how not to implement tcp md5sig


FreeBSD
only attach md5 signatures on outgoing packets, do not bother checking those on packets you receive. what for?!?

Cisco
in IOS, md5 signatures are checked _before_ the regular tcp stuff (sequence number!) - yeah, the cheapest checks last...
to be fair: md5 is still so cheap that this is not much of a problem in practice. cisco dude told me they are finally fixing that.

Apparently only Juniper and OpenBSD got this right. astounding.