I-D Action: draft-ietf-6man-predictable-fragment-id-09.txt
internet-drafts@ietf.org Tue, 25 August 2015 16:26 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F08B1A01F4; Tue, 25 Aug 2015 09:26:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KkY_ci0uAvmJ; Tue, 25 Aug 2015 09:26:26 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C0DB71A024C; Tue, 25 Aug 2015 09:26:24 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-ietf-6man-predictable-fragment-id-09.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 6.4.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150825162624.28307.37876.idtracker@ietfa.amsl.com>
Date: Tue, 25 Aug 2015 09:26:24 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/gy20q3mCaLOr6m4vGO5dsfRGLZE>
Cc: ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Aug 2015 16:26:27 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IPv6 Maintenance Working Group of the IETF.
Title : Security Implications of Predictable Fragment Identification Values
Author : Fernando Gont
Filename : draft-ietf-6man-predictable-fragment-id-09.txt
Pages : 18
Date : 2015-08-25
Abstract:
IPv6 specifies the Fragment Header, which is employed for the
fragmentation and reassembly mechanisms. The Fragment Header
contains an "Identification" field which, together with the IPv6
Source Address and the IPv6 Destination Address of a packet,
identifies fragments that correspond to the same original datagram,
such that they can be reassembled together by the receiving host.
The only requirement for setting the "Identification" field is that
the corresponding value must be different than that employed for any
other fragmented packet sent recently with the same Source Address
and Destination Address. Some implementations use a simple global
counter for setting the Identification field, thus leading to
predictable Identification values. This document analyzes the
security implications of predictable Identification values, and
provides implementation guidance for selecting the Identification
field of the Fragment Header, such that the aforementioned security
implications are mitigated.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-6man-predictable-fragment-id/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-6man-predictable-fragment-id-09
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-6man-predictable-fragment-id-09
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- I-D Action: draft-ietf-6man-predictable-fragment-… internet-drafts