Markdown Version | Transcript | Session Recording | Session Materials
Session Date/Time: 16 Mar 2026 03:30
TCPM
IETF 125 Session Minutes
Summary
The TCPM working group met to discuss the status of active drafts and several new proposals. Key updates included the publication of RFC 9937 (formerly RFC 6937 bis) and the progress of Accurate ECN toward completion. The session featured a deep dive into the socket API for TCP ACK Rate Request (TARR), a revamped proposal for TCP Reset diagnostics, a new provenance identifier option for data center observability, and a discussion on extending TCP-AO for Post-Quantum Cryptography (PQC).
Key Discussion Points
Working Group Status Update
- RFC 9937 (formerly draft-ietf-tcpm-rfc6937bis) has been published.
- Accurate ECN: Currently in AUTH48; final minor updates are being processed.
- EDO: Discussion continues regarding the extension of TCP option space.
- draft-ietf-tcpm-tcp-ghost-acks: The chairs are awaiting a new version from authors before considering a Working Group Last Call (WGLC).
- draft-ietf-tcpm-ack-rate-request: Nearing completion; focus has shifted to the socket API.
TCP ACK Rate Request (TARR)
Presenter: Carles Gomez
- Content: Introduced Section 7 covering Socket API considerations. New options include
TCP_ACK_RATE_REQUEST_ENABLE,TCP_ACK_RATE_REQUEST_PROCESS, andTCP_ACK_RATE_REQUEST_SET. - Implementation: A prototype exists for FreeBSD (led by Michael Tuxen), and initial work has begun for Linux.
- Discussion:
- Yoshiro Yoneya (Yoshi) questioned the behavior of
setsockoptif negotiation fails. Michael Tuxen clarified that it should returnEINVALbut allow the socket to remain functional. - Stuart Cheshire and Michael Tuxen emphasized the need for Linux-side feedback on the API before finalizing the draft.
- Yoshiro Yoneya (Yoshi) questioned the behavior of
IETF 125 draft-boucadair-tcpm-rst-diagnostic-payload
Presenter: Jason Xing
- Content: The draft has been moved to "Experimental" status. CBOR has been replaced by a more compact plain-text format. It includes a 1-byte magic number, a Reason Code, and an optional Private Enterprise Number (PEN).
- Discussion:
- Free-form Text: Jeff Haas, Lars Eggert, and Michael Tuxen strongly advised removing the free-form UTF-8 description field due to security risks (e.g., UTF-8 encoding vulnerabilities), complexity, and MTU/option space concerns.
- Consensus: There was general agreement among commenters that the compact format (PEN + Reason Code) is sufficient. Jason Xing agreed to consider removing the free-form description.
TCP Provenance Identifier Option
Presenter: Bowen Liang
- Content: Proposed an 8-byte Provenance ID (Host IP + PID) to maintain observability in complex data center networks where NATs or L7 proxies obscure original source identities.
- Discussion:
- Lars Eggert questioned the need for an IETF standard for an intra-data-center solution, suggesting that if the operator controls all middleboxes, they can configure them without a standard.
- Magnus Westerlund raised concerns about the 12-byte consumption of TCP option space and potential privacy leaks if these packets egress to the open internet.
- Mirja Kuehlewind suggested reviewing QUIC Connection ID migration for privacy-preserving identification techniques.
tcp-ao
Presenter: Tony Li
- Content: Discussed the need to update TCP-AO to support Post-Quantum Cryptography (PQC), specifically for BGP security. The proposal handles both truncated and untruncated tags.
- Discussion:
- Truncation: Magnus Westerlund noted that symmetric algorithms (like those used in AO) are generally resilient to quantum attacks, questioning the requirement for very long (untruncated) tags that exceed the 40-byte TCP option limit.
- Requirements: Tony Li noted that certain "mission-critical" customers insist on untruncated tags despite the technical overhead.
- Next Steps: Allison Mankin supported the move toward modernizing algorithms. Yoshiro Yoneya suggested potentially splitting the draft into truncated and non-truncated versions to simplify the path forward.
Decisions and Action Items
- draft-ietf-tcpm-ack-rate-request: Authors to refine Section 7 (API) to clarify error handling (e.g.,
EINVAL) and solicit feedback from Linux kernel developers. - draft-boucadair-tcpm-rst-diagnostic-payload: Authors to remove the free-form UTF-8 description field in the next revision based on technical feedback regarding security and complexity.
Next Steps
- Ghost ACKs: Awaiting version -04 of draft-ietf-tcpm-tcp-ghost-acks for chair review.
- TARR: Finalize API alignment across FreeBSD and Linux before moving to WGLC.
- TCP-AO: Continue discussion on the mailing list regarding the necessity of untruncated tags and the mechanism for extending option space if required.
Related Documents
draft-boucadair-tcpm-rst-diagnostic-payload, draft-boucadair-tcpm-rst-diagnostic-payload-00, draft-ietf-ietf-tcpm-ack-rate-request, draft-ietf-ietf-tcpm-tcp-ghost-acks, draft-ietf-tcpm-ack-rate-request, draft-ietf-tcpm-rfc6937bis, draft-ietf-tcpm-tcp-ghost-acks