Folks, A week ago or so we published a new IETF I-D entitled "Security and Privacy Implications of Numeric Identifiers Employed in Network Protocols".
It sheds light on the security and privacy implications of predictable numeric identifiers, which have affected (and still affect) several IETF protocols for ages, and that in some cases (such as IPv6 IIDs) can be leveraged for pervasive monitoring. The I-D is available here: <https://www.ietf.org/internet-drafts/draft-gont-predictable-numeric-ids-00.txt> For the time being, at least, we expect discussion to happen on the SAAG mailing-list (<[email protected]>)... but feel free to send your comments as you wish. Your feedback will be appreciated. Thanks! Best regards, Fernando -------- Forwarded Message -------- Subject: New Version Notification for draft-gont-predictable-numeric-ids-00.txt Date: Thu, 04 Feb 2016 08:29:45 -0800 From: [email protected] To: Ivan Arce <[email protected]>, Fernando Gont <[email protected]> A new version of I-D, draft-gont-predictable-numeric-ids-00.txt has been successfully submitted by Fernando Gont and posted to the IETF repository. Name: draft-gont-predictable-numeric-ids Revision: 00 Title: Security and Privacy Implications of Numeric Identifiers Employed in Network Protocols Document date: 2016-02-04 Group: Individual Submission Pages: 32 URL: https://www.ietf.org/internet-drafts/draft-gont-predictable-numeric-ids-00.txt Status: https://datatracker.ietf.org/doc/draft-gont-predictable-numeric-ids/ Htmlized: https://tools.ietf.org/html/draft-gont-predictable-numeric-ids-00 Abstract: This document performs an analysis of the security and privacy implications of different types of "numeric identifiers" used in IETF protocols, and tries to categorize them based on their interoperability requirements and the assoiated failure severity when such requirements are not met. It describes a number of algorithms that have been employed in real implementations to meet such requirements and analyzes their security and privacy properties. Additionally, it provides advice on possible algorithms that could be employed to satisfy the interoperability requirements of each identifier type, while minimizing the security and privacy implications, thus providing guidance to protocol designers and protocol implementers. Finally, it provides recommendations for future protocol specifications regarding the specification of the aforementioned numeric identifiers. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
