RFC 9235

TCP Authentication Option (TCP-AO) Test Vectors, May 2022

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML icon for inline errata
Also available: XML file for editing
J. Touch
J. Kuusisaari
tcpm (wit)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9235

Discuss this RFC: Send questions or comments to the mailing list tcpm@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9235


This document provides test vectors to validate implementations of the two mandatory authentication algorithms specified for the TCP Authentication Option over both IPv4 and IPv6. This includes validation of the key derivation function (KDF) based on a set of test connection parameters as well as validation of the message authentication code (MAC). Vectors are provided for both currently required pairs of KDF and MAC algorithms: KDF_HMAC_SHA1 and HMAC- SHA-1-96, and KDF_AES_128_CMAC and AES-128-CMAC-96. The vectors also validate both whole TCP segments as well as segments whose options are excluded for middlebox traversal.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search