Generation of IPv6 Atomic Fragments Considered Harmful
draft-ietf-6man-deprecate-atomfrag-generation-08
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2017-01-04
|
08 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2016-11-12
|
08 | Jean Mahoney | Request for Last Call review by GENART Completed: Ready. Reviewer: Joel Halpern. |
2016-10-31
|
08 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2016-10-06
|
08 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2016-09-22
|
08 | (System) | RFC Editor state changed to EDIT |
2016-09-22
|
08 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2016-09-22
|
08 | (System) | Announcement was received by RFC Editor |
2016-09-22
|
08 | (System) | IANA Action state changed to No IC |
2016-09-22
|
08 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2016-09-22
|
08 | Amy Vezza | IESG has approved the document |
2016-09-22
|
08 | Amy Vezza | Closed "Approve" ballot |
2016-09-22
|
08 | Amy Vezza | Ballot approval text was generated |
2016-09-21
|
08 | Suresh Krishnan | IESG state changed to Approved-announcement to be sent from Approved-announcement sent |
2016-09-21
|
08 | Suresh Krishnan | IESG state changed to Approved-announcement sent from Approved-announcement to be sent::Point Raised - writeup needed |
2016-09-12
|
08 | Fernando Gont | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2016-09-12
|
08 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-08.txt |
2016-09-12
|
08 | Fernando Gont | New version approved |
2016-09-12
|
08 | Fernando Gont | Request for posting confirmation emailed to previous authors: "Tore Anderson" , "Fernando Gont" , "Shucheng LIU (Will)" , 6man-chairs@ietf.org |
2016-09-12
|
08 | (System) | Uploaded new revision |
2016-09-12
|
07 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
2016-09-01
|
07 | Cindy Morgan | IESG state changed to Approved-announcement to be sent::Point Raised - writeup needed from Waiting for Writeup |
2016-09-01
|
07 | Bob Hinden | Title : Generation of IPv6 Atomic Fragments Considered Harmful Authors : Fernando Gont … Title : Generation of IPv6 Atomic Fragments Considered Harmful Authors : Fernando Gont Will(Shucheng) Liu Tore Anderson Filename : draft-ietf-6man-deprecate-atomfrag-generation-05.txt Pages : 10 Date : 2016-01-20 (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? Informational This is correct as it describes the reasons to deprecate the generation of atomic fragments that has been included in draft-ietf-rfc2460bis. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary RFC2460 requires that when a host receives an ICMPv6 "Packet Too Big" message reporting an MTU smaller than 1280 bytes, the host includes a Fragment Header in all subsequent packets sent to that destination, without reducing the assumed Path-MTU. The simplicity with which ICMPv6 "Packet Too Big" messages can be forged means that an attacker can leverage this functionality (the generation of IPv6 atomic fragments) to trigger the use of fragmentation for any arbitrary IPv6 flow, and subsequently perform any fragmentation-based attack. This document discusses the security implications of the generation of IPv6 atomic fragments and a number of interoperability issues associated with IPv6 atomic fragments, and concludes that the aforementioned functionality is undesirable, thus documenting the motivation for removing this functionality in the revision of the core IPv6 protocol specification in draft-ietf-6man-rfc2460bis. Working Group Summary The document was developed and adopted in the 6MAN w.g. and the deprecating of the remaining case of atomic fragment generation was included in draft-ietf-6man-rfc2460bis based on an earlier standards track version of this draft. After this was done the authors agree to remove the RFC2460 update and change the status of this document as Informational. Document Quality There is wide support for this document and the relevant changes in draft-ietf-6man-rfc2460bis. The document has had extensive review in the w.g. including reviews by the w.g. chairs. There are no open technical issues. A few editorial issues have been identified that can be dealt with in later versions. Personnel Bob Hinden is the document shepherd. Brain Haberman is the responsible area director. This is expected to move to Suresh Krishnan. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. Reviewed the current version of the document and identified a few editorial changes. The document is ready for publication. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? No. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the interested community has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. None of the authors are aware of any IPR on this document. (8) Has an IPR disclosure been filed that references this document? If so, summarize any discussion and conclusion regarding the IPR disclosures. N/A. (9) How solid is the consensus of the interested community behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the interested community as a whole understand and agree with it? Strong consensus. (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No. (11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. No serious ID nits. The only issues identified are editorial (remove reference from abstract and a few references that aren't used) (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. N/A (13) Have all references within this document been identified as either normative or informative? Yes. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? No. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. N/A (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the interested community considers it unnecessary. No. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). No IANA considerations. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. None. (19) Describe reviews and automated checks performed by to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. N/A |
2016-09-01
|
07 | Cindy Morgan | Changed consensus to Yes from Unknown |
2016-09-01
|
07 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
2016-09-01
|
07 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2016-08-31
|
07 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2016-08-31
|
07 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2016-08-31
|
07 | Alvaro Retana | [Ballot comment] I'm not going to stand in the way of publication, but I don't think we need to publish this document: it already served … [Ballot comment] I'm not going to stand in the way of publication, but I don't think we need to publish this document: it already served it's purpose. Evidence of that is in RFC7915, rfc2460bis... |
2016-08-31
|
07 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2016-08-31
|
07 | Mirja Kühlewind | [Ballot comment] I have to say I agree with the tsv-art review that it is not fully clear to me that this explanation needs an … [Ballot comment] I have to say I agree with the tsv-art review that it is not fully clear to me that this explanation needs an own document. For me a much short rational for this change (1 or max. 2 paragraphs) that could be integrated in 2460bis would be sufficient (also given that this document has soe redundancy). |
2016-08-31
|
07 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
2016-08-30
|
07 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2016-08-30
|
07 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2016-08-30
|
07 | Kathleen Moriarty | [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty |
2016-08-29
|
07 | Suresh Krishnan | Ballot has been issued |
2016-08-29
|
07 | Suresh Krishnan | [Ballot Position Update] New position, Yes, has been recorded for Suresh Krishnan |
2016-08-29
|
07 | Suresh Krishnan | Created "Approve" ballot |
2016-08-29
|
07 | Suresh Krishnan | Ballot writeup was changed |
2016-08-25
|
07 | Jean Mahoney | Request for Last Call review by GENART is assigned to Joel Halpern |
2016-08-25
|
07 | Jean Mahoney | Request for Last Call review by GENART is assigned to Joel Halpern |
2016-08-22
|
07 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2016-08-19
|
07 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Ready. Reviewer: Klaas Wierenga. |
2016-08-16
|
07 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Eric Vyncke |
2016-08-16
|
07 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Eric Vyncke |
2016-08-12
|
07 | (System) | IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed |
2016-08-12
|
07 | Sabrina Tanamal | (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-6man-deprecate-atomfrag-generation-07.txt, which is currently in Last Call, and has the following comments: We understand that this … (Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-6man-deprecate-atomfrag-generation-07.txt, which is currently in Last Call, and has the following comments: We understand that this document doesn't require any IANA actions. While it's often helpful for a document's IANA Considerations section to remain in place upon publication even if there are no actions, if the authors strongly prefer to remove it, IANA does not object. If this assessment is not accurate, please respond as soon as possible. Thank you, Sabrina Tanamal IANA Specialist ICANN |
2016-08-11
|
07 | Jean Mahoney | Request for Last Call review by GENART is assigned to Joel Halpern |
2016-08-11
|
07 | Jean Mahoney | Request for Last Call review by GENART is assigned to Joel Halpern |
2016-08-11
|
07 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Klaas Wierenga |
2016-08-11
|
07 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Klaas Wierenga |
2016-08-09
|
07 | Suresh Krishnan | Placed on agenda for telechat - 2016-09-01 |
2016-08-08
|
07 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2016-08-08
|
07 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: "Robert M. Hinden" , ipv6@ietf.org, bob.hinden@gmail.com, suresh.krishnan@ericsson.com, draft-ietf-6man-deprecate-atomfrag-generation@ietf.org … The following Last Call announcement was sent out: From: The IESG To: "IETF-Announce" CC: "Robert M. Hinden" , ipv6@ietf.org, bob.hinden@gmail.com, suresh.krishnan@ericsson.com, draft-ietf-6man-deprecate-atomfrag-generation@ietf.org, 6man-chairs@ietf.org Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Generation of IPv6 Atomic Fragments Considered Harmful) to Informational RFC The IESG has received a request from the IPv6 Maintenance WG (6man) to consider the following document: - 'Generation of IPv6 Atomic Fragments Considered Harmful' as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2016-08-22. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document discusses the security implications of the generation of IPv6 atomic fragments and a number of interoperability issues associated with IPv6 atomic fragments, and concludes that the aforementioned functionality is undesirable, thus documenting the motivation for removing this functionality in the revision of the core IPv6 protocol specification. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-6man-deprecate-atomfrag-generation/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-6man-deprecate-atomfrag-generation/ballot/ No IPR declarations have been submitted directly on this I-D. |
2016-08-08
|
07 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2016-08-08
|
07 | Suresh Krishnan | Last call was requested |
2016-08-08
|
07 | Suresh Krishnan | Last call announcement was generated |
2016-08-08
|
07 | Suresh Krishnan | Ballot approval text was generated |
2016-08-08
|
07 | Suresh Krishnan | Ballot writeup was generated |
2016-08-08
|
07 | Suresh Krishnan | IESG state changed to Last Call Requested from AD Evaluation::AD Followup |
2016-07-17
|
07 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2016-07-17
|
07 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-07.txt |
2016-06-29
|
06 | Suresh Krishnan | Still waiting for new revision of the draft |
2016-05-27
|
06 | Suresh Krishnan | There has been no response to the INT directorate reviews for a month even after multiple reminders. |
2016-05-27
|
06 | Suresh Krishnan | IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation |
2016-05-02
|
06 | Carlos Jesús Bernardos | Request for Early review by INTDIR Completed: Ready. Reviewer: Carlos Bernardos. |
2016-04-28
|
06 | Ted Lemon | Request for Early review by INTDIR Completed: Ready. Reviewer: Ted Lemon. |
2016-04-21
|
06 | Carlos Jesús Bernardos | Request for Early review by INTDIR is assigned to Ted Lemon |
2016-04-21
|
06 | Carlos Jesús Bernardos | Request for Early review by INTDIR is assigned to Ted Lemon |
2016-04-20
|
06 | Carlos Jesús Bernardos | Request for Early review by INTDIR is assigned to Carlos Bernardos |
2016-04-20
|
06 | Carlos Jesús Bernardos | Request for Early review by INTDIR is assigned to Carlos Bernardos |
2016-04-18
|
06 | Suresh Krishnan | IESG state changed to AD Evaluation from Publication Requested |
2016-04-06
|
06 | Cindy Morgan | Shepherding AD changed to Suresh Krishnan |
2016-04-04
|
06 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-06.txt |
2016-04-03
|
05 | Bob Hinden | Title : Generation of IPv6 Atomic Fragments Considered Harmful Authors : Fernando Gont … Title : Generation of IPv6 Atomic Fragments Considered Harmful Authors : Fernando Gont Will(Shucheng) Liu Tore Anderson Filename : draft-ietf-6man-deprecate-atomfrag-generation-05.txt Pages : 10 Date : 2016-01-20 (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? Informational This is correct as it describes the reasons to deprecate the generation of atomic fragments that has been included in draft-ietf-rfc2460bis. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary RFC2460 requires that when a host receives an ICMPv6 "Packet Too Big" message reporting an MTU smaller than 1280 bytes, the host includes a Fragment Header in all subsequent packets sent to that destination, without reducing the assumed Path-MTU. The simplicity with which ICMPv6 "Packet Too Big" messages can be forged means that an attacker can leverage this functionality (the generation of IPv6 atomic fragments) to trigger the use of fragmentation for any arbitrary IPv6 flow, and subsequently perform any fragmentation-based attack. This document discusses the security implications of the generation of IPv6 atomic fragments and a number of interoperability issues associated with IPv6 atomic fragments, and concludes that the aforementioned functionality is undesirable, thus documenting the motivation for removing this functionality in the revision of the core IPv6 protocol specification in draft-ietf-6man-rfc2460bis. Working Group Summary The document was developed and adopted in the 6MAN w.g. and the deprecating of the remaining case of atomic fragment generation was included in draft-ietf-6man-rfc2460bis based on an earlier standards track version of this draft. After this was done the authors agree to remove the RFC2460 update and change the status of this document as Informational. Document Quality There is wide support for this document and the relevant changes in draft-ietf-6man-rfc2460bis. The document has had extensive review in the w.g. including reviews by the w.g. chairs. There are no open technical issues. A few editorial issues have been identified that can be dealt with in later versions. Personnel Bob Hinden is the document shepherd. Brain Haberman is the responsible area director. This is expected to move to Suresh Krishnan. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. Reviewed the current version of the document and identified a few editorial changes. The document is ready for publication. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? No. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the interested community has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. The document is informational and doesn't specify anything. (8) Has an IPR disclosure been filed that references this document? If so, summarize any discussion and conclusion regarding the IPR disclosures. N/A. (9) How solid is the consensus of the interested community behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the interested community as a whole understand and agree with it? Strong consensus. (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No. (11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. No serious ID nits. The only issues identified are editorial (remove reference from abstract and a few references that aren't used) (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. N/A (13) Have all references within this document been identified as either normative or informative? Yes. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? No. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. N/A (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the interested community considers it unnecessary. No. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). No IANA considerations. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. None. (19) Describe reviews and automated checks performed by to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. N/A |
2016-04-03
|
05 | Bob Hinden | Responsible AD changed to Brian Haberman |
2016-04-03
|
05 | Bob Hinden | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2016-04-03
|
05 | Bob Hinden | IESG state changed to Publication Requested |
2016-04-03
|
05 | Bob Hinden | IESG process started in state Publication Requested |
2016-04-03
|
05 | Bob Hinden | Changed document writeup |
2016-04-03
|
05 | Bob Hinden | Notification list changed to "Robert M. Hinden" <bob.hinden@gmail.com> |
2016-04-03
|
05 | Bob Hinden | Document shepherd changed to Robert M. Hinden |
2016-04-03
|
05 | Bob Hinden | Tag Revised I-D Needed - Issue raised by WG cleared. |
2016-04-03
|
05 | Bob Hinden | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2016-01-20
|
05 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-05.txt |
2016-01-13
|
04 | Ole Trøan | Tag Revised I-D Needed - Issue raised by WG set. |
2016-01-13
|
04 | Ole Trøan | IETF WG state changed to In WG Last Call from WG Document |
2015-11-27
|
04 | Ole Trøan | Intended Status changed to Informational from None |
2015-11-26
|
04 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-04.txt |
2015-07-04
|
03 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-03.txt |
2015-07-04
|
02 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-02.txt |
2015-04-27
|
01 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-01.txt |
2014-11-11
|
00 | Fernando Gont | New version available: draft-ietf-6man-deprecate-atomfrag-generation-00.txt |