On Tuesday, August 4, 2015, George, Wes <[email protected]> wrote:
> I'm wondering if perhaps some parts of this udp-advisory document would be > better served integrated into this document: > http://tools.ietf.org/html/draft-ietf-tsvwg-rfc5405bis-05 > > Thanks, > > > > Wes > > > I believe that has already taken place in the recent revisions of said I-d's security section. This is both important and good. To that end, I would like to see opsec take on draft-byrne-opsec-udp-advisory to publish the full threat and known remediation and related impacts that are within the opsec charter. . CB > > From: OPSEC <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> on behalf of Ca > By <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> > Date: Monday, July 20, 2015 at 8:46 PM > To: "[email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');>" < > [email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');>> > Cc: "[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>" > <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');> > > > Subject: [OPSEC] draft-byrne-opsec-udp-advisory > > Op sec, > > Given the number of udp related developments, I created this I-d to > express concern about further udp work and expound on some operational > practices that conflict with udp growth. > > Your feedback is welcome. > > ========= > > A new version of I-D, draft-byrne-opsec-udp-advisory-00.txt > has been successfully submitted by Cameron Byrne and posted to the > IETF repository. > > Name: draft-byrne-opsec-udp-advisory > Revision: 00 > Title: Advisory Guidelines for UDP Deployment > Document date: 2015-07-20 > Group: Individual Submission > Pages: 5 > URL: > https://www.ietf.org/internet-drafts/draft-byrne-opsec-udp-advisory-00.txt > Status: > https://datatracker.ietf.org/doc/draft-byrne-opsec-udp-advisory/ > Htmlized: > https://tools.ietf.org/html/draft-byrne-opsec-udp-advisory-00 > > > Abstract: > User Datagram Protocol (UDP) is commonly used as a volumetric attack > transport on the internet. Some network operators experience surges > of UDP attack traffic that are multiple orders of magnitude above the > baseline traffic rate for UDP. Application developers should be > advised that UDP is being rate-limited on a bits-per-second and > packet-per-second basis by network operators to enforce known good > baseline traffic levels for UDP. UDP has been abused to such an > extent that legitimate use may become collateral damage and > application and protocol developers should avoid using UDP as a > transport when possible. > > > > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > ------------------------------ > This E-mail and any of its attachments may contain Time Warner Cable > proprietary information, which is privileged, confidential, or subject to > copyright belonging to Time Warner Cable. This E-mail is intended solely > for the use of the individual or entity to which it is addressed. If you > are not the intended recipient of this E-mail, you are hereby notified that > any dissemination, distribution, copying, or action taken in relation to > the contents of and attachments to this E-mail is strictly prohibited and > may be unlawful. If you have received this E-mail in error, please notify > the sender immediately and permanently delete the original and any copy of > this E-mail and any printout. >
_______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
