all,

this is an update based on IESG comments.

https://datatracker.ietf.org/doc/draft-ietf-6man-ipv6-atomic-fragments/ballot/
http://www.ietf.org/rfcdiff?url2=draft-ietf-6man-ipv6-atomic-fragments-04

good if someone in the working group can review the diff-set.

Best regards,
Ole


> 
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
> This draft is a work item of the IPv6 Maintenance Working Group of the IETF.
> 
>       Title           : Processing of IPv6 "atomic" fragments
>       Author(s)       : Fernando Gont
>       Filename        : draft-ietf-6man-ipv6-atomic-fragments-04.txt
>       Pages           : 14
>       Date            : 2013-03-20
> 
> Abstract:
>   The IPv6 specification allows packets to contain a Fragment Header
>   without the packet being actually fragmented into multiple pieces (we
>   refer to these packets as "atomic fragments").  Such packets are
>   typically sent by hosts that have received an ICMPv6 "Packet Too Big"
>   error message that advertises a "Next-Hop MTU" smaller than 1280
>   bytes, and are currently processed by some implementations as normal
>   "fragmented traffic" (i.e., they are "reassembled" with any other
>   queued fragments that supposedly correspond to the same original
>   packet).  Thus, an attacker can cause hosts to employ "atomic
>   fragments" by forging ICMPv6 "Packet Too Big" error messages, and
>   then launch any fragmentation-based attacks against such traffic.
>   This document discusses the generation of the aforementioned "atomic
>   fragments" and the corresponding security implications.
>   Additionally, this document formally updates RFC 2460 and RFC 5722
>   such that IPv6 atomic fragments are processed independently of any
>   other fragments, thus completely eliminating the aforementioned
>   attack vector.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-6man-ipv6-atomic-fragments
> 
> There's also a htmlized version available at:
> http://tools.ietf.org/html/draft-ietf-6man-ipv6-atomic-fragments-04
> 
> A diff from the previous version is available at:
> http://www.ietf.org/rfcdiff?url2=draft-ietf-6man-ipv6-atomic-fragments-04
> 
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> [email protected]
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

Reply via email to