[openssl-dev] [openssl.org #4271] Enhancement Request: Support TCP Fast Open
Salz, Rich
rsalz at akamai.com
Wed Jan 27 19:07:36 UTC 2016
> What attack do you have in mind via spreading a cookie good for just one
> source IP address? Sure the botnet can source TFO from that same IP
> address that got the original cookie. Why is that useful?
It's an amplification attack. I don't care about ever getting any reply back. As I first said, it makes UDP-style attacks possible in the TCP domain, and you don't know where the attack is coming from.
More information about the openssl-dev
mailing list