Document Action: 'Recommendations for Filtering ICMPv6 Messages in Firewalls' to Informational RFC
The IESG <iesg-secretary@ietf.org> Wed, 28 February 2007 17:26 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HMSZQ-00033E-0h; Wed, 28 Feb 2007 12:26:28 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HMSZO-00032g-DA for ietf-announce@ietf.org; Wed, 28 Feb 2007 12:26:26 -0500
Received: from ns0.neustar.com ([156.154.16.158]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HMSZA-0002i4-0g for ietf-announce@ietf.org; Wed, 28 Feb 2007 12:26:26 -0500
Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns0.neustar.com (Postfix) with ESMTP id F0B26328F4; Wed, 28 Feb 2007 17:26:11 +0000 (GMT)
Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HMSZ9-0002rj-SQ; Wed, 28 Feb 2007 12:26:11 -0500
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <E1HMSZ9-0002rj-SQ@stiedprstage1.ietf.org>
Date: Wed, 28 Feb 2007 12:26:11 -0500
X-Spam-Score: -2.8 (--)
X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9
Cc: v6ops mailing list <v6ops@ops.ietf.org>, Internet Architecture Board <iab@iab.org>, v6ops chair <v6ops-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Document Action: 'Recommendations for Filtering ICMPv6 Messages in Firewalls' to Informational RFC
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Errors-To: ietf-announce-bounces@ietf.org
The IESG has approved the following document: - 'Recommendations for Filtering ICMPv6 Messages in Firewalls ' <draft-ietf-v6ops-icmpv6-filtering-recs-03.txt> as an Informational RFC This document is the product of the IPv6 Operations Working Group. The IESG contact persons are David Kessens and Dan Romascanu. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-v6ops-icmpv6-filtering-recs-03.txt Technical Summary In networks supporting IPv6 the Internet Control Message Protocol version 6 (ICMPv6) plays a fundamental role with a large number of functions, and a correspondingly large number of message types and options. A number of security risks are associated with uncontrolled forwarding of ICMPv6 messages. On the other hand, compared with IPv4 and the corresponding protocol ICMP, ICMPv6 is essential to the functioning of IPv6 rather than a useful auxiliary. This document provides some recommendations for ICMPv6 firewall filter configuration that will allow propagation of ICMPv6 messages that are needed to maintain the functioning of the network but drop messages which are potential security risks. Working Group Summary This was approved by the IPv6 Operations Working Group following an extended discussion. The document was originally proposed for BCP status, and was downgraded to informational based on the notion that we should get experience with the document before giving it that class of approbation. We expect to review the document about a year hence in view of operational experience. Apart from that, the working group has been supportive. Protocol Quality David Kessens reviewed this document for the IESG. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce