[OPSEC] I-D Action: draft-ietf-opsec-urpf-improvements-04.txt

internet-drafts@ietf.org Fri, 30 August 2019 16:06 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: opsec@ietf.org
Delivered-To: opsec@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id DF12512001E; Fri, 30 Aug 2019 09:06:52 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: <i-d-announce@ietf.org>
Cc: opsec@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.100.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: opsec@ietf.org
Message-ID: <156718121282.25743.666171508280455839@ietfa.amsl.com>
Date: Fri, 30 Aug 2019 09:06:52 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/KsxASkIKNrJPAdq-DRONHYfgcxs>
Subject: [OPSEC] I-D Action: draft-ietf-opsec-urpf-improvements-04.txt
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Aug 2019 16:06:53 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Operational Security Capabilities for IP Network Infrastructure WG of the IETF.

        Title           : Enhanced Feasible-Path Unicast Reverse Path Forwarding
        Authors         : Kotikalapudi Sriram
                          Doug Montgomery
                          Jeffrey Haas
	Filename        : draft-ietf-opsec-urpf-improvements-04.txt
	Pages           : 20
	Date            : 2019-08-30

   This document identifies a need for and proposes improvement of the
   unicast Reverse Path Forwarding (uRPF) techniques (see RFC 3704) for
   detection and mitigation of source address spoofing (see BCP 38).
   The strict uRPF is inflexible about directionality, the loose uRPF is
   oblivious to directionality, and the current feasible-path uRPF
   attempts to strike a balance between the two (see RFC 3704).
   However, as shown in this document, the existing feasible-path uRPF
   still has shortcomings.  This document describes enhanced feasible-
   path uRPF (EFP-uRPF) techniques, which are more flexible (in a
   meaningful way) about directionality than the feasible-path uRPF (RFC
   3704).  The proposed EFP-uRPF methods aim to significantly reduce
   false positives regarding invalid detection in source address
   validation (SAV).  Hence they can potentially alleviate ISPs'
   concerns about the possibility of disrupting service for their
   customers, and encourage greater deployment of uRPF techniques.  This
   document updates RFC 3704.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at: