TCP Authentication Option Test Vectors
RFC 9235, “TCP Authentication Option Test Vectors”, is an Informational document published in May 2022 by J. Touch, J. Kuusisaari. The canonical text is published by the RFC Editor.
Abstract
This document provides test vectors to validate implementations of the two mandatory authentication algorithms specified for the TCP Authentication Option over both IPv4 and IPv6. This includes validation of the key derivation function (KDF) based on a set of test connection parameters as well as validation of the message authentication code (MAC). Vectors are provided for both currently required pairs of KDF and MAC algorithms: KDF_HMAC_SHA1 and HMAC- SHA-1-96, and KDF_AES_128_CMAC and AES-128-CMAC-96. The vectors also validate both whole TCP segments as well as segments whose options are excluded for middlebox traversal.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 9235 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9234 Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages
- RFC 9236 Architectural Considerations of Information-Centric Networking Using a Name Resolution Service
- RFC 9233 Internationalized Domain Names for Applications 2008 and Unicode 12.0.0
- RFC 9237 An Authorization Information Format for Authentication and Authorization for Constrained Environments
- RFC 9232 Network Telemetry Framework
- RFC 9238 Loading Manufacturer Usage Description URLs from QR Codes
- RFC 9231 Additional XML Security Uniform Resource Identifiers
- RFC 9239 Updates to ECMAScript Media Types