Skip to main content

Fernando Gont

Fernando Gont is currently Staff Platform Security Engineer at Yalo.

Gont has over twenty years of industry experience in the fields of Internet engineering and information security, working for private and governmental organizations from around the world.

Before joining Yalo, he was a security consultant and researcher at SI6 Networks, Director of Information Security at EdgeUno, and consulted for organizations such as the UK National Infrastructure Security Co-ordination Centre (NISCC), the UK Centre for the Protection of National Infrastructure (CPNI), and Huawei Technologies Ltd..

Gont has been active in the Internet Engineering Task Force (IETF) for over 15 years, and has published over 36 IETF RFCs (Request For Comments) and more than a dozen IETF Internet-Drafts.

Gont has also been involved in a number of open source projects, including the SI6 Networks’ IPv6 Toolkit — a portable and comprehensive security asessment toolkit for the IPv6 protocol suite, and the SI6 Networks’ IoT-toolkit. He has also contributed to the OpenBSD and FreeBSD operating systems, and to the Linux kernel.

Gont has been a speaker at a number of conferences and technical meetings about information security, operating systems, and Internet engineering, including: CanSecWest 2005, FIRST Technical Colloquium 2005, Kernel Conference Australia 2009, DEEPSEC 2009, HACK.LU 2011, Hackito Ergo Sum 2012, Hack In Paris 2013, German IPv6 Kongress 2014, H2HC 2017, and Troopers 2018. Additionally, he is a regular attendee of the Internet Engineering Task Force (IETF) meetings.


Role Group Email
Reviewer General Area Review Team (Gen-ART) (genart)

RFCs (40)

RFC Date Title Cited by
RFC 5461 Feb 2009 TCP's Reaction to Soft Errors 13 RFCs
RFC 5482 Mar 2009 TCP User Timeout Option 5 RFCs
RFC 5927 Jul 2010 ICMP Attacks against TCP 17 RFCs
RFC 6056 Jan 2011 Recommendations for Transport-Protocol Port Randomization 50 RFCs
RFC 6093 Jan 2011 On the Implementation of the TCP Urgent Mechanism 6 RFCs
RFC 6191 Apr 2011 Reducing the TIME-WAIT State Using TCP Timestamps 6 RFCs
RFC 6274 Jul 2011 Security Assessment of the Internet Protocol Version 4 9 RFCs
RFC 6528 Feb 2012 Defending against Sequence Number Attacks 10 RFCs
RFC 6633 May 2012 Deprecation of ICMP Source Quench Messages 7 RFCs
RFC 6814 Nov 2012 Formally Deprecating Some IPv4 Options 2 RFCs
RFC 6918 Apr 2013 Formally Deprecating Some ICMPv4 Message Types 1 RFC
RFC 6946 May 2013 Processing of IPv6 "Atomic" Fragments 7 RFCs
RFC 6980 Aug 2013 Security Implications of IPv6 Fragmentation with IPv6 Neighbor Discovery 8 RFCs
RFC 7112 Jan 2014 Implications of Oversized IPv6 Header Chains 8 RFCs
RFC 7113 Feb 2014 Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard) 9 RFCs
RFC 7123 Feb 2014 Security Implications of IPv6 on IPv4 Networks 4 RFCs
RFC 7126 Feb 2014 Recommendations on Filtering of IPv4 Packets Containing IPv4 Options 3 RFCs
RFC 7217 Apr 2014 A Method for Generating Semantically Opaque Interface Identifiers with IPv6 Stateless Address Autoconfiguration (SLAAC) 29 RFCs
RFC 7359 Aug 2014 Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks 2 RFCs
RFC 7421 Jan 2015 Analysis of the 64-bit Boundary in IPv6 Addressing 8 RFCs
RFC 7430 Jul 2015 Analysis of Residual Threats and Possible Fixes for Multipath TCP (MPTCP) 2 RFCs
RFC 7610 Aug 2015 DHCPv6-Shield: Protecting against Rogue DHCPv6 Servers 14 RFCs
RFC 7707 Mar 2016 Network Reconnaissance in IPv6 Networks 12 RFCs
RFC 7721 Mar 2016 Security and Privacy Considerations for IPv6 Address Generation Mechanisms 25 RFCs
RFC 7739 Feb 2016 Security Implications of Predictable Fragment Identification Values 9 RFCs
RFC 7872 Jun 2016 Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World 11 RFCs
RFC 7915 Jun 2016 IP/ICMP Translation Algorithm 11 RFCs
RFC 7943 Sep 2016 A Method for Generating Semantically Opaque Interface Identifiers (IIDs) with the Dynamic Host Configuration Protocol for IPv6 (DHCPv6)
RFC 8021 Jan 2017 Generation of IPv6 Atomic Fragments Considered Harmful 5 RFCs
RFC 8064 Feb 2017 Recommendation on Stable IPv6 Interface Identifiers 15 RFCs
RFC 8900 Sep 2020 IP Fragmentation Considered Fragile 13 RFCs
RFC 8978 Mar 2021 Reaction of IPv6 Stateless Address Autoconfiguration (SLAAC) to Flash-Renumbering Events 1 RFC
RFC 8981 Feb 2021 Temporary Address Extensions for Stateless Address Autoconfiguration in IPv6 9 RFCs
RFC 9096 Aug 2021 Improving the Reaction of Customer Edge Routers to IPv6 Renumbering Events 1 RFC
RFC 9098 Sep 2021 Operational Implications of IPv6 Packets with Extension Headers 3 RFCs
RFC 9109 Aug 2021 Network Time Protocol Version 4: Port Randomization 1 RFC
RFC 9288 Aug 2022 Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers 3 RFCs
RFC 9414 Jul 2023 Unfortunate History of Transient Numeric Identifiers
RFC 9415 Jul 2023 On the Generation of Transient Numeric Identifiers 2 RFCs
RFC 9416 Jul 2023 Security Considerations for Transient Numeric Identifiers Employed in Network Protocols 2 RFCs

Active Internet-Drafts (1)

Expired Internet-Drafts (93)

(Excluding replaced Internet-Drafts.)

Internet-Draft Activity