Cite this BCP: TXT

BCP 72 contains the following RFCs:
NumberFilesTitleAuthorsDateMore InfoStatus
RFC 3552, BCP 72     Guidelines for Writing RFC Text on Security Considerations E. Rescorla, B. KorverJuly 2003Updated by RFC 8996, RFC 9416, ErrataBest Current Practice
RFC 9416, BCP 72    Security Considerations for Transient Numeric Identifiers Employed in Network ProtocolsF. Gont, I. ArceJuly 2023Updates RFC 3552Best Current Practice

Abstract of RFC 3552

All RFCs are required to have a Security Considerations section. Historically, such sections have been relatively weak. This document provides guidelines to RFC authors on how to write a good Security Considerations section. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.

Abstract of RFC 9416

Poor selection of transient numerical identifiers in protocols such as the TCP/IP suite has historically led to a number of attacks on implementations, ranging from Denial of Service (DoS) or data injection to information leakages that can be exploited by pervasive monitoring. Due diligence in the specification of transient numeric identifiers is required even when cryptographic techniques are employed, since these techniques might not mitigate all the associated issues. This document formally updates RFC 3552, incorporating requirements for transient numeric identifiers, to prevent flaws in future protocols and implementations.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search