[perpass] Security and Privacy Implications of Numeric Identifiers Employed in Network Protocols (Fwd: New Version Notification for draft-gont-predictable-numeric-ids-00.txt)
Fernando Gont <fgont@si6networks.com> Tue, 16 February 2016 13:44 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12CC41B2F2D for <perpass@ietfa.amsl.com>; Tue, 16 Feb 2016 05:44:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qmkb00aIkA32 for <perpass@ietfa.amsl.com>; Tue, 16 Feb 2016 05:44:11 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DA381B2EC8 for <perpass@ietf.org>; Tue, 16 Feb 2016 05:44:10 -0800 (PST)
Received: from [192.168.2.101] (unknown [181.165.125.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 39B5280384; Tue, 16 Feb 2016 14:44:06 +0100 (CET)
From: Fernando Gont <fgont@si6networks.com>
To: perpass@ietf.org
References: <20160204162945.16956.31282.idtracker@ietfa.amsl.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <56C327A1.2090701@si6networks.com>
Date: Tue, 16 Feb 2016 10:44:01 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <20160204162945.16956.31282.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/KHWHJOULncW0tkFvRxN8aPEskrw>
Subject: [perpass] Security and Privacy Implications of Numeric Identifiers Employed in Network Protocols (Fwd: New Version Notification for draft-gont-predictable-numeric-ids-00.txt)
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2016 13:44:14 -0000
Folks, A week ago or so we published a new IETF I-D entitled "Security and Privacy Implications of Numeric Identifiers Employed in Network Protocols". It sheds light on the security and privacy implications of predictable numeric identifiers, which have affected (and still affect) several IETF protocols for ages, and that in some cases (such as IPv6 IIDs) can be leveraged for pervasive monitoring. The I-D is available here: <https://www.ietf.org/internet-drafts/draft-gont-predictable-numeric-ids-00.txt> For the time being, at least, we expect discussion to happen on the SAAG mailing-list (<saag@ietf.org>)... but feel free to send your comments as you wish. Your feedback will be appreciated. Thanks! Best regards, Fernando -------- Forwarded Message -------- Subject: New Version Notification for draft-gont-predictable-numeric-ids-00.txt Date: Thu, 04 Feb 2016 08:29:45 -0800 From: internet-drafts@ietf.org To: Ivan Arce <stic@fundacionsadosky.org.ar>, Fernando Gont <fgont@si6networks.com> A new version of I-D, draft-gont-predictable-numeric-ids-00.txt has been successfully submitted by Fernando Gont and posted to the IETF repository. Name: draft-gont-predictable-numeric-ids Revision: 00 Title: Security and Privacy Implications of Numeric Identifiers Employed in Network Protocols Document date: 2016-02-04 Group: Individual Submission Pages: 32 URL: https://www.ietf.org/internet-drafts/draft-gont-predictable-numeric-ids-00.txt Status: https://datatracker.ietf.org/doc/draft-gont-predictable-numeric-ids/ Htmlized: https://tools.ietf.org/html/draft-gont-predictable-numeric-ids-00 Abstract: This document performs an analysis of the security and privacy implications of different types of "numeric identifiers" used in IETF protocols, and tries to categorize them based on their interoperability requirements and the assoiated failure severity when such requirements are not met. It describes a number of algorithms that have been employed in real implementations to meet such requirements and analyzes their security and privacy properties. Additionally, it provides advice on possible algorithms that could be employed to satisfy the interoperability requirements of each identifier type, while minimizing the security and privacy implications, thus providing guidance to protocol designers and protocol implementers. Finally, it provides recommendations for future protocol specifications regarding the specification of the aforementioned numeric identifiers. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [perpass] Security and Privacy Implications of Nu… Fernando Gont