Not setting ECT on data retransmitted by TCP:

K. K. Ramakrishnan and I are planning to write an internet-draft
recommending the following:  for ECN-capable TCP implementations,
the ECT bit (ECN-Capable Transport) in the IP header should not be
set on retransmitted data packets, and the TCP data receiver
should ignore the ECN field on arriving data packets that are
outside of the current receiver window.  In addition, the CWR
bit (Congestion Window Reduced) in the TCP header should not be
set on retransmitted packets.  When the TCP data sender is ready
to set the CWR bit after reducing the congestion window, it should
set that bit on the first new data packet that it transmits.

The purpose of this recommendation is for robustness against denial
of service attacks where an attacker capable of spoofing IP source
addresses would send data packets with arbitrary sequence numbers
to the TCP data receiver, with both the ECT and CE bits set in
the IP header.  Reported by Alexey Kuznetsov and Jamal Hadi Salim.

Responding to false ACKs with the ECN-Echo bit set:

In order to reduce the damage caused by denial-of-service attacks
where the attacker spoofs IP source addresses, and sends an ACK
packet with an invalid cumulative acknowledgement number and the
ECN-Echo bit set, the TCP data sender should ignore the ECN-Echo bit
in acknowledgements that acknowledge data that has not yet been
sent.

From a suggestion by Venkat Venkatsubra.