Recommendations on Filtering of IPv4 Packets Containing IPv4 Options
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org>, opsec mailing list <email@example.com>, opsec chair <firstname.lastname@example.org> Subject: Protocol Action: 'Recommendations on filtering of IPv4 packets containing IPv4 options.' to Best Current Practice (draft-ietf-opsec-ip-options-filtering-07.txt) The IESG has approved the following document: - 'Recommendations on filtering of IPv4 packets containing IPv4 options.' (draft-ietf-opsec-ip-options-filtering-07.txt) as Best Current Practice This document is the product of the Operational Security Capabilities for IP Network Infrastructure Working Group. The IESG contact persons are Joel Jaeggli and Benoit Claise. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-opsec-ip-options-filtering/
Technical Summary This document discusses the operational and interoperability implications of filtering IPv4 packets based on the IPv4 options they contain. It also provides advice to operators who wish to do such filtering. Working Group Summary This document received in-depth review from some key WG members. The WGLC concluded that this is useful information that is presented in an easy to read format. Document Quality This documents evaluates, in detail, every IPv4 option that has been specified so far and provides the following analysis: 1) The use case for each option 2) Specific threats that have been identified with said option 3) Operational implications of blocking said option 4) Very specific advice to operators on how to deal with said option The format in which the information is provided makes this document very easy to read. This is very useful information for operators of Internet Service Provider and Enterprise networks. Personnel Kiran Kumar Chittimaneni (KK) is the Document Shepherd. Joel Jaeggli is the Area Director.