A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Deprecating the Generation of IPv6 Atomic Fragments
Authors : Fernando Gont
Will(Shucheng) Liu
Filename : draft-gont-6man-deprecate-atomfrag-generation-00.txt
Pages : 7
Date : 2014-08-19
Abstract:
The core IPv6 specification requires that when a host receives an
ICMPv6 "Packet Too Big" message reporting a "Next-Hop MTU" smaller
than 1280, the host includes a Fragment Header in all subsequent
packets sent to that destination, without reducing the assumed Path-
MTU. The simplicity with which ICMPv6 "Packet Too Big" messages can
be forged, coupled with the widespread filtering of IPv6 fragments,
results in an attack vector that can be leveraged for Denial of
Service purposes. This document briefly discusses the aforementioned
attack vector, and formally deprecates the generation of IPv6 atomic
fragments, such that the aforementioned attack vector is eliminated.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-gont-6man-deprecate-atomfrag-generation/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-gont-6man-deprecate-atomfrag-generation-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
