[LAC-TF] Resvisión del I-D sobre RA-Guard (Fwd: New Version Notification for draft-ietf-v6ops-ra-guard-implementation-01.txt)

[Fernando Gont]

Estimados,

Acabo de publicar una revisión del IETF I-D en cuestión.

La misma esta disponible en:
<http://tools.ietf.org/id/draft-ietf-v6ops-ra-guard-implementation-01.txt>

Pueden encontrar un diff con la version anterior, en:
<http://tools.ietf.org//rfcdiff?url1=http://tools.ietf.org/id/draft-ietf-v6ops-ra-guard-implementation-00.txt&url2=http://tools.ietf.org/id/draft-ietf-v6ops-ra-guard-implementation-01.txt>

Cualquier comentario, será bienvenido,

Saludos, y gracias!
Fernando




-------- Original Message --------
Subject: New Version Notification for
draft-ietf-v6ops-ra-guard-implementation-01.txt
Date: Sat, 03 Mar 2012 12:15:03 -0800
From: internet-drafts at ietf.org
To: fgont at si6networks.com

A new version of I-D, draft-ietf-v6ops-ra-guard-implementation-01.txt
has been successfully submitted by Fernando Gont and posted to the IETF
repository.

Filename:	 draft-ietf-v6ops-ra-guard-implementation
Revision:	 01
Title:		 Implementation Advice for IPv6 Router Advertisement Guard
(RA-Guard)
Creation date:	 2012-03-03
WG ID:		 v6ops
Number of pages: 18

Abstract:
   The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly
   employed to mitigate attack vectors based on forged ICMPv6 Router
   Advertisement messages.  Many existing IPv6 deployments rely on RA-
   Guard as the first line of defense against the aforementioned attack
   vectors.  However, some implementations of RA-Guard have been found
   to be prone to circumvention by employing IPv6 Extension Headers.
   This document describes the evasion techniques that affect the
   aforementioned implementations, and provides advice on the
   implementation of RA-Guard, such that the RA-Guard evasion vectors
   are eliminated.





The IETF Secretariat