[LACNIC/Seguridad] Fwd: RFC 7112 on Implications of Oversized IPv6 Header Chains
Iván Arce
ivan.w.arce en gmail.com
Mie Ene 29 16:17:25 BRST 2014
oh perdon se me corto el mail anterior.
Ya es standard? es decir, hay al menos 2 implementaciones funcionando
que cumplen con el RFC?
-ivan
On 1/29/14 2:58 PM, Fernando Gont wrote:
> FYI: <http://www.rfc-editor.org/rfc/rfc7112.txt>
>
> Hace tanto que este documento venía incubandose que hoy me quede sin
> dormir para que no se demore mas. :-)
>
>
> Si Ud. se encuentra tomando mate con bizcochitos, y quiere enterarse de
> que se trata la cuestión, sin cortar con la mateada, la idea es así de
> simple:
>
> Hasta el momento, las especificaciones permitian la existencia de
> paquetes tan ridiculos que tenian la cadena de encabezados IPv6
> desparramada en varios fragmentos. Este doumento actualiza la norma base
> de IPv6 (RFC 2460), de modo de prohibir dichos paquetes. Es decir, se
> requiere que la cadena completa de encabezados siempre este presente en
> el primer fragmento (obviamente en los casos que se usa fragmentacion..
> ya que sino este problema no se presenta).
>
> Las implicancias de esta actulización son que a partir de ahora, uno
> puede realizar filtrado de paquetes "sin estado" (steteless) -- lo cual
> es agradable. :-)
>
> Pero no joda... siga tomando mate, que esto lo puede lee en otro momento ;-)
>
> Saludos,
> Fernando
>
>
>
>
> -------- Original Message --------
> Subject: RFC 7112 on Implications of Oversized IPv6 Header Chains
> Date: Wed, 29 Jan 2014 09:30:44 -0800 (PST)
> From: rfc-editor en rfc-editor.org
> To: ietf-announce en ietf.org, rfc-dist en rfc-editor.org
> CC: drafts-update-ref en iana.org, ipv6 en ietf.org, rfc-editor en rfc-editor.org
>
> A new Request for Comments is now available in online RFC libraries.
>
>
> RFC 7112
>
> Title: Implications of Oversized IPv6 Header
> Chains
> Author: F. Gont, V. Manral,
> R. Bonica
> Status: Standards Track
> Stream: IETF
> Date: January 2014
> Mailbox: fgont en si6networks.com,
> vishwas en ionosnetworks.com,
> rbonica en juniper.net
> Pages: 8
> Characters: 15897
> Updates: RFC 2460
>
> I-D Tag: draft-ietf-6man-oversized-header-chain-09.txt
>
> URL: http://www.rfc-editor.org/rfc/rfc7112.txt
>
> The IPv6 specification allows IPv6 Header Chains of an arbitrary
> size. The specification also allows options that can, in turn,
> extend each of the headers. In those scenarios in which the IPv6
> Header Chain or options are unusually long and packets are
> fragmented, or scenarios in which the fragment size is very small,
> the First Fragment of a packet may fail to include the entire IPv6
> Header Chain. This document discusses the interoperability and
> security problems of such traffic, and updates RFC 2460 such that the
> First Fragment of a packet is required to contain the entire IPv6
> Header Chain.
>
> This document is a product of the IPv6 Maintenance Working Group of the
> IETF.
>
> This is now a Proposed Standard.
>
> STANDARDS TRACK: This document specifies an Internet standards track
> protocol for the Internet community,and requests discussion and suggestions
> for improvements. Please refer to the current edition of the Internet
> Official Protocol Standards (STD 1) for the standardization state and
> status of this protocol. Distribution of this memo is unlimited.
>
> This announcement is sent to the IETF-Announce and rfc-dist lists.
> To subscribe or unsubscribe, see
> http://www.ietf.org/mailman/listinfo/ietf-announce
> http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
>
> For searching the RFC series, see
> http://www.rfc-editor.org/search/rfc_search.php
> For downloading RFCs, see http://www.rfc-editor.org/rfc.html
>
> Requests for special distribution should be addressed to either the
> author of the RFC in question, or to rfc-editor en rfc-editor.org. Unless
> specifically noted otherwise on the RFC itself, all RFCs are for
> unlimited distribution.
>
>
> The RFC Editor Team
> Association Management Solutions, LLC
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6 en ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
>
>
> _______________________________________________
> Seguridad mailing list
> Seguridad en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/seguridad
>
Más información sobre la lista de distribución Seguridad