16. Security Considerations
16. Security Considerations
Security considerations for ECN are discussed throughout this document, particularly in Sections 7, 8, 18, and 19. Section 7 discusses non-compliance by end nodes, and Section 8 discusses non-compliance in the network.
Section 18 systematically examines the various ways in which the ECN field might be modified in the network. Section 19 considers the potential consequences of subverting end-to-end congestion control by falsely indicating ECN-capability or clearing congestion indications (the CE codepoint) in ECN.
Security considerations related to IPsec are discussed in Section 9.2. In particular, Section 9.2 discusses security concerns that might arise from the use of ECN functionality in the outer header of IPsec tunnels, as adversaries could tamper with information that is propagated beyond the tunnel endpoints.
Overall, the analysis in this document shows that while ECN introduces some new security considerations, these risks are manageable and do not introduce more serious security threats than existing packet drop-based congestion control mechanisms.