[OPSEC] Fwd: I-D Action:draft-ietf-opsec-protect-control-plane-03.txt
Rodney Dunn <rodunn@cisco.com> Mon, 23 August 2010 14:43 UTC
Return-Path: <rodunn@cisco.com>
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7CC043A6A5C for <opsec@core3.amsl.com>; Mon, 23 Aug 2010 07:43:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xO3gNEZYjo3c for <opsec@core3.amsl.com>; Mon, 23 Aug 2010 07:43:32 -0700 (PDT)
Received: from av-tac-rtp.cisco.com (hen.cisco.com [64.102.19.198]) by core3.amsl.com (Postfix) with ESMTP id 1330F3A689C for <opsec@ietf.org>; Mon, 23 Aug 2010 07:43:31 -0700 (PDT)
X-TACSUNS: Virus Scanned
Received: from rooster.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-rtp.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id o7NEi5Nj001803 for <opsec@ietf.org>; Mon, 23 Aug 2010 10:44:05 -0400 (EDT)
Received: from dhcp-64-102-157-1.cisco.com (dhcp-64-102-157-1.cisco.com [64.102.157.1]) by rooster.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id o7NEi4Ai004383 for <opsec@ietf.org>; Mon, 23 Aug 2010 10:44:04 -0400 (EDT)
Message-ID: <4C7289CB.9040105@cisco.com>
Date: Mon, 23 Aug 2010 10:46:35 -0400
From: Rodney Dunn <rodunn@cisco.com>
Organization: Cisco Systems Inc.
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: opsec@ietf.org
Content-Type: multipart/mixed; boundary="------------020605090006090100090801"
Subject: [OPSEC] Fwd: I-D Action:draft-ietf-opsec-protect-control-plane-03.txt
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: rodunn@cisco.com
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Aug 2010 14:43:33 -0000
Thanks to Chris, Donald, Jared, and others for the recent round of reviews. The -03 update includes the paragraph addressing the feedback from the list on the default traffic handling along with a few editorial changes in the spirit of easier reading and clarity. Diff view as a quick reference: http://tools.ietf.org/rfcdiff?url2=draft-ietf-opsec-protect-control-plane-03 Rodney -------- Original Message -------- Subject: [OPSEC] I-D Action:draft-ietf-opsec-protect-control-plane-03.txt Date: Mon, 23 Aug 2010 07:30:01 -0700 (PDT) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org CC: opsec@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Operational Security Capabilities for IP Network Infrastructure Working Group of the IETF. Title : Protecting The Router Control Plane Author(s) : D. Dugal, et al. Filename : draft-ietf-opsec-protect-control-plane-03.txt Pages : 23 Date : 2010-08-23 This memo provides a method for protecting a router's control plane from undesired or malicious traffic. In this approach, all legitimate router control plane traffic is identified. Once legitimate traffic has been identified, a filter is deployed in the router's forwarding plane. That filter prevents traffic not specifically identified as legitimate from reaching the router's control plane or rate limited to an acceptable level. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-opsec-protect-control-plane-03.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft.
- [OPSEC] I-D Action:draft-ietf-opsec-protect-contr… Internet-Drafts
- [OPSEC] Fwd: I-D Action:draft-ietf-opsec-protect-… Rodney Dunn