RFC 9235
TCP Authentication Option (TCP-AO) Test Vectors, May 2022
- File formats:
- Also available: XML file for editing
- Status:
- INFORMATIONAL
- Authors:
- J. Touch
J. Kuusisaari - Stream:
- IETF
- Source:
- tcpm (wit)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9235
Discuss this RFC: Send questions or comments to the mailing list tcpm@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9235
Abstract
This document provides test vectors to validate implementations of the two mandatory authentication algorithms specified for the TCP Authentication Option over both IPv4 and IPv6. This includes validation of the key derivation function (KDF) based on a set of test connection parameters as well as validation of the message authentication code (MAC). Vectors are provided for both currently required pairs of KDF and MAC algorithms: KDF_HMAC_SHA1 and HMAC- SHA-1-96, and KDF_AES_128_CMAC and AES-128-CMAC-96. The vectors also validate both whole TCP segments as well as segments whose options are excluded for middlebox traversal.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.