An Experimental TCP Option for Host Identification (RFC7974)
Original Publication Date: 2016-Oct-01
Included in the Prior Art Database: 2016-Oct-20
Internet Society Requests For Comment (RFCs)
B. Williams: AUTHOR [+2]
A broad range of issues associated with address sharing have been documented in [RFC6269] and [RFC7620]. In addition, [RFC6967] provides an analysis of various solutions to the problem of revealing the sending host's identifier (HOST_ID) information to the receiver, indicating that a solution using a TCP [RFC793] option for this purpose is among the possible approaches that could be applied with limited performance impact and a high success ratio. The purpose of this memo is to describe a TCP HOST_ID option that is currently deployed on the public Internet using the TCP experimental option codepoint, including discussion of related design, deployment, and privacy considerations.
Independent Submission B. Williams Request for Comments: 7974 Akamai, Inc. Category: Informational M. Boucadair ISSN: 2070-1721 Orange D. Wing October 2016
An Experimental TCP Option for Host Identification
Recent RFCs have discussed issues with host identification in IP address-sharing systems, such as address/prefix-sharing devices and application-layer proxies. Potential solutions for revealing a host identifier in shared address deployments have also been discussed. This memo describes the design, deployment, and privacy considerations for one such solution in operational use on the Internet today that uses a TCP option to transmit a host identifier.
Independent Submissions Editor Note
This Informational document specifies an experimental TCP HOST_ID option that is already fairly widely deployed. It discusses that option's privacy considerations in considerable detail and highlights the care providers need to exercise in any actual deployment. The Independent Submissions Editor has chosen to publish this document in the Independent Stream so that potential deployers and implementors can understand all its details, so as to produce implementations that will interwork properly with other (existing) deployments.
This proposal was previously proposed for adoption by the TCPM
working group and rejected as being an undesirable technical design
for both transport and privacy reasons. This document specifies a
new TCP option that uses the shared experimental options format. The
use of experimental TCP options is specified in [RFC6994] for TCP
options "that are not yet eligible for assigned codepoints". As this
proposal has been rejected by the IETF community, it is not eligible
for the registration of a TCP option codepoint. It should be further
noted that for experimental TCP options, it "is only appropriate to
use these values in explicitly-configured experiments; they MUST NOT
be shipped as defaults in implementations" [RFC4727]. The IESG also
carried out a review as described in [RFC5742] and concluded that
this proposal violates IETF principles expressed in [RFC7258] about
pervasive monitoring as an attack and should therefore not be
published without IETF review and IESG...