The Weak Authentication and Tracing Option

Document Type Expired Internet-Draft (individual)
Last updated 1998-02-25
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The packet switched nature of the Internet Protocol (IP) provides no inherent method to assure that a packet has been issued with a source address authorized for the sender and no inherent method to trace the actual source of a packet. These characteristics make it difficult to take effective action concerning injurious packets which may have originated, by accident or maliciously, virtually anywhere in the Internet. A lightweight IP level option is proposed that provides (1) some assurance that packet's source addresses are authorized for their sender, and (2) limited statistical tracing information such that, if many bad packets are logged, the path to their source will be revealed. These features, even if not implemented throughout the Internet, would provide significantly improved protection against packet level abuse.


Donald Eastlake (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)