Processing of IPv6 "atomic" fragments
draft-ietf-6man-ipv6-atomic-fragments-00
| Document | Type | Expired Internet-Draft (6man WG) | |
|---|---|---|---|
| Author | Fernando Gont | ||
| Last updated | 2012-08-04 (Latest revision 2012-02-01) | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Formats |
Expired & archived
plain text
htmlized
pdfized
bibtex
|
||
| Reviews |
SECDIR Last Call review
(of
-03)
Has Nits
|
||
| Stream | WG state | WG Document | |
| Document shepherd | (None) | ||
| IESG | IESG state | Expired | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
https://www.ietf.org/archive/id/draft-ietf-6man-ipv6-atomic-fragments-00.txt
Abstract
The IPv6 specification allows packets to contain a Fragment Header without the packet being actually fragmented into multiple pieces. Such packets typically result from hosts that have received an ICMPv6 "Packet Too Big" error message that advertises a "Next-Hop MTU" smaller than 1280 bytes, and are currently processed by some implementations as "fragmented traffic". Thus, by forging ICMPv6 "Packet Too Big" error messages an attacker can cause hosts to employ "atomic fragments", and then launch any fragmentation-based attacks against such traffic. This document discusses the generation of the aforementioned "atomic fragments", the corresponding security implications, and formally updates RFC 2460 and RFC 5722 such that fragmentation-based attack vectors against traffic employing "atomic fragments" are completely eliminated.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)