The IESG has received a request from the IP Security Maintenance and Extensions WG (ipsecme) to consider the following document: - 'Protecting Internet Key Exchange Protocol version 2 (IKEv2) Implementations from Distributed Denial of Service Attacks' <draft-ietf-ipsecme-ddos-protection-09.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2016-09-28. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document recommends implementation and configuration best practices for Internet Key Exchange Protocol version 2 (IKEv2) Responders, to allow them to resist Denial of Service and Distributed Denial of Service attacks. Additionally, the document introduces a new mechanism called "Client Puzzles" that help accomplish this task. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ddos-protection/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ddos-protection/ballot/ No IPR declarations have been submitted directly on this I-D.
