IETF Logo Mail Archive

[OPSEC] RFC 9288 on Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers

rfc-editor@rfc-editor.org Thu, 18 August 2022 23:21 UTC

Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7623EC152560; Thu, 18 Aug 2022 16:21:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.958
X-Spam-Level:
X-Spam-Status: No, score=-3.958 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lx824t07R5dv; Thu, 18 Aug 2022 16:21:47 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEEADC152578; Thu, 18 Aug 2022 16:21:47 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id B5B991527E1; Thu, 18 Aug 2022 16:21:47 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, opsec@ietf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20220818232147.B5B991527E1@rfcpa.amsl.com>
Date: Thu, 18 Aug 2022 16:21:47 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/kMdX2I0PTwn3vwJEkGTPmJiPbRw>
Subject: [OPSEC] RFC 9288 on Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2022 23:21:51 -0000

A new Request for Comments is now available in online RFC libraries.

        
        RFC 9288

        Title:      Recommendations on the Filtering of 
                    IPv6 Packets Containing IPv6 Extension Headers 
                    at Transit Routers 
        Author:     F. Gont,
                    W. Liu
        Status:     Informational
        Stream:     IETF
        Date:       August 2022
        Mailbox:    fgont@si6networks.com,
                    liushucheng@huawei.com
        Pages:      33
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-opsec-ipv6-eh-filtering-10.txt

        URL:        https://www.rfc-editor.org/info/rfc9288

        DOI:        10.17487/RFC9288

This document analyzes the security implications of IPv6 Extension
Headers and associated IPv6 options. Additionally, it discusses the
operational and interoperability implications of discarding packets
based on the IPv6 Extension Headers and IPv6 options they contain.
Finally, it provides advice on the filtering of such IPv6 packets at
transit routers for traffic not directed to them, for those cases
where such filtering is deemed as necessary.

This document is a product of the Operational Security Capabilities for IP Network Infrastructure Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

v2.23.0 | Report a Bug | By Email