Protocol Action: 'Recommendations on filtering of IPv4 packets containing IPv4 options.' to Best Current Practice (draft-ietf-opsec-ip-options-filtering-07.txt)
The IESG <iesg-secretary@ietf.org> Mon, 16 December 2013 18:00 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D81391ADF9B; Mon, 16 Dec 2013 10:00:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3m-czIDpMk2H; Mon, 16 Dec 2013 10:00:43 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EF6A1AE0C4; Mon, 16 Dec 2013 10:00:41 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Recommendations on filtering of IPv4 packets containing IPv4 options.' to Best Current Practice (draft-ietf-opsec-ip-options-filtering-07.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 4.83.p1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20131216180041.32680.90601.idtracker@ietfa.amsl.com>
Date: Mon, 16 Dec 2013 10:00:41 -0800
Cc: opsec mailing list <opsec@ietf.org>, opsec chair <opsec-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Dec 2013 18:00:46 -0000
The IESG has approved the following document: - 'Recommendations on filtering of IPv4 packets containing IPv4 options.' (draft-ietf-opsec-ip-options-filtering-07.txt) as Best Current Practice This document is the product of the Operational Security Capabilities for IP Network Infrastructure Working Group. The IESG contact persons are Joel Jaeggli and Benoit Claise. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-opsec-ip-options-filtering/ Technical Summary This document discusses the operational and interoperability implications of filtering IPv4 packets based on the IPv4 options they contain. It also provides advice to operators who wish to do such filtering. Working Group Summary This document received in-depth review from some key WG members. The WGLC concluded that this is useful information that is presented in an easy to read format. Document Quality This documents evaluates, in detail, every IPv4 option that has been specified so far and provides the following analysis: 1) The use case for each option 2) Specific threats that have been identified with said option 3) Operational implications of blocking said option 4) Very specific advice to operators on how to deal with said option The format in which the information is provided makes this document very easy to read. This is very useful information for operators of Internet Service Provider and Enterprise networks. Personnel Kiran Kumar Chittimaneni (KK) is the Document Shepherd. Joel Jaeggli is the Area Director.