RFC Errata
RFC 9293, "Transmission Control Protocol (TCP)", August 2022
Source of RFC: tcpm (wit)See Also: RFC 9293 w/ inline errata
Errata ID: 8167
Status: Verified
Type: Technical
Publication Format(s) : TEXT, PDF, HTML
Reported By: Christopher Williams
Date Reported: 2024-11-04
Verifier Name: Zaheduzzaman Sarker
Date Verified: 2025-03-19
Section 3.10.7.3 says:
o A potential blind reset attack is described in RFC 5961 [9].
The mitigation described in that document has specific
applicability explained therein, and is not a substitute for
cryptographic protection (e.g., IPsec or TCP-AO). A TCP
implementation that supports the mitigation described in RFC
5961 SHOULD first check that the sequence number exactly
matches RCV.NXT prior to executing the action in the next
paragraph.
It should say:
[ The text is removed - see notes]
Notes:
This entire bullet is removed as RFC 5961 adds no rules to the handling
of RST segments in the SYN-SENT state.
See the discussion here (https://mailarchive.ietf.org/arch/msg/tcpm/Y5feX5f1YA00gCUyb4yP4iNfdXs/)