The Generalized TTL Security Mechanism (GTSM)
draft-ietf-rtgwg-rfc3682bis-10
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
10 | (System) | post-migration administrative database adjustment to the No Objection position for Sam Hartman |
2012-08-22
|
10 | (System) | post-migration administrative database adjustment to the No Objection position for Lars Eggert |
2007-07-11
|
10 | (System) | IANA Action state changed to No IC from In Progress |
2007-07-11
|
10 | (System) | IANA Action state changed to In Progress |
2007-07-11
|
10 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
2007-07-10
|
10 | Amy Vezza | IESG state changed to Approved-announcement sent |
2007-07-10
|
10 | Amy Vezza | IESG has approved the document |
2007-07-10
|
10 | Amy Vezza | Closed "Approve" ballot |
2007-07-09
|
10 | Ross Callon | State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Ross Callon |
2007-06-29
|
10 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Patrick Cain. |
2007-06-26
|
10 | Lars Eggert | [Ballot Position Update] Position for Lars Eggert has been changed to No Objection from Discuss by Lars Eggert |
2007-06-25
|
10 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-10.txt |
2007-06-22
|
10 | (System) | Removed from agenda for telechat - 2007-06-21 |
2007-06-21
|
10 | Amy Vezza | State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Amy Vezza |
2007-06-21
|
10 | Sam Hartman | [Ballot Position Update] Position for Sam Hartman has been changed to No Objection from Discuss by Sam Hartman |
2007-06-21
|
10 | Chris Newman | [Ballot Position Update] New position, No Objection, has been recorded by Chris Newman |
2007-06-21
|
10 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded by Jari Arkko |
2007-06-21
|
10 | Jari Arkko | [Ballot comment] Section 5.4 conclusions apply only if the GTSM processing cannot associate initial and non-initial fragments to each other. There does not seem to … [Ballot comment] Section 5.4 conclusions apply only if the GTSM processing cannot associate initial and non-initial fragments to each other. There does not seem to be any reason why this could not be done; the GTSM processor is the receiver of the packets and can look at the identifier field. If the initial fragment belongs to a session, the non-initial fragments have the same identifier, and all fragments satisfy the TTL criteria, it would seem that we can make equally strong conclusions about the packet as we can from a non-fragmented packet. Am I missing something? Anyway, I fully support the recommendation to use path MTU discovery and avoiding fragments. Please consider the above question mostly from an acamedic interest point of view. |
2007-06-21
|
10 | Mark Townsley | [Ballot Position Update] New position, No Objection, has been recorded by Mark Townsley |
2007-06-21
|
10 | Jon Peterson | [Ballot Position Update] New position, No Objection, has been recorded by Jon Peterson |
2007-06-20
|
10 | Cullen Jennings | [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings |
2007-06-20
|
10 | Lisa Dusseault | [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault |
2007-06-20
|
10 | Lars Eggert | [Ballot comment] Section 5.4., paragraph 3: > As such, it is highly recommended for GTSM-protected protocols to > avoid fragmentation and reassembly by … [Ballot comment] Section 5.4., paragraph 3: > As such, it is highly recommended for GTSM-protected protocols to > avoid fragmentation and reassembly by manual MTU tuning, using > adaptive measures such as Path MTU Discovery (PMTUD), or any other > available method. Suggest to add a reference to RFC 4821 for PMTUD and make it the preferred alternative for avoiding fragmentation. (And shouldn't this be a capital RECOMMENDED?) |
2007-06-20
|
10 | Lars Eggert | [Ballot discuss] Section 3., paragraph 4: > The TTL field in all IP packets used for transmission of > … [Ballot discuss] Section 3., paragraph 4: > The TTL field in all IP packets used for transmission of > messages associated with GTSM-enabled protocol sessions MUST be > set to 255. This also applies to related error handling > messages associated with said session, such as TCP RSTs or ICMP > errors. DISCUSS: I understand how ICMP messages are related to a session but not part of it, but TCP RST segments *are* part of a TCP session - they're normal TCP segments with the RST bit set. Please correct this here and elsewhere in the text. |
2007-06-20
|
10 | Lars Eggert | [Ballot Position Update] New position, Discuss, has been recorded by Lars Eggert |
2007-06-19
|
10 | Tim Polk | [Ballot Position Update] New position, No Objection, has been recorded by Tim Polk |
2007-06-19
|
10 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley |
2007-06-19
|
10 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded by Magnus Westerlund |
2007-06-18
|
10 | Ross Callon | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Ross Callon |
2007-06-18
|
10 | Ron Bonica | [Ballot comment] Section 6: The applicability statement is pretty good about saying that the value of GTSM is inversely proportional to the hop-count between the … [Ballot comment] Section 6: The applicability statement is pretty good about saying that the value of GTSM is inversely proportional to the hop-count between the neighboring peers. However, you might want to add a sentence that says that GTSM will not protect you against attackers who are as close to the protected station as its legitmate peer. For example, if the legitimate peer is one hop away, GTSM will not protect from attacks from directly connected devices. |
2007-06-18
|
10 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
2007-06-18
|
10 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
2007-06-18
|
10 | Dan Romascanu | [Ballot comment] There is no place in the document that mentions that this standards track RFC would obsolete an Experimental RFC. I believe that the … [Ballot comment] There is no place in the document that mentions that this standards track RFC would obsolete an Experimental RFC. I believe that the Abstract and the Appendix B 'Changes Since RFC3682' should mention that 3682 was Experimental. |
2007-06-17
|
10 | Sam Hartman | [Ballot comment] I dislike it when documents speak of "trusted" packets, interfaces or peers without a discussion of what they are trusted to do. In … [Ballot comment] I dislike it when documents speak of "trusted" packets, interfaces or peers without a discussion of what they are trusted to do. In this instance, I think all devices on a trusted interface are trusted not to originate packets with spoofed source address, hop limit or TTL. Also, the physical hardware of trusted links is trusted not to have unintended peers on the link. It would be great if this were refined and included in the document. |
2007-06-17
|
10 | Sam Hartman | [Ballot discuss] The discussion of fragmentation does not discuss attacks on integrity. If you are accepting `unknown' packets into a protocol session , then you … [Ballot discuss] The discussion of fragmentation does not discuss attacks on integrity. If you are accepting `unknown' packets into a protocol session , then you may be accepting data provided by an attacker. This seems like a particularly serious concern with fragmented packets and needs to be discussed in the security considerations section. |
2007-06-17
|
10 | Sam Hartman | [Ballot Position Update] New position, Discuss, has been recorded by Sam Hartman |
2007-06-17
|
10 | David Ward | [Ballot Position Update] New position, Yes, has been recorded by David Ward |
2007-06-15
|
10 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
2007-06-13
|
10 | Ross Callon | [Ballot Position Update] New position, Yes, has been recorded for Ross Callon |
2007-06-13
|
10 | Ross Callon | Ballot has been issued by Ross Callon |
2007-06-13
|
10 | Ross Callon | Created "Approve" ballot |
2007-06-13
|
10 | Ross Callon | Placed on agenda for telechat - 2007-06-21 by Ross Callon |
2007-06-11
|
10 | Yoshiko Fong | IANA Last Call Comments: As described in the IANA Considerations section, we understand this document to have NO IANA Actions. |
2007-06-07
|
10 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Patrick Cain |
2007-06-07
|
10 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Patrick Cain |
2007-06-01
|
10 | Amy Vezza | Last call sent |
2007-06-01
|
10 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2007-06-01
|
10 | Ross Callon | State Changes to Last Call Requested from Publication Requested by Ross Callon |
2007-06-01
|
10 | Ross Callon | Last Call was requested by Ross Callon |
2007-06-01
|
10 | (System) | Ballot writeup text was added |
2007-06-01
|
10 | (System) | Last call text was added |
2007-06-01
|
10 | (System) | Ballot approval text was added |
2007-06-01
|
10 | Ross Callon | Proto writeup by John Scudder: 1. Have the chairs personally reviewed this version of the Internet Draft (ID), and in particular, do they believe this … Proto writeup by John Scudder: 1. Have the chairs personally reviewed this version of the Internet Draft (ID), and in particular, do they believe this ID is ready to forward to the IESG for publication? I have, and I do. (Alex can answer for himself if he likes.) 2. Has the document had adequate review from both key WG members and key non-WG members? Do you have any concerns about the depth or breadth of the reviews that have been performed? Considering that the document is a minor update to an existing RFC which has itself already been deployed, I think the level of review is adequate. 3. Do you have concerns that the document needs more review from a particular (broader) perspective (e.g., security, operational complexity, someone familiar with AAA, etc.)? No. 4. Do you have any specific concerns/issues with this document that you believe the ADs and/or IESG should be aware of? For example, perhaps you are uncomfortable with certain parts of the document, or have concerns whether there really is a need for it. In any event, if your issues have been discussed in the WG and the WG has indicated it that it still wishes to advance the document, detail those concerns in the write-up. No. 5. How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? Consensus can be broadly summarized as "silence indicates consent". On the other hand, the document has been discussed in WG meetings more than once, is a minor update to an existing RFC, and has gone through a long WGLC. 6. Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email to the Responsible Area Director. No. 7. Have the chairs verified that the document adheres to all of the ID Checklist items ? Yes. 8. Is the document split into normative and informative references? Are there normative references to IDs, where the IDs are not also ready for advancement or are otherwise in an unclear state? (note here that the RFC editor will not publish an RFC with normative references to IDs, it will delay publication until all such IDs are also ready for publication as RFCs.) Yes; no. 9. What is the intended status of the document? (e.g., Proposed Standard, Informational?) Proposed Standard. |
2007-05-31
|
10 | Ross Callon | State Changes to Publication Requested from AD is watching by Ross Callon |
2007-01-31
|
10 | Bill Fenner | State Change Notice email list have been change to rtgwg-chairs@tools.ietf.org from fenner@research.att.com, zinin@psg.com |
2007-01-31
|
09 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-09.txt |
2006-12-14
|
08 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-08.txt |
2006-11-26
|
07 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-07.txt |
2006-10-05
|
10 | Bill Fenner | Shepherding AD has been changed to Ross Callon from Alex Zinin |
2006-08-31
|
10 | (System) | State Changes to AD is watching from Dead by system |
2006-08-30
|
06 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-06.txt |
2005-11-07
|
10 | (System) | State Changes to Dead from AD is watching by system |
2005-11-07
|
10 | (System) | Document has expired |
2005-04-14
|
05 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-05.txt |
2004-09-30
|
04 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-04.txt |
2004-09-29
|
03 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-03.txt |
2004-05-04
|
10 | Alex Zinin | Draft Added by Alex Zinin |
2004-04-30
|
02 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-02.txt |
2004-03-22
|
01 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-01.txt |
2004-03-17
|
00 | (System) | New version available: draft-ietf-rtgwg-rfc3682bis-00.txt |