Security Assessment of the Internet Protocol version 4 (IPv4) draft-ietf-opsec-ip-security Fernando Gont project carried out on behalf of UK CPNI 76th.

Slides:

Advertisements

Similar presentations

73rd IETF meeting, November 16-21, 2008

Advertisements

Printer Working Group Face-to-Face Meeting December 8, 2010

Sign In Sign-in Screen Password Help.

NSIS WG 71th IETF Philadelphia, PA, USA March 12, 2008 WG chairs:John Loughney Martin Stiemerling.

IP over Ethernet over [draft-ietf-16ng-ip-over-ethernet-over txt] IETF-71, Philadelphia, March 08 Max Riegel (NSN), Hongseok Jeon (ETRI),

Provision of Symmetric Keys (KEYPROV) WG Thursday, July 30, 2009 Morning Session I Todays presentations available at:

Tictoc working group Thursday, 31 March CEST (1540 – 1740 UTC) Karen ODonoghue and Yaakov Stein, co-chairs.

BEHAVE – IETF 76 1 BEHAVE Working Group IETF 76 – Hiroshima November 8-13, 2009 Session 1, Wednesday: 09:00-11:30 Session 2, Friday: 09:00-11:30 Chairs:

MPTCP – MULTIPATH TCP WG meeting #5 Nov 8 th & 10 th 2010 Beijing, ietf-79 Yoshifumi Nishida Philip Eardley.

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary Status Report Workgroup for Imaging Management Solutions (WIMS/PMP) Printer.

NIMAC 2.0: The Accessible Media Producer Portal NIMAC 2.0 for AMPs.

Kerberos WG IETF 79, Beijing. Agenda Agenda bashing and note well (5 minutes) Document status and discussions (15 minutes) Technical discussions – Camellia.

HD-ratio for IPv4 -A new criteria for applying IP allocation NCIC 新世紀資通股份有限公司 Mars Wei 危之華 3rd TWNIC OPM.

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

Web Technologies Using the Internet to publish data and applications.

On the implementation of TCP urgent data (draft-gont-tcpm-urgent-data) Fernando Gont & A. Yourtchenko 73rd IETF meeting, November 16-21, 2008 Minneapolis,

Mitigating Teredo Routing Loop Attacks (draft-gont-6man-teredo-loops-00 ) Fernando Gont on behalf of UK CPNI IETF 79 November 7-12, Beijing, China.

Security implications of Network Address Translators (NATs) (draft-gont-behave-nat-security) Fernando Gont Pyda Srisuresh UTN/FRH EMC Corporation 76th.

Ongoing work at the IETF on TCP and IP security Fernando Gont project carried out on behalf of UK CPNI HACK.LU 09 Conference October 28-30, Luxembourg.

Port randomization (draft-ietf-tsvwg-port-randomization) Michael Larsen & Fernando Gont 73rd IETF Meeting, November 16-21, 2008 Minneapolis, MN, USA.

RADEXT WG IETF 82 Agenda November 14, Please join the Jabber room:

Implementing Application Protocols. Overview An application protocol facilitates communication between applications. For example, an client uses.

Ongoing work at the IETF on TCP and IP security Fernando Gont project carried out on behalf of UK CPNI HACK.LU 09 Conference October 28-30, Luxembourg.

Development of WIPOSTAD Progress report by the International Bureau Committee on WIPO Standards Geneva May Anna Graschenkova Industrial Property.

SIP working group status Keith Drage, Dean Willis.

Web application architecture

ICMP attacks against TCP draft-ietf-tcpm-icmp-attacks-01.txt Fernando Gont (UTN/FRH) 67 th IETF Meeting, San Diego, California, USA November 5-10, 2006.

60th IETF San Diego August 2004 Layer 1 VPNs draft-takeda-l1vpn-framework-01.txt Raymond Aubin (Nortel) Marco Carugi (Nortel) Ichiro Inoue (NTT) Hamid.

Security Assessment of the Transmission Control Protocol (TCP) (draft-ietf-tcpm-tcp-security-02.txt) Fernando Gont project carried out on behalf of UK.

Operational Security Capabilities for IP Network Infrastructure

IAB Report Technical Plenary IETF 81 July 25, 2011.

IETF-63 OPSEC WG OPSEC WG _______ Operational Security Capabilities for IP Network Infrastructure IETF #65 - Dallas.

Internet Overview Data Service Center What is the Internet? F A network of networks connecting computers/people around the world allowing them to share.

1 Miscellaneous Capabilities for IP Network Infrastructure IETF 64 Vancouver, BC, Canada November 2005.

Device Reset Characterization draft-ietf-bmwg-reset-02 Rajiv Asati Carlos Pignataro Fernando Calabria Cesar Olvera Presented by Andrew.

Forwarding and Control Element Separation (ForCES) wg Meeting Patrick Droz David Putzolu.

Draft-ietf-fecframe-config-signaling-02 1 FEC framework Configuration Signaling draft-ietf-fecframe-config-signaling-02.txt IETF 76 Rajiv Asati.

Softwires IETF 67 Alain Durand, David Ward. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF.

Protecting The Router Control Plane draft-ietf-opsec-protect-control-plane-01 David Dugal Carlos Pignataro Rodney Dunn Presented by Andrew Yourtchenko.

IETF DMM WG Mobility Exposure and Selection WT Status and Next Steps Danny Moses/Alper Yegin, on behalf of the WT IETF 94.

November 8, 2004IETF 61 - Washington DC, USA1 Lemonade Part 1 Eric Burger Glenn Parsons

Media Resource Broker Roni Even, Chris Boulton boulton-mediactrl-mrb-02.txt

IPng WORKING GROUP November 1999 Washington DC IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.

Security Implications of IPv6 on IPv4 Networks

CISC103 Web Development Basics: Web site:

Lionel Morand DHCP options for PAA Lionel Morand

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

IETF 86 Orlando MBONED.

15th November 2016 Gorry Fairhurst (via webrtc) David Black WG chairs

Current Issues with DNS Configuration Options for SLAAC

76th IETF meeting, November 8-13, 2009

DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers

Handover Keys Using AAA (draft-vidya-mipshop-handover-keys-aaa-03.txt)

Public Key Infrastructure Using X.509 (PKIX) Working Group

ND-Shield: Protecting against Neighbor Discovery Attacks

IPv4 Support for Proxy Mobile IPv6 Ryuji Wakikawa & Sri Gundavelli

IETF 84 Vancouver, BC, CA Wednesday, 1 Aug 2012

CISC103 Web Development Basics: Web site:

TCP for DNS security considerations

November 7-12, Beijing,China.

UCD Athena SWAN Process Overview

IETF Liaison Report May 2004 Dorothy Stanley – Agere Systems

STIR WG IETF-100 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-01) November, 2017 Ray P. Singh, Martin Dolly, Subir Das,

Marine Strategy Framework Directive Common Implementation Strategy 18th Meeting of the Working Group on Good Environmental Status (GES) Action Points.

SACS Working Group Continual Commitment to Accreditation and Educational Improvement April 18, 2012.

WG Document Status Compiled By: Matt Hartley, Lou Berger, Vishnu Pavan Beeram IETF TEAS Working Group.

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

IPv6 Current version of the Internet Protocol is Version 4 (v4)

TCP Maintenance and Minor Extensions (TCPM) Working Group Status

Presentation transcript:

Security Assessment of the Internet Protocol version 4 (IPv4) draft-ietf-opsec-ip-security Fernando Gont project carried out on behalf of UK CPNI 76th IETF meeting, November 8-13, 2009 Hiroshima, Japan

Overview The Internet-Draft is based on the document “Security Assessment of the Internet Protocol” published by CPNI in August 2008 (available at: CPNI’s document was already reviewed by a number of people. It was taken to the IETF as an individual submission: draft-gont-opsec-ip-security Was adopted as an opsec wg item (draft-ietf-opsec- ip-security) in January 2009.

Change log Version -00  First draft-ietf version of the document Version -01  Addressed part of the comments provided by Andrew Yourtchenko ( archive/web/opsec/current/msg00417.html) archive/web/opsec/current/msg00417.html

Heads-up on the upcoming rev Received two very detailed reviews (one on-list by Andrew Yourtchenko, and another off-list) We have been converging on changes to be incorporated in the next revision of the document. Among them:  Swap the DSCP and TOS sections (DSCP should be in the “main” body)  Coalesce the checks to be performed on RR, LSRR and SSRR options  Fixed a bug in the checks for the RR option checks  Miscellaneous edits

Moving forward Currently working on the next rev of the document If you have feedback, post it on or send it to Submit the next rev, and WGLC it?