Skip to main content

Security Assessment of the Internet Protocol Version 4
RFC 6274

Yes

(Ron Bonica)

No Objection

(Adrian Farrel)
(Jari Arkko)
(Sean Turner)

Note: This ballot was opened for revision 07 and is now closed.

Ron Bonica Former IESG member
Yes
Yes ()

                            
Adrian Farrel Former IESG member
(was Discuss, No Objection) No Objection
No Objection (2010-11-15)

                            
Jari Arkko Former IESG member
(was Discuss) No Objection
No Objection ()

                            
Peter Saint-Andre Former IESG member
No Objection
No Objection (2010-12-01)
Thank you for writing this helpful document.

Appendix A borders on marketing and seems like a strange thing to include in an RFC. Why is this here?
Sean Turner Former IESG member
(was Discuss) No Objection
No Objection (2011-01-13)

                            
Stewart Bryant Former IESG member
(was Discuss) No Objection
No Objection (2010-12-01)
The introduction appears to incorrectly uses the term TCP/IP when the author means the Internet Protocol suit. 

"This document is the result of an assessment of the IETF specifications of the Internet Protocol (IP)"  - The document only discusses IPv4.

 I am surprised that Section 3 does not have a normative reference to RFC791

In Figure 3, an attacker sends a 17914-byte datagram meant to the
s/to/for/

NDIS is used before it is defined.

Section 3.11 (related to the aside on SA being an interface)  ought to have some text on loop-back addresses, and unnumbered interfaces.
Tim Polk Former IESG member
(was Discuss) No Objection
No Objection (2011-03-10)
I still think the document would benefit greatly from a restructuring to explicitly address goals and threats,
then structure the body to address the various threats.  It would have been nice to address protocol-specific issues
first, then go into implementation details.