database logo graphic

RFC 6978

"A TCP Authentication Option Extension for NAT Traversal", July 2013

Canonical URL:
This document is also available in this non-normative format: PDF.
J. Touch

Cite this RFC: TXT  |  XML

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


This document describes an extension to the TCP Authentication Option (TCP-AO) to support its use over connections that pass through Network Address Translators and/or Network Address and Port Translators (NATs/NAPTs). This extension changes the data used to compute traffic keys, but it does not alter TCP-AO's packet processing or key generation algorithms.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.

Go to the RFC Editor Homepage.