ietf
[Top] [All Lists]

Re: Last Call: RFC 6346 successful: moving to Proposed Standard

2014-12-03 19:00:06
RFC6346 reduces the space for TCP/UDP ports, which makes port-based attacks 
against protocols easier, as was mentioned in RFC6056:  

  "It is also worth noting that, provided adequate algorithms are in
   use, the larger the range from which ephemeral ports are selected,
   the smaller the chances of an attacker are to guess the selected port
   number."

The primary mitigation against the Kaminsky was port randomization and attacks 
against other protocols may also need such port randomization.  If RFC6346 
progresses to Proposed Standard, its impact to the size of the port space 
should be noted in RFC6346bis's security considerations.

-d


On Dec 1, 2014, at 2:38 PM, The IESG <iesg-secretary(_at_)ietf(_dot_)org> wrote:


The IESG has received a request from an individual participant to make
the following status changes:

- RFC6346 from Experimental to Proposed Standard
   (The Address plus Port (A+P) Approach to the IPv4 Address Shortage)

The supporting document for this request can be found here:

http://datatracker.ietf.org/doc/status-change-address-plus-port-to-proposed/

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2014-12-29. Exceptionally, comments 
may be
sent to iesg(_at_)ietf(_dot_)org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

The affected document can be obtained via
http://datatracker.ietf.org/doc/rfc6346/

IESG discussion of this request can be tracked via
http://datatracker.ietf.org/doc/status-change-address-plus-port-to-proposed/ballot/




<Prev in Thread] Current Thread [Next in Thread>