[LACNIC/Seguridad] Fwd: A tale of (flawed) transient numeric identifiers (Fwd: New Version Notification for draft-gont-numeric-ids-history-00.txt)

[Fernando Gont]

FYI. IETF I-D por la Iglesia Maradoniana...


-------- Forwarded Message --------
Subject: A tale of (flawed) transient numeric identifiers (Fwd: New
Version Notification for draft-gont-numeric-ids-history-00.txt)
Date: Fri, 8 Jul 2016 18:23:05 +0200
From: Fernando Gont <fgont en si6networks.com>
To: saag en ietf.org <saag en ietf.org>
CC: privsec-program en iab.org <privsec-program en iab.org>, Iván Arce
<iarce en fundacionsadosky.org.ar>

Folks,

As suggested by a number of folks during the SAAG meeing in Buenos
Aires, we have submitted the history of flawed numeric IDs as a
stand-alone I-D. It is available at:
<https://www.ietf.org/internet-drafts/draft-gont-numeric-ids-history-00.txt>

We believe this information provides good background and motivation for
pursuing further work in this area, and learning about errors from the past.

Your input will be very appreciated.

Thanks!
Fernando




-------- Forwarded Message --------
Subject: New Version Notification for draft-gont-numeric-ids-history-00.txt
Date: Fri, 08 Jul 2016 09:17:38 -0700
From: internet-drafts en ietf.org
To: Ivan Arce <stic en fundacionsadosky.org.ar>, Fernando Gont
<fgont en si6networks.com>


A new version of I-D, draft-gont-numeric-ids-history-00.txt
has been successfully submitted by Fernando Gont and posted to the
IETF repository.

Name:		draft-gont-numeric-ids-history
Revision:	00
Title:		Unfortunate History of Transient Numeric Identifiers
Document date:	2016-07-08
Group:		Individual Submission
Pages:		13
URL:
https://www.ietf.org/internet-drafts/draft-gont-numeric-ids-history-00.txt
Status:
https://datatracker.ietf.org/doc/draft-gont-numeric-ids-history/
Htmlized:
https://tools.ietf.org/html/draft-gont-numeric-ids-history-00


Abstract:
   This document performs an analysis of the security and privacy
   implications of different types of "numeric identifiers" used in IETF
   protocols, and tries to categorize them based on their
   interoperability requirements and the associated failure severity
   when such requirements are not met.  It describes a number of
   algorithms that have been employed in real implementations to meet
   such requirements and analyzes their security and privacy properties.
   Additionally, it provides advice on possible algorithms that could be
   employed to satisfy the interoperability requirements of each
   identifier type, while minimizing the security and privacy
   implications, thus providing guidance to protocol designers and
   protocol implementers.  Finally, it provides recommendations for
   future protocol specifications regarding the specification of the
   aforementioned numeric identifiers.





Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat