[openssl-dev] [openssl.org #4271] Enhancement Request: Support TCP Fast Open

[Salz, Rich]

> What attack do you have in mind via spreading a cookie good for just one
> source IP address?  Sure the botnet can source TFO from that same IP
> address that got the original cookie.  Why is that useful?

It's an amplification attack.  I don't care about ever getting any reply back.  As I first said, it makes UDP-style attacks possible in the TCP domain, and you don't know where the attack is coming from.