be 467 accessible by the read(2) or recv(2) calls without the MSG_OOB flag. 469 OpenBSD supports only one byte of urgent data. That is, only the 470 byte preceding the Urgent Pointer is considered as "urgent data". 472 A.5. Cisco IOS software 474 Cisco IOS Software Releases 12.2(18)SXF7, 12.4(15)T7 interpret the 475 semantics of the urgent pointer as specified in Section 4 of this 476 document. 478 The behavior is consistent with having the SO_OOBINLINE socket option 479 turned on, i.e. the data is processed "in band". 481 A.6. Microsoft Windows 2000, Service Pack 4 483 Microsoft Windows 2000 [Windows2000] interprets the semantics of the 484 urgent pointer as specified in Section 4 of this document. It 485 provides the TcpUseRFC1122UrgentPointer system-wide variable to 486 override this behavior, interpreting the Urgent Pointer as specified 487 in RFC 1122 [RFC1122]. 489 Tests performed with a sample server application compiled using the 490 cygwin environment has shown that the default behavior is to return 491 the urgent data "in band". 493 A.7. Microsoft Windows 2008 495 Microsoft Windows 2008 interprets the semantics of the urgent pointer 496 as specified in Section 4 of this document. 498 A.8. Microsoft Windows 95 500 Microsoft Windows 95 interprets the semantics of the urgent pointer 501 as specified in Section 4 of this document. It provides the 502 BSDUrgent system-wide variable to override this behavior, 503 interpreting the Urgent Pointer as specified in RFC 1122 [RFC1122]. 504 Windows 95 supports only one byte of urgent data. That is, only the 505 byte preceding the Urgent Pointer is considered as "urgent data". 506 [Windows95] 508 Appendix B. Changes from previous versions of the draft (to be removed 509 by the RFC Editor before publishing this document as an 510 RFC) 512 B.1. Changes from draft-ietf-tcpm-urgent-data-06 514 o Addresses Jari Arkko's and Tim Polk's DISCUSSes, and various 515 COMMENTs by members of the IESG. 517 o Addresses IETF LC comments. 519 B.2. Changes from draft-ietf-tcpm-urgent-data-05 521 o Draft resubmitted (with no changes) because it was close to the 522 expiration day. 524 B.3. Changes from draft-ietf-tcpm-urgent-data-04 526 o Fixes grammar errors wrt the term "data" (thanks to David Borman, 527 once again ;-) ) 529 B.4. Changes from draft-ietf-tcpm-urgent-data-03 531 o Addresses feedback sent by David Borman, and nit pointed out by 532 John Heffner. 534 B.5. Changes from draft-ietf-tcpm-urgent-data-02 536 o Addresses WGLC feedback submitted by Michael Welzl, Anantha 537 Ramaiah, and Wesley Eddy. 539 B.6. Changes from draft-ietf-tcpm-urgent-data-01 541 o Fixes reference to Cisco IOS Software (layer 8+ stuff ;-) ). 543 o Cleaned-up Appendix A.5. 545 B.7. Changes from draft-ietf-tcpm-urgent-data-00 547 o Minor editorial changes. 549 o Incorporated the specific changes/advice stated in 550 http://www.ietf.org/mail-archive/web/tcpm/current/msg04548.html in 551 different sections (Section 4, Section 5, Section 6). 553 B.8. Changes from draft-gont-tcpm-urgent-data-01 555 o Draft resubmitted as draft-ietf, as a result of wg consensus on 556 adopting the document as a tcpm wg item. 558 Authors' Addresses 560 Fernando Gont 561 Universidad Tecnologica Nacional / Facultad Regional Haedo 562 Evaristo Carriego 2644 563 Haedo, Provincia de Buenos Aires 1706 564 Argentina 566 Phone: +54 11 4650 8472 567 Email: fernando@gont.com.ar 568 URI: http://www.gont.com.ar 570 Andrew Yourtchenko 571 Cisco 572 De Kleetlaan, 7 573 Diegem B-1831 574 Belgium 576 Phone: +32 2 704 5494 577 Email: ayourtch@cisco.com