Last Call: <draft-gont-numeric-ids-sec-considerations-06.txt> (Security Considerations for Transient Numeric Identifiers Employed in Network Protocols) to Best Current Practice
The IESG <iesg-secretary@ietf.org> Mon, 07 December 2020 15:08 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D2B703A13CE; Mon, 7 Dec 2020 07:08:57 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Last Call: <draft-gont-numeric-ids-sec-considerations-06.txt> (Security Considerations for Transient Numeric Identifiers Employed in Network Protocols) to Best Current Practice
X-Test-IDTracker: no
X-IETF-IDTracker: 7.23.0
Auto-Submitted: auto-generated
Precedence: bulk
CC: draft-gont-numeric-ids-sec-considerations@ietf.org, kaduk@mit.edu
Reply-To: last-call@ietf.org
Sender: iesg-secretary@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <160735373732.25981.15176977559155786235@ietfa.amsl.com>
Date: Mon, 07 Dec 2020 07:08:57 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/GwqZ0264ISGeAx2iuKR0GviFj-k>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2020 15:08:58 -0000
The IESG has received a request from an individual submitter to consider the following document: - 'Security Considerations for Transient Numeric Identifiers Employed in Network Protocols' <draft-gont-numeric-ids-sec-considerations-06.txt> as Best Current Practice The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-call@ietf.org mailing lists by 2021-01-04. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Poor selection of transient numerical identifiers in protocols such as the TCP/IP suite has historically led to a number of attacks on implementations, ranging from Denial of Service (DoS) to data injection and information leakage that can be exploited by pervasive monitoring. To prevent such flaws in future protocols and implementations, this document updates RFC 3552, requiring future RFCs to contain analysis of the security and privacy properties of any transient numeric identifiers specified by the protocol. The file can be obtained via https://datatracker.ietf.org/doc/draft-gont-numeric-ids-sec-considerations/ No IPR declarations have been submitted directly on this I-D.