I-D Action: draft-ietf-6man-deprecate-atomfrag-generation-05.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the IPv6 Maintenance Working Group of the IETF.

        Title           : Generation of IPv6 Atomic Fragments Considered Harmful
        Authors         : Fernando Gont
                          Will(Shucheng) Liu
                          Tore Anderson
	Filename        : draft-ietf-6man-deprecate-atomfrag-generation-05.txt
	Pages           : 10
	Date            : 2016-01-20

Abstract:
   RFC2460 requires that when a host receives an ICMPv6 "Packet Too Big"
   message reporting an MTU smaller than 1280 bytes, the host includes a
   Fragment Header in all subsequent packets sent to that destination,
   without reducing the assumed Path-MTU.  The simplicity with which
   ICMPv6 "Packet Too Big" messages can be forged means that an attacker
   can leverage this functionality (the generation of IPv6 atomic
   fragments) to trigger the use of fragmentation for any arbitrary IPv6
   flow, and subsequently perform any fragmentation-based attack.  This
   document discusses the security implications of the generation of
   IPv6 atomic fragments and a number of interoperability issues
   associated with IPv6 atomic fragments, and concludes that the
   aforementioned functionality is undesirable, thus documenting the
   motivation for removing this functionality in the revision of the
   core IPv6 protocol specification [I-D.ietf-6man-rfc2460bis].


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-6man-deprecate-atomfrag-generation/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-6man-deprecate-atomfrag-generation-05

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-6man-deprecate-atomfrag-generation-05


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux