IETF Logo Mail Archive

[OPSEC] RFC 9511 on Attribution of Internet Probes

rfc-editor@rfc-editor.org Wed, 29 November 2023 02:11 UTC

Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CAC6C151985; Tue, 28 Nov 2023 18:11:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.657
X-Spam-Level:
X-Spam-Status: No, score=-1.657 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, CTE_8BIT_MISMATCH=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z3PPkP_8GbtL; Tue, 28 Nov 2023 18:11:00 -0800 (PST)
Received: from rfcpa.amsl.com (rfcpa.amsl.com [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A389CC151717; Tue, 28 Nov 2023 18:11:00 -0800 (PST)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 60F34E629D; Tue, 28 Nov 2023 18:11:00 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, opsec@ietf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20231129021100.60F34E629D@rfcpa.amsl.com>
Date: Tue, 28 Nov 2023 18:11:00 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/oc8X9G3qhLr8HOj8Bx4ntYDhRqY>
Subject: [OPSEC] RFC 9511 on Attribution of Internet Probes
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Nov 2023 02:11:04 -0000

A new Request for Comments is now available in online RFC libraries.

        
        RFC 9511

        Title:      Attribution of Internet Probes 
        Author:     É. Vyncke,
                    B. Donnet,
                    J. Iurman
        Status:     Informational
        Stream:     IETF
        Date:       November 2023
        Mailbox:    evyncke@cisco.com,
                    benoit.donnet@uliege.be,
                    justin.iurman@uliege.be
        Pages:      10
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-opsec-probe-attribution-09.txt

        URL:        https://www.rfc-editor.org/info/rfc9511

        DOI:        10.17487/RFC9511

Active measurements over the public Internet can target either
collaborating parties or non-collaborating ones. Sometimes these
measurements, also called "probes", are viewed as unwelcome or
aggressive.

This document suggests some simple techniques for a source to
identify its probes. This allows any party or organization to
understand what an unsolicited probe packet is, what its purpose is,
and, most importantly, who to contact. The technique relies on
offline analysis of the probe; therefore, it does not require any
change in the data or control plane. It has been designed mainly for
layer 3 measurements.

This document is a product of the Operational Security Capabilities for IP Network Infrastructure Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

v2.38.3 | Report a Bug | By Email | System Status