[LAC-TF] RFC 6980 on Security Implications of IPv6 Fragmentation with IPv6 Neighbor Discovery (fwd)
Fernando Gont
fgont at si6networks.com
Tue Aug 13 21:24:42 BRT 2013
Hola, Azael!
Gracias por reenviar el anuncio. -- Chequié hoy mas temprano si se habia
publicado, y no habia encontrado nada.
Mis agradecimientos a Roque, quien contribuyó el texto del apéndice. Y a
Roque, que hace un par de años atrás presentó este documento en la
reunion del 6man wg (en Maastricht?), cuando el mismo era controversial.
-- Personalmente sensé que el sabía que iba a esquivar algunas balas...
asi que "kudos" para el. ;-)
Y a mi hermano Guillermo, quien es un co-autor implícito en casi todo lo
que hago.
Si bien uno termina poniendo el nombre como autor, la calidad final de
un documento depende de los aportes de quienes envían comentarios, y
proponen mejoras. En tal sentido, los "Acknowledgements" de este
documento son:
---- cut here ----
The author would like to thank (in alphabetical order) Mikael
Abrahamsson, Ran Atkinson, Ron Bonica, Jean-Michel Combes, David
Farmer, Adrian Farrel, Stephen Farrell, Roque Gagliano, Brian
Haberman, Bob Hinden, Philip Homburg, Ray Hunter, Arturo Servin, Mark
Smith, and Martin Stiemerling for providing valuable comments on
earlier versions of this document.
The author would also like to thank Roque Gagliano for contributing
the information regarding message sizes in Appendix A, and Arturo
Servin for presenting this document at IETF 81.
Finally, the author would like to thank his brother, friend, and
colleague, Guillermo Gont, for his love and support.
This document resulted from the project "Security Assessment of the
Internet Protocol version 6 (IPv6)" [CPNI-IPv6], carried out by
Fernando Gont on behalf of the UK Centre for the Protection of
National Infrastructure (CPNI).
---- cut here ----
Saludos, y gracias!
Fer
On 08/13/2013 07:30 PM, Azael Fernandez Alcantara wrote:
> Buen Dia,
>
> PSI = FYI
>
> SALUDOS y una mejora mas.
> ____________________________________
> Azael
> UNAM
> Mexico
> ___________________________________
> Mensaje enviado sin acentos
>
>
> ---------- Forwarded message ----------
> Date: Tue, 13 Aug 2013 22:13:21 +0000
> From: rfc-editor at rfc-editor.org
> Reply-To: ietf at ietf.org
> To: ietf-announce at ietf.org, rfc-dist at rfc-editor.org
> Cc: drafts-update-ref at iana.org, ipv6 at ietf.org, rfc-editor at rfc-editor.org
> Subject: RFC 6980 on Security Implications of IPv6 Fragmentation with IPv6
> Neighbor Discovery
>
> A new Request for Comments is now available in online RFC libraries.
>
>
> RFC 6980
>
> Title: Security Implications of IPv6 Fragmentation
> with IPv6 Neighbor Discovery
> Author: F. Gont
> Status: Standards Track
> Stream: IETF
> Date: August 2013
> Mailbox: fgont at si6networks.com
> Pages: 10
> Characters: 20850
> Updates: RFC 3971, RFC 4861
>
> I-D Tag: draft-ietf-6man-nd-extension-headers-05.txt
>
> URL: http://www.rfc-editor.org/rfc/rfc6980.txt
>
> This document analyzes the security implications of employing IPv6
> fragmentation with Neighbor Discovery (ND) messages. It updates RFC
> 4861 such that use of the IPv6 Fragmentation Header is forbidden in
> all Neighbor Discovery messages, thus allowing for simple and
> effective countermeasures for Neighbor Discovery attacks. Finally,
> it discusses the security implications of using IPv6 fragmentation
> with SEcure Neighbor Discovery (SEND) and formally updates RFC 3971
> to provide advice regarding how the aforementioned security
> implications can be mitigated.
>
> This document is a product of the IPv6 Maintenance Working Group of the
> IETF.
>
> This is now a Proposed Standard.
>
> STANDARDS TRACK: This document specifies an Internet standards track
> protocol for the Internet community,and requests discussion and suggestions
> for improvements. Please refer to the current edition of the Internet
> Official Protocol Standards (STD 1) for the standardization state and
> status of this protocol. Distribution of this memo is unlimited.
>
> This announcement is sent to the IETF-Announce and rfc-dist lists.
> To subscribe or unsubscribe, see
> http://www.ietf.org/mailman/listinfo/ietf-announce
> http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
>
> For searching the RFC series, see
> http://www.rfc-editor.org/search/rfc_search.php
> For downloading RFCs, see http://www.rfc-editor.org/rfc.html
>
> Requests for special distribution should be addressed to either the
> author of the RFC in question, or to rfc-editor at rfc-editor.org. Unless
> specifically noted otherwise on the RFC itself, all RFCs are for
> unlimited distribution.
>
>
> The RFC Editor Team
> Association Management Solutions, LLC
>
>
> _______________________________________________
> LACTF mailing list
> LACTF at lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lactf
> Cancelar suscripcion: lactf-unsubscribe at lacnic.net
>
--
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
More information about the LACTF
mailing list