IETF Logo Mail Archive

[core] I-D Action: draft-ietf-core-attacks-on-coap-02.txt

internet-drafts@ietf.org Fri, 23 December 2022 06:31 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: core@ietf.org
Delivered-To: core@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D9E8C1522AA; Thu, 22 Dec 2022 22:31:33 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: core@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 9.4.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: core@ietf.org
Message-ID: <167177709362.31452.17676101450732027881@ietfa.amsl.com>
Date: Thu, 22 Dec 2022 22:31:33 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/8TStOb9mGOiQJG9Jijx7QOHWr_0>
Subject: [core] I-D Action: draft-ietf-core-attacks-on-coap-02.txt
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Dec 2022 06:31:33 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Constrained RESTful Environments WG of the IETF.

        Title           : Attacks on the Constrained Application Protocol (CoAP)
        Authors         : John Preuß Mattsson
                          John Fornehed
                          Göran Selander
                          Francesca Palombini
                          Christian Amsüss
  Filename        : draft-ietf-core-attacks-on-coap-02.txt
  Pages           : 19
  Date            : 2022-12-22

Abstract:
   Being able to securely read information from sensors, to securely
   control actuators, and to not enable distributed denial-of-service
   attacks are essential in a world of connected and networking things
   interacting with the physical world.  Using a security protocol such
   as DTLS, TLS, or OSCORE to protect CoAP is a requirement for secure
   operation and protects against many attacks.  This document
   summarizes a number of known attacks on CoAP deployments and show
   that just using CoAP with a security protocol like DTLS, TLS, or
   OSCORE is not enough for secure operation.  Several of the discussed
   attacks can be mitigated with the solutions in RFC 9175.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-core-attacks-on-coap/

There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-core-attacks-on-coap-02.html

A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-core-attacks-on-coap-02


Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts

v2.23.0 | Report a Bug | By Email