Protocol Action: 'Enhanced Feasible-Path Unicast Reverse Path Forwarding' to Best Current Practice (draft-ietf-opsec-urpf-improvements-04.txt)
The IESG <iesg-secretary@ietf.org> Tue, 03 September 2019 20:57 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 933AC12084D; Tue, 3 Sep 2019 13:57:35 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Enhanced Feasible-Path Unicast Reverse Path Forwarding' to Best Current Practice (draft-ietf-opsec-urpf-improvements-04.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.100.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, draft-ietf-opsec-urpf-improvements@ietf.org, opsec-chairs@ietf.org, Sandra Murphy <sandy@tislabs.com>, opsec@ietf.org, sandy@tislabs.com, warren@kumari.net, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <156754425559.21098.18161411910915701683.idtracker@ietfa.amsl.com>
Date: Tue, 03 Sep 2019 13:57:35 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/yz8PGfUoE6Dvi2MQR86UmhCOdDg>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Sep 2019 20:57:48 -0000
The IESG has approved the following document: - 'Enhanced Feasible-Path Unicast Reverse Path Forwarding' (draft-ietf-opsec-urpf-improvements-04.txt) as Best Current Practice This document is the product of the Operational Security Capabilities for IP Network Infrastructure Working Group. The IESG contact persons are Warren Kumari and Ignas Bagdonas. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-opsec-urpf-improvements/ Technical Summary This document identifies a need for improvement of the unicast Reverse Path Filtering techniques (uRPF) (see BCP 84) for detection and mitigation of source address spoofing (see BCP 38). The strict uRPF technique is inflexible about directionality, the loose uRPF technique is oblivious to directionality, and the current feasible-path uRPF technique attempts to strike a balance between the two (see BCP 84). However, as shown in this draft, the existing feasible-path uRPF technique still has shortcomings. This document describes an enhanced feasible-path uRPF technique, which aims to be more flexible (in a meaningful way) about directionality than the feasible-path uRPF technique. It can potentially alleviate ISPs' concerns about the possibility of disrupting service for their customers, and encourage greater deployment of uRPF techniques. Working Group Summary The document was discussed in GROW and in OPSEC, and adopted by OPSEC. Discussions in both working groups were incorporated into the document. Document Quality The shepherd sees no wg mail indicating that there are are current software implementations. However, the draft contains a section “Implementation Considerations” that points to the similarity to current uRPF techniques that query a VRF table, so existing implementation methods could be leveraged for this new technique. One wg comment explicitly said that the document was clear enough to “assist the operators to better implement the recommendations”. AD Note: Nits tool notes: The 'Updates: ' line in the draft header should list only the _numbers_ of the RFCs which will be updated by this document. I decided this is a nit, and not worth asking the authors to spin another copy for this. Other nits seem to be false positives. Personnel Document Shepherd: Sandra Murphy Responsible Area Director: Warren Kumari