%% You should probably cite rfc8548 instead of this I-D. @techreport{ietf-tcpinc-tcpcrypt-13, number = {draft-ietf-tcpinc-tcpcrypt-13}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-tcpinc-tcpcrypt/13/}, author = {Andrea Bittau and Daniel B. Giffin and Mark J. Handley and David Mazieres and Quinn Slack and Eric W. Smith}, title = {{Cryptographic protection of TCP Streams (tcpcrypt)}}, pagetotal = 31, year = 2018, month = sep, day = 6, abstract = {This document specifies tcpcrypt, a TCP encryption protocol designed for use in conjunction with the TCP Encryption Negotiation Option (TCP-ENO). Tcpcrypt coexists with middleboxes by tolerating resegmentation, NATs, and other manipulations of the TCP header. The protocol is self-contained and specifically tailored to TCP implementations, which often reside in kernels or other environments in which large external software dependencies can be undesirable. Because the size of TCP options is limited, the protocol requires one additional one-way message latency to perform key exchange before application data can be transmitted. However, the extra latency can be avoided between two hosts that have recently established a previous tcpcrypt connection.}, }