<?xmlversion="1.0" encoding="US-ASCII"?>version='1.0' encoding='utf-8'?> <!DOCTYPE rfcSYSTEM "rfc2629.dtd"[ <!ENTITY nbsp " "> <!ENTITY zwsp "​"> <!ENTITY nbhy "‑"> <!ENTITY wj "⁠"> ]><?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?><!-- used by XSLT processors --> <!-- OPTIONS, known as processing instructions (PIs) go here. --><?rfc toc="yes" ?> <?rfc symrefs="yes" ?> <?rfc strict="no" ?><rfc xmlns:xi="http://www.w3.org/2001/XInclude" submissionType="IRTF" category="info" consensus="true" docName="draft-irtf-pearg-numeric-ids-history-11" number="9414" ipr="trust200902"submissionType="IRTF">obsoletes="" updates="" xml:lang="en" tocInclude="true" symRefs="true" sortRefs="true" version="3"> <!-- xml2rfc v2v3 conversion 3.16.0 --> <front> <title abbrev="Predictable Transient Numeric IDs">Unfortunate History of Transient Numeric Identifiers</title> <seriesInfo name="RFC" value="9414"/> <author fullname="Fernando Gont" initials="F." surname="Gont"> <organization abbrev="SI6 Networks">SI6 Networks</organization> <address> <postal><street>Segurola<extaddr>Segurola yHabana 4310Habana</extaddr> <street>4310 7mo piso</street> <city>Ciudad Autonoma de Buenos Aires</city><region>Buenos Aires</region><country>Argentina</country> </postal><!-- <phone>+54 11 4650 8472</phone> --><email>fgont@si6networks.com</email> <uri>https://www.si6networks.com</uri> </address> </author> <author fullname="Ivan Arce" initials="I." surname="Arce"> <organization abbrev="Quarkslab">Quarkslab</organization> <address> <postal><street>Segurola<extaddr>Segurola yHabana 4310Habana</extaddr> <street>4310 7mo piso</street> <city>Ciudad Autonoma de Buenos Aires</city><region>Buenos Aires</region><country>Argentina</country> </postal> <email>iarce@quarkslab.com</email> <uri>https://www.quarkslab.com</uri> </address> </author><date/> <workgroup>Internet Research Task Force (IRTF)</workgroup> <!-- <area>Internet</area> <workgroup>Dynamic Host Configuration (dhc)</workgroup> --> <!-- <area/> --> <!-- <workgroup/> --><date year="2023" month="July"/> <workgroup>Privacy Enhancements and Assessments</workgroup> <keyword>security</keyword> <keyword>vulnerability</keyword> <keyword>algorithm</keyword> <keyword>attack</keyword> <keyword>fingerprinting</keyword> <abstract> <t> This document analyzes the timeline of the specification and implementation of different types of "transient numeric identifiers" used in IETFprotocols,protocols and how the security and privacy properties of such protocols have been affected as a result of it. It provides empirical evidence that advice in this area is warranted. This document is a product of the PrivacyEnhancementEnhancements andAssessmentAssessments Research Group (PEARG) in the IRTF. </t> </abstract> </front> <middle> <sectiontitle="Introduction" anchor="intro">anchor="intro" numbered="true" toc="default"> <name>Introduction</name> <t> Networking protocols employ a variety of transient numeric identifiers for different protocol objects, such as IPv4 and IPv6Fragment IdentifiersIdentification values <xreftarget="RFC0791"/>target="RFC0791" format="default"/> <xreftarget="RFC8200"/>,target="RFC8200" format="default"/>, IPv6 Interface Identifiers (IIDs) <xreftarget="RFC4291"/>, transport protocoltarget="RFC4291" format="default"/>, transport-protocol ephemeral port numbers <xreftarget="RFC6056"/>,target="RFC6056" format="default"/>, TCP Initial Sequence Numbers (ISNs) <xreftarget="RFC0793"/>,target="RFC9293" format="default"/>, NTP Reference IDs (REFIDs) <xreftarget="RFC5905"/>,target="RFC5905" format="default"/>, and DNSQueryIDs <xreftarget="RFC1035"/>.target="RFC1035" format="default"/>. These identifiers typically have specificinteroperabilityrequirements(e.g.(e.g., uniqueness during a specified period oftime),time) that must be satisfied such that they do not result in negative interoperability implications and an associated failureseveritiesseverity when such requirements are not met <xreftarget="I-D.irtf-pearg-numeric-ids-generation"/>. </t>target="RFC9415" format="default"/>.</t> <aside> <t>NOTE: Some documents refer to the DNS ID as the DNS "Query ID" or "TxID".</t> </aside> <t>For more than 30 years, a large number of implementations oftheIETF protocols have been subject to a variety of attacks, with effects ranging from Denial of Service (DoS) or datainjection,injection to information leakages that could be exploited for pervasive monitoring <xreftarget="RFC7258"/>.target="RFC7258" format="default"/>. The root cause of these issues has been, in many cases, the poor selection of transient numericidentifiers,identifiers in such protocols, usually as a result of insufficient or misleadingspecifications.</t>specifications. While it is generally trivial to identify an algorithm that can satisfy the interoperability requirements of a given transient numeric identifier, empirical evidence exists that doing so without negatively affecting the security and/or privacy properties of the aforementioned protocols is prone to error.</t> <t>For example, implementations have been subject to securityorand/or privacy issues resultingfrom: <list style="symbols"> <t>Predictablefrom:</t> <ul spacing="normal"> <li>predictable IPv4 or IPv6Fragment Identifiers (see e.g.Identification values (e.g., see <xreftarget="Sanfilippo1998a"/>,target="Sanfilippo1998a" format="default"/>, <xreftarget="RFC6274"/>,target="RFC6274" format="default"/>, and <xreftarget="RFC7739"/>)</t> <t>Predictabletarget="RFC7739" format="default"/>),</li> <li>predictable IPv6 IIDs(see e.g.(e.g., see <xreftarget="RFC7721"/>,target="RFC7217" format="default"/>, <xreftarget="RFC7707"/>,target="RFC7707" format="default"/>, and <xreftarget="RFC7217"/>)</t> <t>Predictable transport protocoltarget="RFC7721" format="default"/>),</li> <li>predictable transport-protocol ephemeral port numbers(see e.g.(e.g., see <xreftarget="RFC6056"/>target="RFC6056" format="default"/> and <xreftarget="Silbersack2005"/>)</t> <t>Predictabletarget="Silbersack2005" format="default"/>),</li> <li>predictable TCP Initial Sequence Numbers (ISNs)(see e.g.(e.g., see <xreftarget="Morris1985"/>,target="Morris1985" format="default"/>, <xreftarget="Bellovin1989"/>,target="Bellovin1989" format="default"/>, and <xreftarget="RFC6528"/>)</t> <t>Predictabletarget="RFC6528" format="default"/>),</li> <li>predictable initial timestamps in TCP timestamps options (e.g., see <xref target="TCPT-uptime" format="default"/> and <xref target="RFC7323" format="default"/>), and</li> <li>predictable DNSQueryIDs(see e.g.(see, e.g., <xreftarget="Arce1997"/>target="Schuba1993" format="default"/> and <xreftarget="Klein2007"/>)</t> </list> These examples indicate thattarget="Klein2007" format="default"/>).</li> </ul> <t>Recent history indicates that, when new protocols are standardized orimplemented,new protocol implementations are produced, the security and privacy properties of the associated transient numeric identifiers tend to be overlooked, and inappropriate algorithms to generate such identifiers(i.e. that negatively affect the security or privacy properties of the protocol)are either suggested in thespecificationspecifications or selected by implementers. As a result, advice in this area is warranted. </t> <t>This document contains a non-exhaustive timeline of the specification and vulnerability disclosures related to some sample transient numeric identifiers, including other work that has led to advances in this area. This analysis indicates that:<list style="symbols"> <t>Vulnerabilities</t> <ul spacing="normal"> <li>vulnerabilities associated with the inappropriate generation of transient numeric identifiers have affected protocol implementations for an extremely long period oftime.</t> <t>Suchtime,</li> <li>such vulnerabilities, even when addressed for a given protocol version, were later reintroduced in new versions or new implementations of the sameprotocol.</t> <t>Standardizationprotocol, and</li> <li>standardization efforts that discuss and provide advice in this area can have a positive effect on IETF specifications and their correspondingimplementations.</t> </list> </t>implementations.</li> </ul> <t>While it is generally possible to identify an algorithm that can satisfy the interoperability requirements for a given transient numeric identifier, this document provides empirical evidence that doing so without negatively affecting the securityorand/or privacy properties of theaforementionedcorresponding protocols isnon-trivial.nontrivial. Other related documents (<xreftarget="I-D.irtf-pearg-numeric-ids-generation"/>target="RFC9415" format="default"/> and <xreftarget="I-D.gont-numeric-ids-sec-considerations"/>)target="RFC9416" format="default"/>) provide guidance in this area, as motivated by the present document.</t> <t>This document represents the consensus of the PrivacyEnhancementEnhancements andAssessmentAssessments Research Group (PEARG).</t> </section> <sectiontitle="Terminology" anchor="terminology"> <t> <list style="hanging"> <t hangText="Transientanchor="terminology" numbered="true" toc="default"> <name>Terminology</name> <dl newline="true" spacing="normal"> <dt>Transient NumericIdentifier:"> <vspace blankLines="0" />AIdentifier:</dt> <dd>A data object in a protocol specification that can be used to definitely distinguish a protocol object (a datagram, network interface,transport protocoltransport-protocol endpoint, session,etc)etc.) from all other objects of the same type, in a given context. Transient numeric identifiers are usually defined as a series ofbits,bits and represented using integer values. These identifiers are typically dynamically selected, as opposed tostatically-assignedstatically assigned numeric identifiers(see e.g.(e.g., see <xreftarget="IANA-PROT"/>).target="IANA-PROT" format="default"/>). We note that different transient numeric identifiers may have additional requirements or properties depending on their specific use in a protocol. We use the term "transient numeric identifier" (or simply "numeric identifier" or "identifier" as short forms) as a generic term to refer to any data object in a protocol specification that satisfies the identification property stated above.</t> </list> </t></dd> </dl> <t> The terms "constant IID", "stable IID", and "temporary IID" are to be interpreted as defined in <xreftarget="RFC7721"/>. </t> <!-- <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 <xref target='RFC2119' /> <xref target='RFC8174' /> when, and only when, they appear in all capitals, as shown here. </t> --> </section> <!-- <section title="Threat Model" anchor="threat-model"> <t>Throughout this document, we assume an attacker does not have physical or logical access to the system(s) being attacked, and cannot necessarily observe all the packets being transferred between the sender and the receiver(s) of the target protocol, but may be able to observe some of them. However, we assume the attacker can send any traffic to the target device(s), to e.g. sample transient numeric identifiers employed by such device(s).target="RFC7721" format="default"/>. </t> </section>--><sectiontitle="Threat Model" anchor="threat-model"> <!-- <t>Throughout this document, we assume an attacker does not have physical or logical access to the system(s) being attacked, and cannot necessarily observe all the packets being transferred between the sender and the receiver(s) of the target protocol, but may be able to observe some of them. However, we assume the attacker can send any traffic to the target device(s), to e.g. sample transient numeric identifiers employed by such device(s). </t> -->anchor="threat-model" numbered="true" toc="default"> <name>Threat Model</name> <t>Throughout this document, we do not consider on-path attacks. That is, we assume the attacker does not have physical or logical access to the system(s) beingattacked,attacked and that the attacker can only observe traffic explicitly directed to the attacker. Similarly, an attacker cannot observe traffic transferred betweenathe sender and the receiver(s) of a targetprotocol,protocol but may be able to interact with any of these entities, includingby e.g.by, e.g., sending any traffic to them to sample transient numeric identifiers employed by the targetsystemshosts when communicating with the attacker. </t> <t>For example, when analyzing vulnerabilities associated with TCP Initial Sequence Numbers (ISNs), we consider the attacker is unable to capture network traffic corresponding to a TCP connection between two other hosts. However, we consider the attacker is able to communicate with any of these hosts (e.g., establish a TCP connection with any ofthem), to e.g.them) to, e.g., sample the TCP ISNs employed by thesesystemshosts when communicating with the attacker.</t> <t>Similarly, when considering host-tracking attacks based on IPv6interface identifiers,Interface Identifiers, we consider an attacker may learn the IPv6 address employed by a victimnode if e.g.host if, e.g., the address becomes exposed as a result of the victimnodehost communicating with an attacker-operated server. Subsequently, an attacker may perform host-tracking by probing a set of target addresses composed by a set of target prefixes and the IPv6interface identifierInterface Identifier originally learned by the attacker. Alternatively, an attacker may performhost tracking if e.g.host-tracking if, e.g., the victimnodehost communicates with an attacker-operated server as it moves from one location to another,thosethereby exposing its configured addresses. We note that none of these scenariosrequiresrequire the attacker observe traffic not explicitly directed to the attacker. </t> </section> <sectiontitle="Issuesanchor="issues" numbered="true" toc="default"> <name>Issues with the Specification of Transient NumericIdentifiers" anchor="issues">Identifiers</name> <t>While assessing IETF protocol specifications regarding the use of transient numeric identifiers, we have found that most of the issues discussed in this document arise as a result of one of the following conditions:<list style="symbols"> <t>Protocol</t> <ul spacing="normal"> <li>protocol specifications thatunder-specify the requirements forunder specify their transient numericidentifiers</t> <t>Protocolidentifiers</li> <li>protocol specifications thatover-specifyover specify their transient numericidentifiers</t> <t>Protocolidentifiers</li> <li>protocol implementations that simply fail to comply with the specifiedrequirements</t> </list> </t>requirements</li> </ul> <t>A number of IETF protocol specificationshave simply overlooked the security and privacy implications ofunder specified their transient numericidentifiers.identifiers, thus leading to implementations that were vulnerable to numerous off-path attacks. Examples of them are the specification of TCPephemerallocal ports in <xreftarget="RFC0793"/>,target="RFC0793" format="default"/> or the specification ofTCP sequence numbersthe DNS ID in <xreftarget="RFC0793"/>, ortarget="RFC1035" format="default"/>.</t> <aside><t>NOTE: The TCP local port in an active OPEN request is commonly known as thespecification"ephemeral port" of theDNS TxID incorresponding TCP connection <xreftarget="RFC1035"/>.</t>target="RFC6056" format="default"/>.</t></aside> <t>On the other hand, there are a number of IETF protocol specifications thatover-specifyover specify some of their associated transient numeric identifiers. For example, <xreftarget="RFC4291"/>target="RFC4291" format="default"/> essentially overloads the semantics of IPv6 Interface Identifiers (IIDs) by embedding link-layer addresses in the IPv6IIDs,IIDs when the interoperability requirement of uniqueness could be achieved in other ways that do not result in negative security and privacy implications <xreftarget="RFC7721"/>.target="RFC7721" format="default"/>. Similarly, <xreftarget="RFC2460"/> suggestedtarget="RFC2460" format="default"/> suggests the use of a global counter for the generation ofFragmentIdentificationvalues,values when the interoperabilitypropertiesrequirement of uniqueness per{Src IP, Dst IP}{IPv6 Source Address, IPv6 Destination Address} could be achieved with other algorithms that do not result in negative security and privacy implications <xreftarget="RFC7739"/>.</t>target="RFC7739" format="default"/>.</t> <t>Finally, there are protocol implementations that simply fail to comply withthe corresponding IETFexisting protocolspecifications or recommendations.specifications. For example, some popular operating systems(notably Microsoft Windows)still fail to implementtransport protocoltransport-protocol ephemeral port randomization, as recommended in <xreftarget="RFC6056"/>.</t>target="RFC6056" format="default"/>, or TCP Initial Sequence Number randomization, as recommended in <xref target="RFC9293"/>.</t> <t>The following subsections document the timelines for a number of sample transient numericidentifiers,identifiers that illustrate how the problem discussed in this document has affected protocols from different layers over time. These sample transient numeric identifiers have different interoperability requirements and failure severities (seeSection 6 of<xreftarget="I-D.irtf-pearg-numeric-ids-generation"/>),target="RFC9415" section="6" sectionFormat="of" format="default"/>), and thus are considered to be representative of the problem being analyzed in this document.</t> <sectiontitle="IPv4/IPv6 Identification" anchor="ipid">anchor="ipid" numbered="true" toc="default"> <name>IPv4/IPv6 Identification</name> <t>This section presents the timeline of the Identification field employed by IPv4 (in the base header) and IPv6 (in Fragment Headers). The reason for presenting both cases in the same section is to make it evidentthatthat, while the Identification value serves the same purpose in bothIPv4 and IPv6,protocols, the work and research done for the IPv4 case did notaffectinfluence IPv6 specifications or implementations.</t> <t>The IPv4 Identification is specified in <xreftarget="RFC0791"/>,target="RFC0791" format="default"/>, which specifies the interoperability requirements for the Identificationfield:field, i.e., the sender must choose the Identification field to be unique for a givensource address, destination address, and protocol,{Source Address, Destination Address, Protocol} for the time the datagram (or any fragment of it) could be alive in theinternet.Internet. It suggests that anodesending protocol module may keep "a table of Identifiers, one entry for each destination it has communicated with in the last maximum packet lifetime for theinternet",[I]nternet", and it also suggests that "since the Identifier field allows 65,536 different values, hosts may be able to simply use unique identifiers independent of destination". The above has been interpreted numerous times as a suggestion to employ per-destination or global counters for the generation of Identification values. While <xreftarget="RFC0791"/>target="RFC0791" format="default"/> does not suggest any flawed algorithm for the generation of Identification values, the specification omits a discussion of the security and privacy implications of predictable Identification values. Thishasresulted in many IPv4 implementations generating predictablefragmentIdentification values by means of a global counter, at least at some point in time. </t> <t> The IPv6 Identification was originally specified in <xreftarget="RFC1883"/>.target="RFC1883" format="default"/>. It serves the same purpose as its IPv4 counterpart,with the only difference residing in the length of the corresponding field, and that while the IPv4 Identification field isbut rather than being part of the baseIPv4 header,header (as in theIPv6 caseIPv4 case), it is part of the FragmentheaderHeader (which may or may not be present in an IPv6 packet). <xreftarget="RFC1883"/> states, in Section 4.5,target="RFC1883" format="default" sectionFormat="of" section ="4.5"/> states that the Identification must be different than that of any other fragmented packet sent recently (within the maximum likely lifetime of a packet) with the same Source Address and Destination Address. Subsequently, it notes that this requirement can be met by means of a wrap-around 32-bit counter that is incremented each time a packet must befragmented,fragmented and that it is an implementation choice whether to use a global or a per-destination counter. Thus, theimplementationspecification of the IPv6 Identification is similar to that of the IPv4 case, with the only differencethatthat, in the IPv6casecase, the suggestions to use simple counters is more explicit. <xreftarget="RFC2460"/> wastarget="RFC2460" format="default"/> is the first revision of the core IPv6specification,specification andmaintainedmaintains the same text for the specification of the IPv6 Identification field. <xreftarget="RFC8200"/>,target="RFC8200" format="default"/>, the second revision of the core IPv6 specification, removes the suggestion from <xreftarget="RFC2460"/>target="RFC2460" format="default"/> to use a counter for the generation of IPv6 Identificationvalues,values and points to <xreftarget="RFC7739"/>target="RFC7739" format="default"/> for sample algorithms for their generation. </t><t> <list style="hanging"> <t hangText="September 1981:"> <vspace blankLines="0" /><xref target="RFC0791"/><dl newline="true" spacing="normal"> <dt>September 1981:</dt> <dd> <xref target="RFC0791" format="default"/> specifies the interoperability requirements for the IPv4 Identificationvalue,but does not perform a vulnerability assessment of this transient numeric identifier.</t> <t hangText="December 1995:"> <vspace blankLines="0" /><xref target="RFC1883"/>,</dd> <dt>December 1995:</dt> <dd> <xref target="RFC1883" format="default"/>, the first specification of the IPv6 protocol, is published. It suggests that a counter be used to generate the IPv6 Identificationvalue,values and notes that it is an implementation choice whether to maintain a single counter for the node or multiplecounters, e.g.,counters (e.g., one for each of the node's possiblesource addresses,Source Addresses, or one for each active(source address, destination address) combination. </t> <t hangText="December 1998:"> <vspace blankLines="0" /><xref target="Sanfilippo1998a"/>{Source Address, Destination Address} set). </dd> <dt>December 1998:</dt> <dd> <xref target="Sanfilippo1998a" format="default"/> finds that predictable IPv4 Identification values(generated(as generated by most popular implementations) can be leveraged to count the number of packets sent by a target node. <xreftarget="Sanfilippo1998b"/>target="Sanfilippo1998b" format="default"/> explains how to leverage the same vulnerability to implement a port-scanning technique known as"dumb/idle scan"."idle scan". A tool that implements this attack is publicly released.</t> <t hangText="December 1998:"> <vspace blankLines="0" /><xref target="RFC2460"/>,</dd> <dt>December 1998:</dt> <dd> <xref target="RFC2460" format="default"/>, a revision of the IPv6 specification, is published, obsoleting <xreftarget="RFC1883"/>.target="RFC1883" format="default"/>. It maintains the same specification of the IPv6 Identification field as its predecessor(<xref target="RFC1883"/>). </t> <t hangText="December 1998:"> <vspace blankLines="0" />OpenBSD<xref target="RFC1883" format="default"/>. </dd> <dt>December 1998:</dt> <dd>OpenBSD implements randomization of the IPv4 Identification field <xreftarget="OpenBSD-IPv4-ID"/>. <!--This feature eventually shipped with OpenBSD 2.5.--> </t> <t hangText="November 1999:"> <vspace blankLines="0" /><xref target="Sanfilippo1999"/>target="OpenBSD-IPv4-ID" format="default"/>. </dd> <dt>November 1999:</dt> <dd> <xref target="Sanfilippo1999" format="default"/> discusses how to leverage predictable IPv4 Identification values to uncover the rules of a number of firewalls.</t> <t hangText="September 2002:"> <vspace blankLines="0" /><xref target="Fyodor2002"/></dd> <dt>September 2002:</dt> <dd> <xref target="Fyodor2002" format="default"/> documents the implementation of the"idle/dumb"idle scan" technique in the popularnmapNetwork Mapper (nmap) tool.</t> <t hangText="November 2002:"> <vspace blankLines="0" /><xref target="Bellovin2002"/></dd> <dt>November 2002:</dt> <dd> <xref target="Bellovin2002" format="default"/> explains how the IPv4 Identification field can be exploited to count the number of systems behind a NAT.</t> <t hangText="October 2003:"> <vspace blankLines="0" />OpenBSD</dd> <dt>October 2003:</dt> <dd>OpenBSD implements randomization of the IPv6 Identification field <xreftarget="OpenBSD-IPv6-ID"/>.<!-- This feature eventually shipped with OpenBSD 3.4.--> </t> <t hangText="December 2003:"> <vspace blankLines="0" /><xref target="Zalewski2003"/>target="OpenBSD-IPv6-ID" format="default"/>. </dd> <dt>December 2003:</dt> <dd> <xref target="Zalewski2003" format="default"/> explains a technique to perform TCP data injection attacks based on predictable IPv4identificationIdentification values, which requires less effort than TCP injection attacks performed with bare TCP packets.</t> <t hangText="November 2005:"> <vspace blankLines="0" /><xref target="Silbersack2005"/></dd> <dt>January 2005:</dt> <dd> <xref target="Silbersack2005" format="default"/> discusses shortcomings in a number of techniques to mitigate predictable IPv4 Identification values.</t> <t hangText="October 2007:"> <vspace blankLines="0" /><xref target="Klein2007"/></dd> <dt>October 2007:</dt> <dd> <xref target="Klein2007" format="default"/> describes a weakness in thepseudo randompseudorandom number generator (PRNG) in use for the generation oftheIP Identification values by a number of operating systems.</t> <t hangText="June 2011:"> <vspace blankLines="0" /><xref target="Gont2011"/></dd> <dt>June 2011:</dt> <dd> <xref target="Gont2011" format="default"/> describes how to performdumb/idleidle scan attacks in IPv6.</t> <t hangText="November 2011:"> <vspace blankLines="0" />Linux</dd> <dt>November 2011:</dt> <dd>Linux mitigates predictable IPv6 Identification values <xreftarget="RedHat2011"/>target="RedHat2011" format="default"/> <xreftarget="SUSE2011"/>target="SUSE2011" format="default"/> <xreftarget="Ubuntu2011"/>. </t> <t hangText="December 2011:"> <vspace blankLines="0" /><xref target="draft-gont-6man-predictable-fragment-id-00"/>target="Ubuntu2011" format="default"/>. </dd> <dt>December 2011:</dt> <dd> <xref target="draft-gont-6man-predictable-fragment-id-00" format="default"/> describes the security implications of predictable IPv6 Identificationvalues,values and possible mitigations. This document has theIntended Statusintended status of"Standards Track","Standards Track", with the intention to formally update <xreftarget="RFC2460"/>,target="RFC2460" format="default"/> to introduce security and privacy requirements on the generation of IPv6 Identification values.</t> <t hangText="May 2012:"> <vspace blankLines="0" /><xref target="Gont2012"/></dd> <dt>May 2012:</dt> <dd> <xref target="Gont2012" format="default"/> notes that some major IPv6 implementations still employ predictable IPv6 Identification values.</t> <!-- [fgont] Historia de RFC7739 --> <t hangText="March 2013:"> <vspace blankLines="0" />The</dd> <dt>March 2013:</dt> <dd>The 6man WG adopts <xreftarget="I-D.gont-6man-predictable-fragment-id"/>,target="draft-gont-6man-predictable-fragment-id-03" format="default"/> but changes the track to "BCP" (while still formally updating <xreftarget="RFC2460"/>), publishingtarget="RFC2460" format="default"/>), posting the resulting document as <xreftarget="draft-ietf-6man-predictable-fragment-id-00"/>. </t> <t hangText="June 2013:"> <vspace blankLines="0" />Atarget="draft-ietf-6man-predictable-fragment-id-00" format="default"/>. </dd> <dt>June 2013:</dt> <dd>A patch to incorporate support for IPv6-basedidle/dumbidle scans in nmap is submitted <xreftarget="Morbitzer2013"/>. </t> <t hangText="December 2014:"> <vspace blankLines="0" />Thetarget="Morbitzer2013" format="default"/>. </dd> <dt>December 2014:</dt> <dd>The 6man WG changes theIntended Statusintended status of <xreftarget="draft-ietf-6man-predictable-fragment-id-01"/>target="draft-ietf-6man-predictable-fragment-id-01" format="default"/> to "Informational" andpublishesposts it as <xreftarget="draft-ietf-6man-predictable-fragment-id-02"/>.target="draft-ietf-6man-predictable-fragment-id-02" format="default"/>. As a result, it no longer formally updates <xreftarget="RFC2460"/>,target="RFC2460" format="default"/>, and security and privacy requirements on the generation of IPv6 Identification values are eliminated.</t> <t hangText="June 2015:"> <vspace blankLines="0" /><xref target="draft-ietf-6man-predictable-fragment-id-08"/></dd> <dt>June 2015:</dt> <dd> <xref target="draft-ietf-6man-predictable-fragment-id-08" format="default"/> notes that some popular host and router implementations still employ predictable IPv6 Identification values.</t> <t hangText="February 2016:"> <vspace blankLines="0" /><xref target="RFC7739"/></dd> <dt>February 2016:</dt> <dd> <xref target="RFC7739" format="default"/> (based on <xreftarget="I-D.ietf-6man-predictable-fragment-id"/>)target="draft-ietf-6man-predictable-fragment-id-10" format="default"/>) analyzes the security and privacy implications of predictable IPv6 Identificationvalues,values and provides guidance for selecting an algorithm to generate such values. However, being publishedwith the Intended Status of "Informational",as an "Informational" RFC, it does not formally update <xreftarget="RFC2460"/>,target="RFC2460" format="default"/> and does not introduce security and privacy requirements on the generation of IPv6 Identification values.<!--Note: The oiginal individual submission IP, revision of</dd> <dt>June 2016:</dt> <dd> <xreftarget="RFC2460"/> removes the suggestion from RFC2460 to employtarget="draft-ietf-6man-rfc2460bis-05" format="default"/>, aglobal counter for the generation of IPv6 Identification values, but does specify any security and privacy requirements for the IPv6 Identification value.--> </t> <t hangText="June 2016:"> <vspace blankLines="0" /><xref target="I-D.ietf-6man-rfc2460bis"/>,draft revision of <xreftarget="RFC2460"/>,target="RFC2460" format="default"/>, removes the suggestion fromRFC2460<xref target="RFC2460" format="default"/> to use a counter for the generation of IPv6 Identificationvalues,values but does not perform a vulnerability assessment of the generation of IPv6 Identificationvalues,values and does not introduce security and privacy requirements on the generation of IPv6 Identification values.</t> <t hangText="July 2017:"> <vspace blankLines="0" /><xref target="I-D.ietf-6man-rfc2460bis"/></dd> <dt>July 2017:</dt> <dd> <xref target="draft-ietf-6man-rfc2460bis-13" format="default"/> is finally published as <xreftarget="RFC8200"/>,target="RFC8200" format="default"/>, obsoleting <xreftarget="RFC2460"/>,target="RFC2460" format="default"/> and pointing to <xreftarget="RFC7739"/>target="RFC7739" format="default"/> for sample algorithms for the generation of IPv6FragmentIdentification values. However, it does not introduce security and privacy requirements on the generation of IPv6 Identification values.</t> <t hangText="June 2019:"> <vspace blankLines="0" /><xref target="IPID-DEV"/></dd> <dt>October 2019:</dt> <dd> <xref target="IPID-DEV" format="default"/> notes that the IPv6IDIdentification generators of two popular operating systems are flawed.</t> </list> </t></dd> </dl> </section> <sectiontitle="TCPanchor="tcp-isns" numbered="true" toc="default"> <name>TCP Initial Sequence Numbers(ISNs)" anchor="tcp-isns">(ISNs)</name> <t> <xreftarget="RFC0793"/>target="RFC0793" format="default"/> suggests that the choice of the ISN of a connection is notarbitrary,arbitrary but aims to reduce the chances of a stale segment from being accepted by a new incarnation of a previous connection. <xreftarget="RFC0793"/>target="RFC0793" format="default"/> suggests the use of a global 32-bit ISN generator that is incremented by 1 roughly every 4 microseconds. However, as a matter of fact, protection against stale segments from a previous incarnation of the connection is enforced by preventing the creation of a new incarnation of a previous connection before 2*MSLhavehas passed since a segment corresponding to the old incarnation was last seen (where "MSL" is the "Maximum Segment Lifetime" <xreftarget="RFC0793"/>).target="RFC0793" format="default"/>). This is accomplished by the TIME-WAIT state and TCP's "quiet time" concept (seeAppendix B of<xreftarget="RFC1323"/>).target="RFC1323" format="default" sectionFormat="of" section="B"/>). Based on the assumption that ISNs are monotonically increasing across connections, many stacks (e.g., 4.2BSD-derived) use the ISN of an incoming SYN segment to perform "heuristics" that enable the creation of a new incarnation of a connection while the previous incarnation is still in the TIME-WAIT state (see p. 945 of <xreftarget="Wright1994"/>).target="Wright1994" format="default"/>). This avoids an interoperability problem that may arise when a node establishes connections to a specific TCP end-point at a high rate <xreftarget="Silbersack2005"/>.</t>target="Silbersack2005" format="default"/>.</t> <t>The interoperability requirements for TCP ISNs are probably not as clearly spelled out as one would expect. Furthermore, the suggestion of employing a global counter in <xreftarget="RFC0793"/>target="RFC0793" format="default"/> negatively affects the security and privacy properties of the protocol.</t><t> <list style="hanging"> <t hangText="September 1981:"> <vspace blankLines="0" /><xref target="RFC0793"/>,<dl newline="true" spacing="normal"> <dt>September 1981:</dt> <dd> <xref target="RFC0793" format="default"/> suggests the use of a global 32-bit ISN generator, whose lower bit is incremented roughly every 4 microseconds. However, such an ISN generator makes it trivial to predict the ISN that a TCPinstanceimplementation will use for new connections, thus allowing a variety of attacks against TCP.</t> <!-- <t hangText="September 1981:"> <vspace blankLines="0" /><xref target="RFC0793"/>, suggests the use of a global 32-bit ISN generator, whose lower bit</dd> <dt>February 1985:</dt> <dd> <xref target="Morris1985" format="default"/> isincremented roughly every 4 microseconds. However, such an ISN generator makes it trivial to predict the ISN that a TCP will use for new connections, thus allowing a variety of attacks against TCP. </t> --> <t hangText="February 1985:"> <vspace blankLines="0" /><xref target="Morris1985"/> wasthe first to describe how to exploit predictable TCP ISNs for forging TCP connections that could then be leveraged for trust relationship exploitation.</t> <t hangText="April 1989:"> <vspace blankLines="0" /><xref target="Bellovin1989"/> discussed</dd> <dt>April 1989:</dt> <dd> <xref target="Bellovin1989" format="default"/> discusses the security considerations for predictable ISNs (along with a range of other protocol-based vulnerabilities).</t> <t hangText="February 1995:"> <vspace blankLines="0" /><xref target="Shimomura1995"/> reported</dd> <dt>January 1995:</dt> <dd> <xref target="Shimomura1995" format="default"/> reports a real-world exploitation of theattackvulnerability described in <xreftarget="Morris1985"/>target="Morris1985" format="default"/> ten years before (in 1985).</t> <t hangText="May 1996:"> <vspace blankLines="0" /><xref target="RFC1948"/> was</dd> <dt>May 1996:</dt> <dd> <xref target="RFC1948" format="default"/> is the first IETF effort, authored by Steven Bellovin, to address predictable TCP ISNs. However, <xreftarget="RFC1948"/>target="RFC1948" format="default"/> does not formally update <xreftarget="RFC0793"/>.target="RFC0793" format="default"/>. Note: The same concept specified in this document for TCP ISNs was later proposed for TCP ephemeral ports <xreftarget="RFC6056"/>,target="RFC6056" format="default"/>, TCP Timestamps, and eventually even IPv6 Interface Identifiers <xreftarget="RFC7217"/>. </t> <t hangText="July 1996:"> <vspace blankLines="0" />OpenBSDtarget="RFC7217" format="default"/>. </dd> <dt>July 1996:</dt> <dd>OpenBSD implements TCP ISN randomization based on random increments (please seeAppendix A.2 of <xref target="I-D.irtf-pearg-numeric-ids-generation"/>)<xreftarget="OpenBSD-TCP-ISN-I"/>. <!-- This feature eventually shipped with OpenBSD 2.0. --> </t> <t hangText="December 2000:"> <vspace blankLines="0" />OpenBSDtarget="RFC9415" format="default" sectionFormat="of" section="A.2"/>) <xref target="OpenBSD-TCP-ISN-I" format="default"/>. </dd> <dt>December 2000:</dt> <dd>OpenBSD implements TCP ISN randomization using simple randomization (please seeSection 7.1 of<xreftarget="I-D.irtf-pearg-numeric-ids-generation"/>)target="RFC9415" section="7.1" sectionFormat="of" format="default"/>) <xref target="OpenBSD-TCP-ISN-R" format="default"/>. </dd> <dt>March 2001:</dt> <dd> <xreftarget="OpenBSD-TCP-ISN-R"/>. <!-- This feature eventually shipped with OpenBSD 2.9. --> </t> <t hangText="March 2001:"> <vspace blankLines="0" /><xref target="Zalewski2001"/>target="Zalewski2001" format="default"/> provides a detailed analysis of statistical weaknesses in some TCP ISNgenerators,generators and includes a survey of the algorithms in use by popular TCP implementations.</t> <t hangText="May 2001:"> <vspace blankLines="0" />VulnerabilityVulnerability advisories <xreftarget="CERT2001"/> <xref target="USCERT2001"/>target="USCERT2001" format="default"/> were released regarding statistical weaknesses in some TCP ISN generators, affecting popular TCP implementations.</t> <t hangText="March 2002:"> <vspace blankLines="0" /><xref target="Zalewski2002"/>Other vulnerability advisories on the same vulnerability, such as <xref target="CERT2001" format="default"/>, were published later on.</dd> <dt>March 2002:</dt> <dd> <t><xref target="Zalewski2002" format="default"/> updates and complements <xreftarget="Zalewski2001"/>.target="Zalewski2001" format="default"/>. It concludes that "while some vendors [...] reacted promptly and tested their solutions properly, many still either ignored the issue and never evaluated their implementations, or implemented a flawed solution that apparently was not tested using a known approach" <xreftarget="Zalewski2002"/>. </t> <t hangText="June 2007:"> <vspace blankLines="0" />OpenBSDtarget="Zalewski2002" format="default"/>.</t> </dd> <dt>June 2007:</dt> <dd>OpenBSD implements TCP ISN randomization based on the algorithm specified in <xreftarget="RFC1948"/>target="RFC1948" format="default"/> (currently obsoleted and replaced by <xreftarget="RFC6528"/>)target="RFC6528" format="default"/>) for the TCP endpoint that performs the activeopen,open while keeping the simple randomization scheme for the endpoint performing the passive open <xreftarget="OpenBSD-TCP-ISN-H"/>.target="OpenBSD-TCP-ISN-H" format="default"/>. This providesmonotonically-increasingmonotonically increasing ISNs for theclient side"client side" (allowing the BSD heuristics to work asexpected),expected) while avoiding any patterns in the ISN generation for theserver side.<!-- This feature eventually shipped with OpenBSD 4.2. --> </t> <t hangText="February 2012:"> <vspace blankLines="0" /><xref target="RFC6528"/>,"server side". </dd> <dt>February 2012:</dt> <dd> <xref target="RFC6528" format="default"/>, published 27 years afterMorris'Morris's original work <xreftarget="Morris1985"/>,target="Morris1985" format="default"/>, formally updates <xreftarget="RFC0793"/>target="RFC0793" format="default"/> to mitigate predictable TCP ISNs.</t> <t hangText="August 2014:"> <vspace blankLines="0" /><xref target="I-D.eddy-rfc793bis-04"/>,</dd> <dt>August 2014:</dt> <dd> The algorithm specified in <xref target="RFC6528" format="default"/> becomes theupcomingrecommended ("<bcp14>SHOULD</bcp14>") algorithm for TCP ISN generation in <xref target="draft-eddy-rfc793bis-04"/>, an early revision of the core TCP specification <xref target="RFC9293"/>. </dd> <dt>August 2022:</dt> <dd> <xref target="RFC9293" format="default"/>, a revision of the core TCPprotocolspecification,incorporatesis published, adopting the algorithm specified in <xreftarget="RFC6528"/>target="RFC6528" format="default"/> as the recommended ("SHOULD") algorithm for TCP ISN generation.</t> </list> </t></dd> </dl> </section> <sectiontitle="IPv6anchor="ipv6-iids" numbered="true" toc="default"> <name>IPv6 Interface Identifiers(IIDs)" anchor="ipv6-iids">(IIDs)</name> <t>IPv6 Interface Identifiers can be generated as a result of different mechanisms, includingSLAACStateless Address Autoconfiguration (SLAAC) <xreftarget="RFC4862"/>,target="RFC4862" format="default"/>, DHCPv6 <xreftarget="RFC8415"/>,target="RFC8415" format="default"/>, and manual configuration. This section focuses on Interface Identifiers resulting from SLAAC.</t> <t>The Interface Identifier of stable(traditional)IPv6 addresses resulting from SLAAChave traditionallyoriginally resulted in the underlying link-layer address being embedded in theIID.<!-- IPv6 addresses resulting from SLAAC are currently required to employ Modified EUI-64 format identifiers, which essentially embed the underlying link-layer address of the corresponding network interface. -->IID. At the time, employing the underlying link-layer address for the IID was seen as a convenient way to obtain a unique address. However, recent awareness about the security and privacy properties of this approach <xreftarget="RFC7707"/>target="RFC7707" format="default"/> <xreftarget="RFC7721"/>target="RFC7721" format="default"/> has led to the replacement of this flawed scheme with an alternative one <xreftarget="RFC7217"/>target="RFC7217" format="default"/> <xreftarget="RFC8064"/>target="RFC8064" format="default"/> that does not negatively affect the security and privacy properties of the protocol. </t><t> <list style="hanging"> <t hangText="January 1997:"> <vspace blankLines="0" /><xref target="RFC2073"/><dl newline="true" spacing="normal"> <dt>January 1997:</dt> <dd> <xref target="RFC2073" format="default"/> specifies the syntax of IPv6 global addresses (referred to as "An IPv6 Provider-Based Unicast Address Format" at the time), which is consistent with the IPv6 addressing architecture specified in <xreftarget="RFC1884"/>.target="RFC1884" format="default"/>. Hosts are recommended to "generate addresses using link-specific addresses as Interface ID such as 48 bit IEEE-802 MAC addresses".</t> <t hangText="July 1998:"> <vspace blankLines="0" /><xref target="RFC2374"/></dd> <dt>July 1998:</dt> <dd> <xref target="RFC2374" format="default"/> specifies "An IPv6 Aggregatable Global Unicast Address Format" (obsoleting <xreftarget="RFC2373"/>)target="RFC2073" format="default"/>), changing the size of the IID to 64 bits, and specifies that IIDs must be constructed in IEEEEUI-6464-bit Extended Unique Identifier (EUI-64) format. How such identifiers are constructedbecomesis specified in the corresponding "IPv6 over <link>" specifications, such as "IPv6 over Ethernet".</t> <t hangText="January 2001:"> <vspace blankLines="0" /><xref target="RFC3041"/></dd> <dt>January 2001:</dt> <dd> <xref target="RFC3041" format="default"/> recognizes the problem of IPv6 network activitycorrelation,correlation and specifies IPv6 temporary addresses. Temporary addresses are to be used along with stable addresses.</t> <t hangText="August 2003:"> <vspace blankLines="0" /><xref target="RFC3587"/></dd> <dt>August 2003:</dt> <dd> <xref target="RFC3587" format="default"/> obsoletes <xreftarget="RFC2374"/>,target="RFC2374" format="default"/>, making theTLA/NLATop-Level Aggregator (TLA) / Next-Level Aggregator (NLA) structurehistoric. Thehistoric, though the syntax and recommendations for thetraditionalstable IIDs remainunchanged, though. </t> <t hangText="February 2006:"> <vspace blankLines="0" /><xref target="RFC4291"/>unchanged. </dd> <dt>February 2006:</dt> <dd> <xref target="RFC4291" format="default"/> is published as the latest "IP Version 6 Addressing Architecture", requiring the IIDs of "all unicast addresses, except those that start with thetraditional (stable) IPv6 addresses resulting from SLAACbinary value 000" to employ the Modified EUI-64 format. The details of constructing such interface identifiers are defined in the corresponding "IPv6 over <link>" specifications.</t> <t hangText="March 2008:"> <vspace blankLines="0" /><xref target="RFC5157"/></dd> <dt>March 2008:</dt> <dd> <xref target="RFC5157" format="default"/> provides hints regarding how patterns in IPv6 addresses could be leveraged for the purpose of address scanning.</t> <t hangText="December 2011:"> <vspace blankLines="0" /><xref target="draft-gont-6man-stable-privacy-addresses-00"/></dd> <dt>December 2011:</dt> <dd> <xref target="draft-gont-6man-stable-privacy-addresses-00" format="default"/> notes that thetraditionaloriginal scheme for generating stable addresses allows for IPv6 addressscanning,scanning andalso does not preventfor activenode tracking.host tracking (even when IPv6 temporary addresses are employed). It also specifies an alternative algorithm meant to replace IIDs based on Modified EUI-64 format identifiers.</t> <t hangText="November 2012:"> <vspace blankLines="0" />The</dd> <dt>November 2012:</dt> <dd>The 6man WG adopts <xreftarget="I-D.gont-6man-stable-privacy-addresses"/>target="draft-gont-6man-stable-privacy-addresses-01" format="default"/> as a working group item (as <xreftarget="draft-ietf-6man-stable-privacy-addresses-00"/>).target="draft-ietf-6man-stable-privacy-addresses-00" format="default"/>). However, the document no longer formally updates <xreftarget="RFC4291"/>, and thereforetarget="RFC4291" format="default"/>; therefore, the specified algorithm no longer formally replaces the Modified EUI-64 format identifiers.</t> <t hangText="February 2013:"> <vspace blankLines="0" />An</dd> <dt>February 2013:</dt> <dd>An address-scanning tool (scan6 of <xreftarget="IPv6-Toolkit"/>)target="IPv6-Toolkit" format="default"/>) that leverages IPv6 address patterns is released <xreftarget="Gont2013"/>. </t> <t hangText="July 2013:"> <vspace blankLines="0" /><xref target="I-D.cooper-6man-ipv6-address-generation-privacy"/>target="Gont2013" format="default"/>. </dd> <dt>July 2013:</dt> <dd> <xref target="draft-cooper-6man-ipv6-address-generation-privacy-00" format="default"/> elaborates on the security and privacy properties of all known algorithms for generating IPv6 IIDs.</t> <t hangText="January 2014:"> <vspace blankLines="0" />The</dd> <dt>January 2014:</dt> <dd>The 6man WGpublishesposts <xreftarget="draft-ietf-6man-default-iids-00"/>target="draft-ietf-6man-default-iids-00" format="default"/> ("Recommendation on Stable IPv6 Interface Identifiers"), recommending <xreftarget="I-D.ietf-6man-stable-privacy-addresses"/>target="draft-ietf-6man-stable-privacy-addresses-17" format="default"/> for the generation of stable addresses.</t> <t hangText="April 2014:"> <vspace blankLines="0" /><xref target="RFC7217"/></dd> <dt>April 2014:</dt> <dd> <xref target="RFC7217" format="default"/> (formerly <xreftarget="I-D.ietf-6man-stable-privacy-addresses"/>)target="draft-ietf-6man-stable-privacy-addresses-17" format="default"/>) is published, specifying "A Method for Generating Semantically Opaque Interface Identifiers with IPv6 Stateless Address Autoconfiguration (SLAAC)" as an alternative to (but*not*<strong>not</strong> replacement of) Modified EUI-64 format IIDs.</t> <t hangText="March 2016:"> <vspace blankLines="0" /><xref target="RFC7707"/></dd> <dt>March 2016:</dt> <dd> <xref target="RFC7707" format="default"/> (formerly <xreftarget="I-D.gont-opsec-ipv6-host-scanning"/>,target="draft-gont-opsec-ipv6-host-scanning-02" format="default"/> and later <xreftarget="I-D.ietf-opsec-ipv6-host-scanning"/>),target="draft-ietf-opsec-ipv6-host-scanning-08" format="default"/>), about "Network Reconnaissance in IPv6 Networks", is published.</t> <t hangText="March 2016:"> <vspace blankLines="0" /><xref target="RFC7721"/></dd> <dt>March 2016:</dt> <dd> <xref target="RFC7721" format="default"/> (formerly <xreftarget="I-D.cooper-6man-ipv6-address-generation-privacy"/>target="draft-cooper-6man-ipv6-address-generation-privacy-00" format="default"/> and later <xreftarget="I-D.ietf-6man-ipv6-address-generation-privacy"/>),target="draft-ietf-6man-ipv6-address-generation-privacy-08" format="default"/>), about "Security and Privacy Considerations for IPv6 Address Generation Mechanisms", is published.</t> <t hangText="May 2016:"> <vspace blankLines="0" /><xref target="draft-gont-6man-non-stable-iids-00"/></dd> <dt>May 2016:</dt> <dd> <xref target="draft-gont-6man-non-stable-iids-00" format="default"/> ispublished,posted, with the goal of specifying requirements for non-stableaddresses,addresses and updating <xreftarget="RFC4941"/>target="RFC4941" format="default"/> such that use of only temporary addresses is allowed.</t> <t hangText="May 2016:"> <vspace blankLines="0" /><xref target="draft-gont-6man-address-usage-recommendations-00"/></dd> <dt>May 2016:</dt> <dd> <xref target="draft-gont-6man-address-usage-recommendations-00" format="default"/> ispublished,posted, providing an analysis of how different aspects on an address (from stability to usage mode) affect their corresponding security and privacyproperties,properties and meaning to eventually provide advice in this area.</t> <t hangText="February 2017:"> <vspace blankLines="0" />The</dd> <dt>February 2017:</dt> <dd><xref target="draft-ietf-6man-default-iids-16" format="default"/>, produced by the 6manWG publishesWG, is published as <xreftarget="RFC8064"/>target="RFC8064" format="default"/> ("Recommendation on Stable IPv6 InterfaceIdentifiers") (formerly <xref target="I-D.ietf-6man-default-iids"/>),Identifiers"), with requirements for stable addresses and a recommendation to employ <xreftarget="RFC7217"/>target="RFC7217" format="default"/> for the generation of stable addresses. It formally updates a large number of RFCs.</t> <t hangText="March 2018:"> <vspace blankLines="0" /><xref target="draft-fgont-6man-rfc4941bis-00"/></dd> <dt>March 2018:</dt> <dd> <xref target="draft-fgont-6man-rfc4941bis-00" format="default"/> ispublishedposted (as suggested by the 6manWG),WG) to address flaws in <xreftarget="RFC4941"/>target="RFC4941" format="default"/> by revising it (as an alternative to the <xreftarget="draft-gont-6man-non-stable-iids-00"/>target="draft-gont-6man-non-stable-iids-00" format="default"/> effort,publishedposted in March 2016).</t> <t hangText="July 2018:"> <vspace blankLines="0" /><xref target="draft-fgont-6man-rfc4941bis-00"/></dd> <dt>July 2018:</dt> <dd> <xref target="draft-fgont-6man-rfc4941bis-00" format="default"/> is adopted (as <xreftarget="draft-ietf-6man-rfc4941bis-00"/>)target="draft-ietf-6man-rfc4941bis-00" format="default"/>) as a WG item of the 6man WG.</t> <t hangText="December 2020:"> <vspace blankLines="0" /><xref target="I-D.ietf-6man-rfc4941bis"/></dd> <dt>December 2020:</dt> <dd> <xref target="draft-ietf-6man-rfc4941bis-12" format="default"/> is approved by the IESG for publication as an RFC.</t> <t hangText="February 2021:"> <vspace blankLines="0" /><xref target="I-D.ietf-6man-rfc4941bis"/></dd> <dt>February 2021:</dt> <dd> <xref target="draft-ietf-6man-rfc4941bis-12" format="default"/> is finally published as <xreftarget="RFC8981"/>. </t> </list> </t>target="RFC8981" format="default"/>. </dd> </dl> </section> <sectiontitle="NTPanchor="ntp-refid" numbered="true" toc="default"> <name>NTP Reference IDs(REFIDs)" anchor="ntp-refid">(REFIDs)</name> <t>The NTP <xreftarget="RFC5905"/>target="RFC5905" format="default"/> Reference ID is a 32-bit code identifying the particular server or reference clock. Above stratum 1 (secondary servers and clients), this value can be employed to avoid degree-one timingloops;loops, that is, scenarios where two NTP peers are (mutually) the time source of each other. If using the IPv4 address family, the identifier is the four-octet IPv4 address. If using the IPv6 address family, it is the first four octets of the MD5 hash of the IPv6 address.</t><t> <list style="hanging"> <t hangText="June 2010:"> <vspace blankLines="0" /><xref target="RFC5905"/>, "Network<dl newline="true" spacing="normal"> <dt>June 2010:</dt> <dd> <xref target="RFC5905" format="default"/> ("Network Time Protocol Version 4: Protocol and AlgorithmsSpecification"Specification") is published. It specifiesthatthat, for NTP peers with stratum higher than11, the REFID embeds the IPv4Addressaddress of the time source oranthe first four octets of the MD5 hash of the IPv6 address of the time source.</t> <t hangText="July 2016:"> <vspace blankLines="0" /><xref target="draft-stenn-ntp-not-you-refid-00"/></dd> <dt>July 2016:</dt> <dd> <xref target="draft-stenn-ntp-not-you-refid-00" format="default"/> ispublished,posted, describing the information leakage produced via the NTP REFID. It proposes that NTP returns a special REFID when a packet employs an IP Source Address that is not believed to be a current NTPpeer,peer but otherwise generates and returns thetraditionalcommon REFID. It is subsequently adopted by the NTP WG as <xreftarget="I-D.ietf-ntp-refid-updates"/>. </t> <t hangText="April 2019:"> <vspace blankLines="0" /><xref target="Gont-NTP"/>target="draft-ietf-ntp-refid-updates-00" format="default"/>. </dd> <dt>April 2019:</dt> <dd> <xref target="Gont-NTP" format="default"/> notes that the proposed fix specified in <xreftarget="draft-ietf-ntp-refid-updates-00"/>target="draft-ietf-ntp-refid-updates-00" format="default"/> is, at the very least, sub-optimal. As a result of a lack of WG support, the <xref target="draft-ietf-ntp-refid-updates-00" format="default"/> effort is eventually abandoned.</t> </list> </t></dd> </dl> </section> <sectiontitle="Transport Protocolanchor="port-numbers" numbered="true" toc="default"> <name>Transport-Protocol Ephemeral PortNumbers" anchor="port-numbers">Numbers</name> <t>Most (if not all) transport protocols employ "port numbers" to demultiplex packets to the correspondingtransport protocol instances.</t> <!-- [fgont] esto hay que expandirlo, como en los otros casos --> <t> <list style="hanging"> <t hangText="August 1980:"> <vspace blankLines="0" /><xref target="RFC0768"/>transport-protocol instances. "Ephemeral ports" refer to the local ports employed in active OPEN requests, that is, typically the local port numbers employed on the side initiating the communication.</t> <dl newline="true" spacing="normal"> <dt>August 1980:</dt> <dd> <xref target="RFC0768" format="default"/> notes that the UDP source port is optional and identifies the port of the sending process. It does not specify interoperability requirements for source port selection, nor does it suggest possible ways to select port numbers. Most popular implementations end up selecting source ports from a system-wide globalcounter.</t> <t hangText="September 1981:"> <vspace blankLines="0" /><xref target="RFC0793"/>counter.</dd> <dt>September 1981:</dt> <dd> <xref target="RFC0793" format="default"/> (the TCP specification) essentially describes the use of portnumbers,numbers and specifies that port numbers should result in a unique socket pair(local{local address, local port, remote address, remoteport).port}. How ephemeral ports(i.e. port numbers for "active opens")areselected,selected and the port range from which they areselected,selected are left unspecified.</t> <t hangText="July 1996:"> <vspace blankLines="0" />OpenBSD</dd> <dt>July 1996:</dt> <dd>OpenBSD implements ephemeral port randomization <xreftarget="OpenBSD-PR"/>.<!-- This feature eventually shipped with OpenBSD 2.0.--> </t> <t hangText="July 2008:"> <vspace blankLines="0" />Thetarget="OpenBSD-PR" format="default"/>. </dd> <dt>July 2008:</dt> <dd>The CERT CoordinationCentre publishedCenter publishes details of what became known as the"Kaminsky Attack""Kaminsky Attack" <xreftarget="VU-800113"/>target="VU-800113" format="default"/> <xreftarget="Kaminsky2008"/>target="Kaminsky2008" format="default"/> on the DNS. The attackexploitedexploits the lack ofsourceephemeral port randomization and DNS ID randomization in many major DNS implementations to perform cache poisoning in an effective and practical manner.</t> <t hangText="January 2009:"> <vspace blankLines="0" /><xref target="RFC5452"/></dd> <dt>January 2009:</dt> <dd> <xref target="RFC5452" format="default"/> mandates the use of port randomization for DNSresolvers,resolvers and mandates that implementations must randomize ports from the range of available ports (53 or1024,1024 and above)or the largestthat is as large as possibleport range.and practicable. It does not recommend possible algorithms for port randomization, although the document specifically targets DNS resolvers, for which a simple port randomization suffices(e.g.(e.g., Algorithm 1 of <xreftarget="RFC6056"/>).target="RFC6056" format="default"/>). This document led to the implementation of port randomization in the DNSresolverresolvers themselves, rather than in the underlyingtransport-protocols. </t> <t hangText="January 2011:"> <vspace blankLines="0" /><xref target="RFC6056"/>transport protocols. </dd> <dt>January 2011:</dt> <dd> <xref target="RFC6056" format="default"/> notes that many TCP and UDP implementations result in predictable ephemeral portnumbers,numbers and also notes that many implementations select port numbers from a small portion of the whole port number space. It recommends the implementation and use of ephemeral port randomization, proposes a number of possible algorithms for port randomization, and also recommends to randomize port numbers over the range 1024-65535.</t> <t hangText="March 2016:"> <vspace blankLines="0" /><xref target="NIST-NTP"/></dd> <dt>March 2016:</dt> <dd> <xref target="NIST-NTP" format="default"/> reports a non-normal distribution of the ephemeral port numbers employed by the NTP clients of an Internet Time Service.</t> <t hangText="April 2019:"> <vspace blankLines="0" /><xref target="I-D.gont-ntp-port-randomization"/></dd> <dt>April 2019:</dt> <dd> <xref target="draft-gont-ntp-port-randomization-00" format="default"/> notes that some NTP implementations employ the NTP service port (123) as the local port fornon-symmetric modes,nonsymmetric modes and aims to update the NTP specification to recommend port randomization in such cases, which is in line with <xreftarget="RFC6056"/>.target="RFC6056" format="default"/>. The proposal experiences somepush-backpushback in the relevant working group (NTP WG) <xreftarget="NTP-PORTR"/>,target="NTP-PORTR" format="default"/> but is finally adopted as a working group item as <xreftarget="I-D.ietf-ntp-port-randomization"/>. </t> <t hangText="August 2021:"> <vspace blankLines="0" /><xref target="I-D.ietf-ntp-port-randomization"/>target="draft-ietf-ntp-port-randomization-00" format="default"/>. </dd> <dt>August 2021:</dt> <dd> <xref target="draft-ietf-ntp-port-randomization-08" format="default"/> is finally published as <xreftarget="RFC9109"/>. </t> </list> </t>target="RFC9109" format="default"/>. </dd> </dl> </section> <sectiontitle="DNS Query ID" anchor="dns-query-id">anchor="dns-query-id" numbered="true" toc="default"> <name>DNS ID</name> <t>The DNSQueryID <xreftarget="RFC1035"/>target="RFC1035" format="default"/> can be employed to match DNS replies to outstanding DNSqueries. <list style="hanging"> <t hangText="November 1987:"> <vspace blankLines="0" /><xref target="RFC1035"/>queries.</t> <aside> <t>NOTE: Some documents refer to the DNS ID as the DNS "Query ID" or "TxID".</t> </aside> <dl newline="true" spacing="normal"> <dt>November 1987:</dt> <dd> <xref target="RFC1035" format="default"/> specifies that the DNS ID is a16 bit16-bit identifier assigned by the program that generates any kind ofquery,query and that this identifier is copied in the corresponding reply and can be used by the requester to match up replies to outstanding queries. It does not specify the interoperability requirements forthesethis numericidentifiers,identifier, nor does it suggest an algorithm for generatingthem.</t> <t hangText="1993:"> <vspace blankLines="0" /><xref target="Schuba1993"/>it.</dd> <dt>August 1993:</dt> <dd> <xref target="Schuba1993" format="default"/> describes DNS cache poisoning attacks that require the attacker to guess theQuery ID.</t> <t hangText="June 1995:"> <vspace blankLines="0" /><xref target="Vixie1995"/>DNS ID.</dd> <dt>June 1995:</dt> <dd> <xref target="Vixie1995" format="default"/> suggests that both the UDP source port and the DNS ID of query packets should be randomized, although that might not provide enough entropy to prevent an attacker from guessing thesevalues.</t> <t hangText="April 1997:"> <vspace blankLines="0" /><xref target="Arce1997"/>values.</dd> <dt>April 1997:</dt> <dd> <xref target="Arce1997" format="default"/> finds that implementations employ predictable UDP source ports and predictableQuery IDs,DNS IDs and argues that both should berandomized.</t> <t hangText="November 2002:"> <vspace blankLines="0" /><xref target="Sacramento2002"/>randomized.</dd> <dt>November 2002:</dt> <dd> <xref target="Sacramento2002" format="default"/> findsthatthat, by spoofing multiple requests for the same domain name from different IP addresses, an attacker may guess theQueryDNS ID employed for a victim with a high probability of success, thusperformingallowing for DNS cache poisoningattacks.</t> <t hangText="July 2007:"> <vspace blankLines="0" /><xref target="Klein2007b"/>attacks.</dd> <dt>March 2007:</dt> <dd> <xref target="Klein2007c" format="default"/> finds that the Microsoft Windows DNS server generates predictable DNS ID values. </dd> <dt>July 2007:</dt> <dd> <xref target="Klein2007b" format="default"/> finds that a popular DNS server software (BIND 9) that randomizes theQueryDNS ID is still subject to DNS cache poisoning attacks by forging a large number of queries and leveraging the birthday paradox.</t> <t hangText="March 2007:"> <vspace blankLines="0" /><xref target="Klein2007c"/> finds that Microsoft Windows DNS Server generates predictable Query ID values. </t> <t hangText="October 2007:"> <vspace blankLines="0" /><xref target="Klein2007"/></dd> <dt>October 2007:</dt> <dd> <xref target="Klein2007" format="default"/> finds that OpenBSD's DNS software (based onISC'sthe BIND DNSServer)server of the Internet Systems Consortium (ISC)) generates predictableQueryDNS ID values.</t> <t hangText="January 2009:"> <vspace blankLines="0" /><xref target="RFC5452"/></dd> <dt>January 2009:</dt> <dd> <xref target="RFC5452" format="default"/> is published, requiring resolvers to randomize theQueryDNS ID ofDNS queries,queries and to verify that theQueryDNS ID of aDNSreply matches that of the DNS query as part of the DNS reply validation process.</t> <t hangText="May 2010:"> <vspace blankLines="0" /><xref target="Economou2010"/></dd> <dt>May 2010:</dt> <dd> <xref target="Economou2010" format="default"/> finds that the Windows SMTP Service implements its own DNS resolver that results in predictableQueryDNS ID values. Additionally, it fails to validate that theQueryDNS ID ofDNSa reply matchesthe one fromthat of the DNS query that supposedly elicitedthe reply. </t> </list> </t>it. </dd> </dl> </section> </section> <sectiontitle="Conclusions" anchor="conclusions">anchor="conclusions" numbered="true" toc="default"> <name>Conclusions</name> <t> For more than 30 years, a large number of implementations oftheIETF protocols have been subject to a variety of attacks, with effects ranging from Denial of Service (DoS) or datainjection,injection to information leakages that could be exploited for pervasive monitoring <xreftarget="RFC7258"/>.target="RFC7258" format="default"/>. The root cause of these issues has been, in many cases, the poor selection of transient numericidentifiers,identifiers in such protocols, usually as a result of insufficient or misleading specifications. </t> <t> While it is generally possible to identify an algorithm that can satisfy the interoperability requirements for a given transient numeric identifier, this document provides empirical evidence that doing so without negatively affecting the securityorand/or privacy properties of the aforementioned protocols isnon-trivial.nontrivial. It is thus evident that advice in this area is warranted. </t> <t> <xreftarget="I-D.gont-numeric-ids-sec-considerations"/>target="RFC9416" format="default"/> aims at requiring future IETF protocol specifications to contain analysis of the security and privacy properties of any transient numeric identifiers specified by theprotocol,protocol and to recommend an algorithm for the generation of such transient numeric identifiers. <xreftarget="I-D.irtf-pearg-numeric-ids-generation"/>target="RFC9415" format="default"/> specifies a number of sample algorithms for generating transient numeric identifiers with specificinterorabilityinteroperability requirements and failure severities. </t> </section> <sectiontitle="IANA Considerations" anchor="iana-considerations"> <t>There areanchor="iana-considerations" numbered="true" toc="default"> <name>IANA Considerations</name> <t>This document has no IANAregistries within this document.</t>actions.</t> </section> <sectiontitle="Security Considerations">numbered="true" toc="default"> <name>Security Considerations</name> <t>This document analyzes the timeline of the specification and implementation of the transient numeric identifiers of some sample IETFprotocols,protocols and how the security and privacy properties of such protocols have been affected as a result of it. It provides concrete evidence that advice in this area is warranted.</t> <t><xreftarget="I-D.gont-numeric-ids-sec-considerations"/>target="RFC9415" format="default"/> analyzes and categorizes transient numeric identifiers based on their interoperability requirements and their associated failure severities and recommends possible algorithms that can be employed to comply with those requirements without negatively affecting the security and privacy properties of the corresponding protocols.</t> <t><xref target="RFC9416" format="default"/> formally requires IETF protocol specifications to specify the interoperability requirements for their transient numeric identifiers, to do a warranted vulnerability assessment of such transient numeric identifiers, and to recommend possible algorithms for their generation, such that the interoperability requirements are complied with, while any negative securityandor privacy properties of these transient numeric identifiers are mitigated.</t><t><xref target="I-D.irtf-pearg-numeric-ids-generation"/> analyzes and categorizes transient numeric identifiers based on their interoperability requirements and their associated failure severities, and recommends possible algorithms that can comply with those requirements without negatively affecting the security and privacy properties of the corresponding protocols.</t> </section> <section title="Acknowledgements"> <t>The authors would like to thank (in alphabetical order) Bernard Aboba, Dave Crocker, Spencer Dawkins, Theo de Raadt, Sara Dickinson, Guillermo Gont, Christian Huitema, Colin Perkins, Vincent Roca, Kris Shrishak, Joe Touch, Brian Trammell, and Christopher Wood, for providing valuable comments on earlier versions of this document.</t> <t>The authors would like to thank (in alphabetical order) Steven Bellovin, Joseph Lorenzo Hall, Gre Norcie, and Martin Thomson, for providing valuable comments on <xref target="I-D.gont-predictable-numeric-ids"/>, on which this document is based.</t> <t><xref target="tcp-isns"/> of this document borrows text from <xref target="RFC6528"/>, authored by Fernando Gont and Steven Bellovin.</t> <t>The authors would like to thank Sara Dickinson and Christopher Wood, for their guidance during the publication process of this document.</t> <t>The authors would like to thank Diego Armando Maradona for his magic and inspiration.</t></section> </middle> <back><references title='Normative References'> <!-- <?rfc include="reference.RFC.2119" ?> <?rfc include="reference.RFC.2119" ?> --> <!-- UDP --> <?rfc include="reference.RFC.0768" ?> <!-- TCP sequence numbers --> <?rfc include="reference.RFC.0793" ?> <?rfc include="reference.RFC.6528" ?> <!-- TCP SEQ randomization --> <!-- IPv4--> <?rfc include="reference.RFC.0791" ?> <!-- IPv6 --> <?rfc include="reference.RFC.1883" ?> <?rfc include="reference.RFC.2460" ?> <?rfc include="reference.RFC.8200" ?> <!-- Randomness requirements--> <!-- <?rfc include="reference.RFC.4086" ?> --> <!-- <?rfc include="reference.RFC.6151" ?> --> <!-- IPv6 Addresses --> <?rfc include="reference.RFC.7217" ?> <?rfc include="reference.RFC.3041" ?> <?rfc include="reference.RFC.2073" ?> <?rfc include="reference.RFC.2374" ?> <?rfc include="reference.RFC.3587" ?> <?rfc include="reference.RFC.1884" ?> <?rfc include="reference.RFC.4291" ?> <?rfc include="reference.RFC.4941" ?> <?rfc include="reference.RFC.2373" ?> <?rfc include="reference.RFC.4862" ?> <?rfc include="reference.RFC.8415" ?> <!-- TCP ISNs --> <?rfc include="reference.RFC.1323" ?> <!-- Port randomization --> <?rfc include="reference.RFC.6056" ?> <?rfc include="reference.RFC.5452" ?><references> <name>References</name> <references> <name>Normative References</name> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.0768.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.0793.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6528.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.0791.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.1883.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2460.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7217.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.3041.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2073.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2374.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.3587.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.1884.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4291.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4941.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4862.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8415.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.1323.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6056.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5452.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9293.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7323.xml"/> </references><references title='Informative References'><references> <name>Informative References</name> <reference anchor="OpenBSD-PR" target="https://cvsweb.openbsd.org/src/sys/netinet/in_pcb.c?rev=1.6"> <front> <title>Implementation of port randomization</title> <author> <organization>OpenBSD</organization> </author> <dateday="29"month="July" year="1996"/> </front> </reference> <reference anchor="VU-800113" target="https://www.kb.cert.org/vuls/id/800113"> <front> <title>Multiple DNS implementations vulnerable to cachepoisoning (Vulnerability Note VU#800113)</title>poisoning</title> <author> <organization>CERT/CC</organization> </author> <dateday="8"month="July" year="2008"/> </front> <refcontent>Vulnerability Note VU#800113</refcontent> </reference> <reference anchor="IANA-PROT" target="https://www.iana.org/protocols"> <front> <title>Protocol Registries</title> <author> <organization>IANA</organization> </author> </front> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5157.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8981.xml"/> <reference anchor="draft-ietf-6man-rfc4941bis-12" target="https://www.ietf.org/archive/id/draft-ietf-6man-rfc4941bis-12.txt"> <front> <title> Temporary Address Extensions for Stateless Address Autoconfiguration in IPv6 </title> <authorinitials="" surname="IANA" fullname="IANA"> <organization></organization>initials="F." surname="Gont" fullname="Fernando Gont"> <organization>SI6 Networks</organization> </author><date/><author initials="S." surname="Krishnan" fullname="Suresh Krishnan"> <organization>Kaloom</organization> </author> <author initials="T." surname="Narten" fullname="Dr. Thomas Narten"> </author> <author initials="R." surname="Draves" fullname="Richard P. Draves"> <organization>Microsoft Research</organization> </author> <date month="November" day="2" year="2020"/> </front><!--<seriesInfoname="" value="Federal Information Processing Standards Publication 180-4"/> -->name="Internet-Draft" value="draft-ietf-6man-rfc4941bis-12"/> </reference><!--<reference anchor="draft-gont-opsec-ipv6-host-scanning-02" target="https://www.ietf.org/archive/id/draft-gont-opsec-ipv6-host-scanning-02.txt"> <front> <title>Network Reconnaissance in IPv6 Networks</title> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <author fullname="Tim Chown" initials="T." surname="Chown"/> <date day="23" month="October" year="2012"/> </front> <seriesInfo name="Internet-Draft" value="draft-gont-opsec-ipv6-host-scanning-02"/> </reference> <reference anchor="draft-ietf-opsec-ipv6-host-scanning-08" target="https://www.ietf.org/archive/id/draft-ietf-opsec-ipv6-host-scanning-08.txt"> <front> <title>Network Reconnaissance in IPv6 Networks</title> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <author fullname="Tim Chown" initials="T." surname="Chown"/> <date day="28" month="August" year="2015"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-opsec-ipv6-host-scanning-08"/> </reference> <reference anchor="draft-gont-6man-stable-privacy-addresses-01" target="https://www.ietf.org/archive/id/draft-gont-6man-stable-privacy-addresses-01.txt"> <front> <title> A method for Generating Stable Privacy-Enhanced Addresses--> <?rfc include="reference.RFC.5157" ?> <?rfc include="reference.RFC.8981" ?> <?rfc include="reference.I-D.ietf-6man-rfc4941bis" ?> <?rfc include="reference.I-D.gont-opsec-ipv6-host-scanning" ?> <?rfc include="reference.I-D.ietf-opsec-ipv6-host-scanning" ?> <?rfc include="reference.I-D.gont-6man-stable-privacy-addresses" ?> <?rfc include="reference.I-D.ietf-6man-stable-privacy-addresses" ?> <?rfc include="reference.I-D.cooper-6man-ipv6-address-generation-privacy" ?> <?rfc include="reference.I-D.ietf-6man-ipv6-address-generation-privacy" ?>with IPv6 Stateless Address Autoconfiguration (SLAAC) </title> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <date day="31" month="March" year="2012"/> </front> <seriesInfo name="Internet-Draft" value="draft-gont-6man-stable-privacy-addresses-01"/> </reference> <reference anchor="draft-ietf-6man-stable-privacy-addresses-17" target="https://www.ietf.org/archive/id/draft-ietf-6man-stable-privacy-addresses-17.txt"> <front> <title>A Method for Generating Semantically Opaque Interface Identifiers with IPv6 Stateless Address Autoconfiguration (SLAAC)</title> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <date day="27" month="January" year="2014"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-6man-stable-privacy-addresses-17"/> </reference> <reference anchor="draft-cooper-6man-ipv6-address-generation-privacy-00" target="https://www.ietf.org/archive/id/draft-cooper-6man-ipv6-address-generation-privacy-00.txt"> <front> <title>Privacy Considerations for IPv6 Address Generation Mechanisms</title> <author fullname="Alissa Cooper" initials="A." surname="Cooper"/> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <author fullname="Dave Thaler" initials="D." surname="Thaler"/> <date day="15" month="July" year="2013"/> </front> <seriesInfo name="Internet-Draft" value="draft-cooper-6man-ipv6-address-generation-privacy-00"/> </reference> <reference anchor="draft-ietf-6man-ipv6-address-generation-privacy-08" target="https://www.ietf.org/archive/id/draft-ietf-6man-ipv6-address-generation-privacy-08.txt"> <front> <title>Privacy Considerations for IPv6 Address Generation Mechanisms</title> <author fullname="Alissa Cooper" initials="A." surname="Cooper"/> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <author fullname="Dave Thaler" initials="D." surname="Thaler"/> <date day="23" month="September" year="2015"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-6man-ipv6-address-generation-privacy-08"/> </reference> <reference anchor="Gont2013" target="https://lists.si6networks.com/pipermail/ipv6hackers/2013-February/000947.html"> <front> <title>Beta release of the SI6 Network's IPv6 Toolkit (help wanted!)</title> <author fullname="Fernando Gont" initials="F." surname="Gont"> </author> <dateyear="2013"/>day="11" year="2013" month="February"/> </front><seriesInfo name="Message posted<refcontent>message to the IPv6 Hackersmailing-list" value=" Message-ID: <51184548.3030105@si6networks.com>"/>mailing list</refcontent> </reference> <reference anchor="IPv6-Toolkit" target="https://www.si6networks.com/tools/ipv6toolkit"> <front><title>SI6 Networks' IPv6<title>IPv6 Toolkit</title> <author> <organization>SI6 Networks</organization> </author><date/></front> </reference> <referenceanchor='draft-gont-6man-stable-privacy-addresses-00'>anchor="draft-gont-6man-stable-privacy-addresses-00" target="https://www.ietf.org/archive/id/draft-gont-6man-stable-privacy-addresses-00.txt"> <front><title>A<title> A method for Generating Stable Privacy-Enhanced Addresses with IPv6 Stateless Address Autoconfiguration(SLAAC)</title>(SLAAC) </title> <author fullname="Fernando Gont" initials="F."surname="Gont"> </author>surname="Gont"/> <datemonth='December' day='15' year='2011' />day="15" month="December" year="2011"/> </front> <seriesInfoname='Internet-Draft' value='draft-gont-6man-stable-privacy-addresses-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-gont-6man-stable-privacy-addresses-00.txt' />name="Internet-Draft" value="draft-gont-6man-stable-privacy-addresses-00"/> </reference> <referenceanchor='draft-ietf-6man-stable-privacy-addresses-00'>anchor="draft-ietf-6man-stable-privacy-addresses-00" target="https://www.ietf.org/archive/id/draft-ietf-6man-stable-privacy-addresses-00.txt"> <front><title>A<title> A method for Generating Stable Privacy-Enhanced Addresses with IPv6 Stateless Address Autoconfiguration(SLAAC)</title>(SLAAC) </title> <author fullname="Fernando Gont" initials="F."surname="Gont"> </author>surname="Gont"/> <datemonth='May' day='18' year='2012' />day="18" month="May" year="2012"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-6man-stable-privacy-addresses-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-ietf-6man-stable-privacy-addresses-00.txt' />name="Internet-Draft" value="draft-ietf-6man-stable-privacy-addresses-00"/> </reference> <referenceanchor='draft-gont-6man-address-usage-recommendations-00'>anchor="draft-gont-6man-address-usage-recommendations-00" target="https://www.ietf.org/archive/id/draft-gont-6man-address-usage-recommendations-00.txt"> <front> <title>IPv6 Address Usage Recommendations</title> <author fullname="Fernando Gont" initials="F."surname="Gont"> </author>surname="Gont"/> <authorinitials="W." surname="Liu"fullname="WillLiu"> </author>(Shucheng) LIU" initials="W." surname="LIU"/> <datemonth='May' day='27' year='2016' />day="27" month="May" year="2016"/> </front> <seriesInfoname='Internet-Draft' value='draft-gont-6man-address-usage-recommendations-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-gont-6man-address-usage-recommendations-00.txt' />name="Internet-Draft" value="draft-gont-6man-address-usage-recommendations-00"/> </reference> <referenceanchor='draft-gont-6man-non-stable-iids-00'>anchor="draft-gont-6man-non-stable-iids-00" target="https://www.ietf.org/archive/id/draft-gont-6man-non-stable-iids-00.txt"> <front><title>Recommendation<title> Recommendation on Non-Stable IPv6 InterfaceIdentifiers</title>Identifiers </title> <author fullname="Fernando Gont" initials="F."surname="Gont"> </author>surname="Gont"/> <authorinitials="W." surname="Liu"fullname="WillLiu"> </author>(Shucheng) Liu" initials="W." surname="Liu"/> <datemonth='May' day='23' year='2016' />day="23" month="May" year="2016"/> </front> <seriesInfoname='Internet-Draft' value='draft-gont-6man-non-stable-iids-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-gont-6man-non-stable-iids-00.txt' />name="Internet-Draft" value="draft-gont-6man-non-stable-iids-00"/> </reference> <referenceanchor='draft-ietf-6man-default-iids-00'>anchor="draft-ietf-6man-default-iids-00" target="https://www.ietf.org/archive/id/draft-ietf-6man-default-iids-00.txt"> <front><title>Recommendation<title> Recommendation on Stable IPv6 InterfaceIdentifiers</title>Identifiers </title> <author fullname="Fernando Gont" initials="F."surname="Gont"> </author>surname="Gont"/> <authorinitials="A." surname="Cooper"fullname="AlissaCooper"> </author>Cooper" initials="A." surname="Cooper"/> <author fullname="Dave Thaler" initials="D."surname="Thaler"> </author>surname="Thaler"/> <authorinitials="W." surname="Liu"fullname="WillLiu"> </author>(Shucheng) Liu" initials="W." surname="Liu"/> <datemonth='July' day='28' year='2014' />day="24" month="January" year="2014"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-6man-default-iids-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-ietf-6man-default-iids-00.txt' />name="Internet-Draft" value="draft-ietf-6man-default-iids-00"/> </reference><?rfc include="reference.RFC.8064" ?><xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8064.xml"/> <referenceanchor='draft-ietf-6man-rfc4941bis-00'>anchor="draft-ietf-6man-rfc4941bis-00" target="https://www.ietf.org/archive/id/draft-ietf-6man-rfc4941bis-00.txt"> <front><title abbrev="Privacy Extensions to Autoconf">Privacy<title> Privacy Extensions for Stateless Address Autoconfiguration inIPv6</title>IPv6 </title> <author fullname="Fernando Gont" initials="F."surname="Gont"> <organization abbrev="SI6 Networks / UTN-FRH">SI6 Networks / UTN-FRH</organization> </author>surname="Gont"/> <authorinitials="S.K." surname="Krishnan"fullname="SureshKrishnan">Krishnan" initials="S." surname="Krishnan"> <organization>Ericsson Research</organization> </author> <authorinitials="T.N." surname="Narten" fullname="Thomas Narten">fullname="Dr. Thomas Narten" initials="T." surname="Narten"> <organization>IBM Corporation</organization> </author> <authorinitials="R.D." surname="Draves"fullname="RichardDraves">P. Draves" initials="R." surname="Draves"> <organization>Microsoft Research</organization> </author> <datemonth='July' day='2' year='2018' />day="2" month="July" year="2018"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-6man-rfc4941bis-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-ietf-6man-rfc4941bis-00.txt' />name="Internet-Draft" value="draft-ietf-6man-rfc4941bis-00"/> </reference> <referenceanchor='draft-fgont-6man-rfc4941bis-00'>anchor="draft-fgont-6man-rfc4941bis-00" target="https://www.ietf.org/archive/id/draft-fgont-6man-rfc4941bis-00.txt"> <front><title abbrev="Privacy Extensions to Autoconf">Privacy<title> Privacy Extensions for Stateless Address Autoconfiguration inIPv6</title>IPv6 </title> <author fullname="Fernando Gont" initials="F."surname="Gont"> <organization abbrev="SI6 Networks / UTN-FRH">SI6 Networks / UTN-FRH</organization> </author>surname="Gont"/> <authorinitials="S.K." surname="Krishnan"fullname="SureshKrishnan">Krishnan" initials="S." surname="Krishnan"> <organization>Ericsson Research</organization> </author> <authorinitials="T.N." surname="Narten" fullname="Thomas Narten">fullname="Dr. Thomas Narten" initials="T." surname="Narten"> <organization>IBM Corporation</organization> </author> <authorinitials="R.D." surname="Draves"fullname="RichardDraves">P. Draves" initials="R." surname="Draves"> <organization>Microsoft Research</organization> </author> <datemonth='March' day='25' year='2018' />day="25" month="March" year="2018"/> </front> <seriesInfoname='Internet-Draft' value='draft-fgont-6man-rfc4941bis-00'name="Internet-Draft" value="draft-fgont-6man-rfc4941bis-00"/> </reference> <reference anchor="draft-ietf-6man-default-iids-16" target="https://www.ietf.org/archive/id/draft-ietf-6man-default-iids-16.txt"> <front> <title> Recommendation on Stable IPv6 Interface Identifiers </title> <author initials="F." surname="Gont" fullname="Fernando Gont"> </author> <author initials="A." surname="Cooper" fullname="Alissa Cooper"> <organization>Cisco</organization> </author> <author initials="D." surname="Thaler" fullname="Dave Thaler"> <organization>Microsoft</organization> </author> <author initials="W." surname="LIU" fullname="Will (Shucheng) LIU"> <organization>Huawei Technologies</organization> </author> <date month="September" day="28" year="2016"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-6man-default-iids-16"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7721.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7707.xml"/> <reference anchor="draft-gont-predictable-numeric-ids-03" target="https://datatracker.ietf.org/doc/html/draft-gont-predictable-numeric-ids-03"> <front> <title> Security and Privacy Implications of Numeric Identifiers Employed in Network Protocols </title> <author initials="F." surname="Gont" fullname="Fernando Gont"> </author> <author initials="I." surname="Arce" fullname="Ivan Arce"> <organization>Quarkslab</organization> </author> <date month="March" day="11" year="2019"/> </front> <seriesInfo name="Internet-Draft" value="draft-gont-predictable-numeric-ids-03"/> </reference> <reference anchor='RFC9416' target='https://www.rfc-editor.org/info/rfc9416'> <front> <title>Security Considerations for Transient Numeric Identifiers Employed in Network Protocols</title> <author initials='F' surname='Gont' fullname='Fernando Gont'> <organization /><format type='TXT' target='https://tools.ietf.org/id/draft-fgont-6man-rfc4941bis-00.txt'</author> <author initials='I' surname='Arce' fullname='Ivan Arce'> <organization /> </author> <date year='2023' month='July'/> </front> <seriesInfo name="BCP" value="72"/> <seriesInfo name="RFC" value="9416"/> <seriesInfo name="DOI" value="10.17487/RFC9416"/> </reference><?rfc include="reference.I-D.ietf-6man-default-iids" ?> <?rfc include="reference.RFC.7721" ?> <?rfc include="reference.RFC.7707" ?> <!--<referenceanchor="FIPS-SHS" target="http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf">anchor='RFC9415' target='https://www.rfc-editor.org/info/rfc9415'> <front><title>Secure Hash Standard (SHS)</title> <author initials="" surname="FIPS" fullname="FIPS"> <organization></organization><title>On the Generation of Transient Numeric Identifiers</title> <author initials='F' surname='Gont' fullname='Fernando Gont'> <organization /> </author> <author initials='I' surname='Arce' fullname='Ivan Arce'> <organization /> </author> <datemonth="March" year="2012"/>year='2023' month='July'/> </front> <seriesInfoname="" value="Federal Information Processing Standards Publication 180-4"/>name="RFC" value="9415"/> <seriesInfo name="DOI" value="10.17487/RFC9415"/> </reference>--> <?rfc include="reference.I-D.gont-predictable-numeric-ids" ?> <?rfc include="reference.I-D.gont-numeric-ids-sec-considerations" ?> <?rfc include="reference.I-D.irtf-pearg-numeric-ids-generation" ?> <?rfc include="reference.I-D.ietf-6man-rfc2460bis" ?> <!-- NTP --><referenceanchor='draft-stenn-ntp-not-you-refid-00'>anchor="draft-ietf-6man-rfc2460bis-05" target="https://www.ietf.org/archive/id/draft-ietf-6man-rfc2460bis-05.txt"> <front><title abbrev="Not You REFID">Network<title>Internet Protocol, Version 6 (IPv6) Specification</title> <author fullname="Stephen E. Deering" initials="S." surname="Deering"/> <author fullname="Robert M. Hinden" initials="R." surname="Hinden"/> <date day="28" month="June" year="2016"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-6man-rfc2460bis-05"/> </reference> <reference anchor="draft-ietf-6man-rfc2460bis-13" target="https://www.ietf.org/archive/id/draft-ietf-6man-rfc2460bis-13.txt"> <front> <title>draft-ietf-6man-rfc2460bis-13</title> <author fullname="Stephen E. Deering" initials="S." surname="Deering"/> <author fullname="Robert M. Hinden" initials="R." surname="Hinden"/> <date day="19" month="May" year="2017"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-6man-rfc2460bis-13"/> </reference> <reference anchor="draft-stenn-ntp-not-you-refid-00" target="https://www.ietf.org/archive/id/draft-stenn-ntp-not-you-refid-00.txt"> <front> <title>Network Time Protocol Not You REFID</title> <author fullname="Sharon Goldberg" initials="S." surname="Goldberg"> <organization>Boston University</organization> </author> <authorinitials="H." surname="Stenn"fullname="HarlanStenn">Stenn" initials="H." surname="Stenn"> <organization>Network Time Foundation</organization> </author> <datemonth='July' day='8' year='2016' />day="8" month="July" year="2016"/> </front> <seriesInfoname='Internet-Draft' value='draft-stenn-ntp-not-you-refid-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-stenn-ntp-not-you-refid-00.txt' />name="Internet-Draft" value="draft-stenn-ntp-not-you-refid-00"/> </reference> <referenceanchor='draft-ietf-ntp-refid-updates-00'>anchor="draft-ietf-ntp-refid-updates-00" target="https://www.ietf.org/archive/id/draft-ietf-ntp-refid-updates-00.txt"> <front><title abbrev="Not You REFID">Network<title>Network Time ProtocolNot You REFID</title>REFID Updates</title> <author fullname="Harlan Stenn" initials="H." surname="Stenn"/> <author fullname="Sharon Goldberg" initials="S."surname="Goldberg"> <organization>Boston University</organization> </author> <author initials="H." surname="Stenn" fullname="Harlan Stenn"> <organization>Network Time Foundation</organization> </author>surname="Goldberg"/> <datemonth='November' day='13' year='2016' />day="13" month="November" year="2016"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-ntp-refid-updates-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-ietf-ntp-refid-updates-00.txt' />name="Internet-Draft" value="draft-ietf-ntp-refid-updates-00"/> </reference> <reference anchor="Gont-NTP" target="https://mailarchive.ietf.org/arch/msg/ntp/NkfTHxUUOdp14Agh3h1IPqfcRRg"> <front> <title>[Ntp] Comments on draft-ietf-ntp-refid-updates-05</title> <author initials="F." surname="Gont" fullname="Fernando Gont"><organization></organization> </author><organization/></author> <datemonth="April"day="16" month="April" year="2019"/> </front><seriesInfo name="Post<refcontent>message to the IETF NTPWGmailinglist" value=" Message-ID: <d871d66d-4043-d8d0-f924-2191ebb2e2ce@si6networks.com>"/> </reference> <?rfc include="reference.I-D.ietf-ntp-refid-updates" ?> <?rfc include="reference.RFC.5905" ?> <!-- md5 --> <!-- <?rfc include="reference.RFC.1321" ?> --> <!-- Pervasive Monitoring --> <?rfc include="reference.RFC.7258" ?> <!-- TCP ISNs --> <?rfc include="reference.RFC.1948" ?>list</refcontent> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5905.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7258.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.1948.xml"/> <reference anchor="Wright1994"> <front> <title>TCP/IP Illustrated, Volume 2: The Implementation</title> <authorinitials="G.R."initials="G." surname="Wright"fullname= "Garyfullname="Gary R. Wright"><organization></organization><organization/> </author> <authorinitials="W.R."initials="W." surname="Stevens"fullname= "W.fullname="W. Richard Stevens"><organization></organization><organization/> </author> <dateyear="Addison-Wesley, 1994"/>year="1995" month="February"/> </front><!-- The usage of the date element (above) avoids an extra space before the comma. <seriesInfo name="Addison-Wesley" value=""/>--><refcontent>Addison-Wesley</refcontent> </reference><!-- <reference anchor="CPNI-TCP" target="http://www.gont.com.ar/papers/tn-03-09-security-assessment-TCP.pdf"> <front> <title>Security Assessment of the Transmission Control Protocol (TCP)</title> <author initials="F." surname="Gont" fullname= "Fernando Gont"> <organization></organization> </author> <date year="2009"/> </front> <seriesInfo name="" value="United Kingdom's Centre for the Protection of National Infrastructure (CPNI) Technical Report"/> </reference> --><reference anchor="Zalewski2001" target="https://lcamtuf.coredump.cx/oldtcp/tcpseq.html"> <front> <title>Strange Attractors and TCP/IP Sequence NumberAnalysis</title>Analysis (2001)</title> <author initials="M." surname="Zalewski" fullname="M. Zalewski"><organization></organization><organization/> </author> <dateyear="2001"/>year="2001" month="March"/> </front> </reference> <reference anchor="Zalewski2002" target="https://lcamtuf.coredump.cx/newtcp/"> <front> <title>Strange Attractors and TCP/IP Sequence Number Analysis - One YearLater</title>Later (2002)</title> <author initials="M." surname="Zalewski" fullname="M. Zalewski"><organization></organization><organization/> </author> <dateyear="2001"/>year="2002"/> </front> </reference> <reference anchor="Bellovin1989" target="https://www.cs.columbia.edu/~smb/papers/ipext.pdf"> <front> <title>Security Problems in the TCP/IP Protocol Suite</title> <author initials="S." surname="Bellovin"fullname="Bellovin"> <organization></organization>fullname="S.M. Bellovin"> <organization/> </author> <dateyear="Computeryear="1989" month="April"/> </front> <refcontent>Computer Communications Review, vol. 19, no. 2, pp.32-48, 1989"/> </front>32-48</refcontent> </reference><!-- <reference anchor="Joncheray1995"> <front> <title>A Simple Active Attack Against TCP</title> <author initials="L." surname="Joncheray" fullname="L. Joncheray"> <organization></organization> </author> <date year="Proc. Fifth Usenix UNIX Security Symposium, 1995"/> </front> </reference> --><reference anchor="Morris1985" target="https://pdos.csail.mit.edu/~rtm/papers/117.pdf"> <front> <title>A Weakness in the 4.2BSD UNIX TCP/IP Software</title> <author initials="R." surname="Morris" fullname="Robert Morris"><organization></organization><organization/> </author> <dateyear="1985"/>year="1985" month="February"/> </front><seriesInfo name="CSTR 117," value="AT&T<refcontent>CSTR 117, AT&T Bell Laboratories, Murray Hill,NJ"/>NJ</refcontent> </reference> <reference anchor="USCERT2001" target="https://www.kb.cert.org/vuls/id/498440"> <front><title>US-CERT Vulnerability Note VU#498440: Multiple<title>Multiple TCP/IP implementations may use statistically predictable initial sequencenumbers </title> <author initials="" surname="US-CERT" fullname= "US-CERT"> <organization></organization>numbers</title> <author> <organization>CERT CC</organization> </author> <dateyear="2001"/>year="2001" month="March"/> </front> <refcontent>Vulnerability Note VU#498440</refcontent> </reference> <reference anchor="CERT2001" target="https://resources.sei.cmu.edu/asset_files/WhitePaper/2001_019_001_496192.pdf"> <front> <title>CERT Advisory CA-2001-09: Statistical Weaknesses in TCP/IP Initial SequenceNumbers </title> <author initials="" surname="CERT" fullname= "CERT"> <organization></organization>Numbers</title> <author> <organization>CERT/CC</organization> </author> <dateyear="2001"/>year="2001" month="May"/> </front> </reference> <reference anchor="Shimomura1995"target="https://www.gont.com.ar/docs/post-shimomura-usenet.txt">target="https://www.gont.com.ar/files/post-shimomura-usenet.txt"> <front> <title>Technical details of the attack described by Markoff in NYT</title> <author initials="T." surname="Shimomura"fullname= "Tsutomufullname="Tsutomu Shimomura"><organization></organization><organization/> </author> <dateyear="1995"/>day="25" year="1995" month="January"/> </front><seriesInfo name="Message posted in USENET's<refcontent>message to the USENET comp.security.miscnewsgroup" value=" Message-ID: <3g5gkl$5j1@ariel.sdsc.edu>"/>newsgroup</refcontent> </reference> <referenceanchor='I-D.eddy-rfc793bis-04'>anchor="draft-eddy-rfc793bis-04" target="https://www.ietf.org/archive/id/draft-eddy-rfc793bis-04.txt"> <front> <title>Transmission Control Protocol Specification</title> <authorinitials='W.' surname='Eddy' fullname='Wesley Eddy'> <organization /> </author>fullname="Wesley Eddy" initials="W." surname="Eddy" role="editor"/> <datemonth='August' day='25' year='2014' /> <abstract><t> This document specifies the Internet's Transmission Control Protocol (TCP). TCP is an important transport layer protocol in the Internet stack, and has continuously evolved over decades of use and growth of the Internet. Over this time, a number of changes have been made to TCP as it was specified in RFC 793, though these have only been documented in a piecemeal fashion. This document collects and brings those changes together with the protocol specification from RFC 793. This document obsoletes RFC 793 and several other RFCs (TODO: list all actual RFCs when finished). RFC EDITOR NOTE: If approved for publication as an RFC, this should be marked additionally as "STD: 7" and replace RFC 793 in that role.</t></abstract>day="25" month="August" year="2014"/> </front> <seriesInfoname='Internet-Draft' value='draft-eddy-rfc793bis-04' /> <format type='TXT' target='https://tools.ietf.org/id/draft-eddy-rfc793bis-04.txt' />name="Internet-Draft" value="draft-eddy-rfc793bis-04"/> </reference> <reference anchor="OpenBSD-TCP-ISN-I" target="https://cvsweb.openbsd.org/src/sys/netinet/tcp_subr.c?rev=1.6"> <front> <title>Implementation of TCP ISN randomization based on random increments</title> <author> <organization>OpenBSD</organization> </author> <dateday="29"month="July" year="1996"/> </front> </reference> <reference anchor="OpenBSD-TCP-ISN-R" target="https://cvsweb.openbsd.org/src/sys/netinet/tcp_subr.c?rev=1.37"> <front> <title>Implementation of TCP ISN randomization based on simple randomization</title> <author> <organization>OpenBSD</organization> </author> <dateday="13"month="December" year="2000"/> </front> </reference> <reference anchor="OpenBSD-TCP-ISN-H" target="https://cvsweb.openbsd.org/src/sys/netinet/tcp_subr.c?rev=1.97"> <front> <title>Implementation of RFC1948 for TCP ISN randomization</title> <author> <organization>OpenBSD</organization> </author> <dateday="13" month="December" year="2000"/>month="June" year="2007"/> </front> </reference><!-- NTP Port<reference anchor="draft-gont-ntp-port-randomization-00" target="https://www.ietf.org/archive/id/draft-gont-ntp-port-randomization-00.txt"> <front> <title>Port Randomization--> <?rfc include="reference.I-D.gont-ntp-port-randomization" ?> <?rfc include="reference.I-D.ietf-ntp-port-randomization" ?> <?rfc include="reference.RFC.9109" ?>in the Network Time Protocol Version 4</title> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <author fullname="Guillermo Gont" initials="G." surname="Gont"/> <date day="16" month="April" year="2019"/> </front> <seriesInfo name="Internet-Draft" value="draft-gont-ntp-port-randomization-00"/> </reference> <reference anchor="draft-ietf-ntp-port-randomization-00" target="https://www.ietf.org/archive/id/draft-ietf-ntp-port-randomization-00.txt"> <front> <title>Port Randomization in the Network Time Protocol Version 4</title> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <author fullname="Guillermo Gont" initials="G." surname="Gont"/> <author fullname="Miroslav Lichvar" initials="M." surname="Lichvar"/> <date day="22" month="October" year="2019"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-ntp-port-randomization-00"/> </reference> <reference anchor="draft-ietf-ntp-port-randomization-08" target="https://www.ietf.org/archive/id/draft-ietf-ntp-port-randomization-08.txt"> <front> <title>Port Randomization in the Network Time Protocol Version 4</title> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <author fullname="Guillermo Gont" initials="G." surname="Gont"/> <author fullname="Miroslav Lichvar" initials="M." surname="Lichvar"/> <date day="10" month="June" year="2021"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-ntp-port-randomization-00"/> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9109.xml"/> <reference anchor="NTP-PORTR"target="https://mailarchive.ietf.org/arch/browse/ntp/?gbt=1&index=n09Sb61WkH03lSRtamkELXwEQN4">target="https://mailarchive.ietf.org/arch/msg/ntp/xSCu5Vhb3zoWcqEjUMmzP8pOdW4/"> <front> <title>[Ntp] New rev of the NTP port randomization I-D (Fwd: New Version Notification for draft-gont-ntp-port-randomization-01.txt)</title> <author fullname="Fernando Gont" initials="F." surname="Gont"><organization abbrev="SI6 Networks / UTN-FRH">SI6 Networks / UTN-FRH</organization> <address> <postal> <street>Evaristo Carriego 2644</street> <code>1706</code> <city>Haedo</city> <region>Provincia de Buenos Aires</region> <country>Argentina</country> </postal> <phone>+54 11 4650 8472</phone> <email>fgont@si6networks.com</email> <uri>https://www.si6networks.com</uri> </address></author> <date day="21" month="May" year="2019"/> </front> <refcontent>message to the IETF NTP mailing list</refcontent> </reference> <reference anchor="NIST-NTP" target="https://tf.nist.gov/general/pdf/2818.pdf"> <front> <title>Usage Analysis of the NIST Internet Time Service</title> <authorinitials="J.A."initials="J." surname="Sherman" fullname="Jeff A. Sherman"><organization></organization><organization/> </author> <author initials="J." surname="Levine" fullname="Judah Levine"><organization></organization><organization/> </author> <date year="2016"month="March" day="8"/>month="March"/> </front><seriesInfo name="Journal<refcontent>Journal of Research of the National Institute of Standards andTechnology" value="Volume 121" />Technology, Volume 121</refcontent> </reference> <reference anchor="IPID-DEV" target="https://arxiv.org/pdf/1906.10478.pdf"> <front> <title>From IP ID to Device ID and KASLR Bypass (Extended Version)</title> <author initials="A." surname="Klein" fullname="Amit Klein"><organization></organization><organization/> </author> <author initials="B." surname="Pinkas" fullname="Benny Pinkas"><organization></organization><organization/> </author> <date year="2019"month="June"/>month="October"/> </front><!--<seriesInfoname="Journal of Research of the National Institute of Standards and Technology" value="Volume 121" /> -->name="DOI" value="10.48550/arXiv.1906.10478"/> </reference><!-- ICMP attacks <?rfc include="reference.RFC.5927" ?> --> <!-- IPv6 Flow Label <?rfc include="reference.I-D.gont-6man-flowlabel-security" ?> <?rfc include="reference.RFC.7098" ?> --> <!-- DNS --> <?rfc include="reference.RFC.1035" ?> <!-- Fragment ID --> <!-- IPv4 security --> <?rfc include="reference.RFC.6274" ?> <?rfc include="reference.RFC.7739" ?> <!-- <?rfc include="reference.RFC.4963" ?> --> <!-- IPv4 Reassembly Errors at High Data Rates --><xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.1035.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6274.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7739.xml"/> <reference anchor="Bellovin2002" target="https://www.cs.columbia.edu/~smb/papers/fnat.pdf"> <front> <title>A Technique for Counting NATted Hosts</title> <authorinitials="S. M."initials="S." surname="Bellovin"fullname= "Bellovin, S. M."> <organization></organization>fullname="Steven M. Bellovin"> <organization/> </author> <dateyear="2002"/>year="2002" month="November"/> </front><seriesInfo name="IMW'02" value="Nov. 6-8, 2002,<refcontent>IMW'02, Marseille,France"/>France</refcontent> <seriesInfo name="DOI" value="10.1145/637201.637243"/> </reference> <reference anchor="Fyodor2002"target="http://www.insecure.org/nmap/idlescan.html">target="https://nmap.org/presentations/CanSecWest03/CD_Content/idlescan_paper/idlescan.html"> <front> <title>Idle scanning and related IP ID games</title><author initials="" surname="Fyodor" fullname= "Fyodor"> <organization></organization><author> <organization>Fyodor</organization> </author> <dateyear="2002"/>year="2002" month="September"/> </front> </reference> <reference anchor="Sanfilippo1998a" target="http://seclists.org/bugtraq/1998/Dec/48"> <front> <title>about the ip header id</title> <author initials="S." surname="Sanfilippo"fullname="S.fullname="Salvatore Sanfilippo"><organization></organization><organization/> </author><date/><date day="14" month="December" year="1998"/> </front><seriesInfo name="Post<refcontent>message to the Bugtraqmailing-list," value="Mon Dec 14 1998" />mailing list</refcontent> </reference> <reference anchor="Sanfilippo1998b"target="https://github.com/antirez/hping/raw/master/docs/SPOOFED_SCAN.txt">target="https://seclists.org/bugtraq/1998/Dec/79"> <front><title>Idle scan</title><title>new tcp scan method</title> <author initials="S." surname="Sanfilippo"fullname="S.fullname="Salvatore Sanfilippo"><organization></organization><organization/> </author> <dateyear="1998"/>year="1998" month="December" day="18"/> </front><seriesInfo name="Post<refcontent>message toBugtraq" value="mailing-list" />the Bugtraq mailing list</refcontent> </reference> <reference anchor="Sanfilippo1999" target="https://github.com/antirez/hping/raw/master/docs/MORE-FUN-WITH-IPID"> <front> <title>more ip id</title> <author initials="S." surname="Sanfilippo" fullname="S. Sanfilippo"><organization></organization><organization/> </author> <dateyear="1999"/>year="1999" month="November"/> </front><seriesInfo name="Post<refcontent>message toBugtraq" value="mailing-list" />the Bugtraq mailing list</refcontent> </reference> <reference anchor="Morbitzer2013" target="https://seclists.org/nmap-dev/2013/q2/394"> <front> <title>[PATCH] TCP Idle Scan in IPv6</title> <author initials="M." surname="Morbitzer"fullname= "Mathiasfullname="Mathias Morbitzer"><organization></organization><organization/> </author> <dateyear="2013"/>day="3" year="2013" month="June"/> </front><seriesInfo name="" value="Message posted<refcontent>message to the nmap-devmailing-list"/>mailing list</refcontent> </reference> <reference anchor="OpenBSD-IPv4-ID" target="https://cvsweb.openbsd.org/src/sys/netinet/ip_id.c?rev=1.1"> <front> <title>Randomization of the IPv4 Identification field</title> <author> <organization>OpenBSD</organization> </author> <dateday="26"month="December" year="1998"/> </front> </reference> <reference anchor="OpenBSD-IPv6-ID" target="https://cvsweb.openbsd.org/src/sys/netinet6/ip6_id.c?rev=1.1"> <front> <title>Randomization of the IPv6 Identification field</title> <author> <organization>OpenBSD</organization> </author> <dateday="1"month="October" year="2003"/> </front> </reference> <reference anchor="Silbersack2005" target="https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.91.4542&rep=rep1&type=pdf"> <front> <title>Improving TCP/IP security through randomization without sacrificing interoperability</title> <authorinitials="M.J."initials="M." surname="Silbersack" fullname="Michael James Silbersack"> <organization>The FreeBSD Project</organization> </author> <dateyear="2005"/>year="2005" month="January"/> </front><seriesInfo name="EuroBSDCon 2005" value="Conference"/><refcontent>EuroBSDCon 2005 Conference</refcontent> </reference> <reference anchor="Zalewski2003" target="https://lcamtuf.coredump.cx/ipfrag.txt"> <front> <title>A new TCP/IP blind data injection technique?</title> <author initials="M." surname="Zalewski"fullname="M.fullname="Michal Zalewski"><organization></organization><organization/> </author> <dateyear="2003"/>year="2003" month="December"/> </front> </reference> <reference anchor="Arce1997" target="http://www.openbsd.org/advisories/sni_12_resolverid.txt"> <front> <title>BIND Vulnerabilities and Solutions</title> <author initials="I." surname="Arce" fullname="Ivan Arce"> <organization>Core Seguridad del Informacion</organization> </author> <author initials="E." surname="Kargieman" fullname="Emiliano Kargieman"> <organization>Core Seguridad del Informacion</organization> </author> <dateyear="1997"/>year="1997" month="April"/> </front> </reference> <reference anchor="Klein2007" target="https://dl.packetstormsecurity.net/papers/attack/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"> <front> <title>OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability</title> <author initials="A." surname="Klein" fullname="Amit Klein"><organization></organization><organization/> </author> <dateyear="2007"/>year="2007" month="October"/> </front> </reference> <referenceanchor="Gont2011">anchor="Gont2011" target="https://www.si6networks.com/files/presentations/hip2011/fgont-hip2011-hacking-ipv6-networks.pdf"> <front> <title>Hacking IPv6 Networks (training course)</title> <author initials="F." surname="Gont" fullname="Fernando Gont"><organization></organization><organization/> </author> <date month="June" year="2011"/> </front><seriesInfo name="Hack<refcontent>Hack In Paris 2011Conference" value="Paris, France"/>Conference, Paris, France</refcontent> </reference> <reference anchor="RedHat2011" target="https://rhn.redhat.com/errata/RHSA-2011-1465.html"> <front><title>RedHat<title>RHSA-2011:1465-1 - SecurityAdvisory RHSA-2011:1465-1: Important: kernel security and bug fix update</title> <author initials="" surname="RedHat" fullname="RedHat"> <organization></organization>Advisory</title> <author> <organization>Red Hat</organization> </author> <dateyear="2011"/>year="2011" month="November"/> </front><!-- <seriesInfo name="Hack In Paris 2011 Conference" value="Paris, France"/> --></reference> <reference anchor="Ubuntu2011" target="https://ubuntu.com/security/notices/USN-1253-1"> <front><title>Ubuntu: USN-1253-1:<title>USN-1253-1: Linux kernel vulnerabilities</title><author initials="" surname="Ubuntu" fullname="Ubuntu"> <organization></organization><author> <organization>Ubuntu</organization> </author> <dateyear="2011"/>year="2011" month="November"/> </front><!-- <seriesInfo name="Hack In Paris 2011 Conference" value="Paris, France"/> --></reference> <reference anchor="SUSE2011" target="https://lists.opensuse.org/opensuse-security-announce/2011-12/msg00011.html"> <front><title>SUSE<title>[security-announce] SUSE Security Announcement: Linux kernel security update (SUSE-SA:2011:046)</title> <authorinitials="" surname="SUSE" fullname="SUSE"> <organization></organization>initials="M." surname="Meissner" fullname="Marcus Meissner"> <organization>SUSE</organization> </author> <dateyear="2011"/>day="13" year="2011" month="December"/> </front><!-- <seriesInfo name="Hack In Paris 2011 Conference" value="Paris, France"/> --><refcontent>message to the openSUSE Security Announce mailing list</refcontent> </reference> <reference anchor="Gont2012" target="https://www.si6networks.com/files/presentations/bsdcan2012/fgont-bsdcan2012-recent-advances-in-ipv6-security.pdf"> <front> <title>Recent Advances in IPv6 Security</title> <author initials="F." surname="Gont" fullname="Fernando Gont"><organization></organization> </author><organization/></author> <date month="May" year="2012"/> </front><seriesInfo name="BSDCan<refcontent>BSDCan 2012Conference" value="Ottawa, Canada. May 11-12, 2012"/> </reference> <?rfc include="reference.I-D.gont-6man-predictable-fragment-id" ?> <?rfc include="reference.I-D.ietf-6man-predictable-fragment-id" ?>Conference, Ottawa, Canada</refcontent> </reference> <referenceanchor='draft-ietf-6man-predictable-fragment-id-01'>anchor="draft-gont-6man-predictable-fragment-id-03" target="https://www.ietf.org/archive/id/draft-gont-6man-predictable-fragment-id-03.txt"> <front> <title>Security Implications of Predictable Fragment Identification Values</title> <authorinitials='F.' surname='Gont' fullname='Fernando Gont'> <organization /> </author>fullname="Fernando Gont" initials="F." surname="Gont"/> <datemonth='April' day='30' year='2014' />day="9" month="January" year="2013"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-6man-predictable-fragment-id-01' /> <format type='TXT' target='https://tools.ietf.org/id/draft-ietf-6man-predictable-fragment-id-01.txt' />name="Internet-Draft" value="draft-gont-6man-predictable-fragment-id-03"/> </reference> <referenceanchor='draft-ietf-6man-predictable-fragment-id-02'>anchor="draft-ietf-6man-predictable-fragment-id-10" target="https://www.ietf.org/archive/id/draft-ietf-6man-predictable-fragment-id-10.txt"> <front> <title>Security Implications of Predictable Fragment Identification Values</title> <authorinitials='F.' surname='Gont' fullname='Fernando Gont'> <organization /> </author>fullname="Fernando Gont" initials="F." surname="Gont"/> <datemonth='December' day='19' year='2014' />day="9" month="October" year="2015"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-6man-predictable-fragment-id-02' /> <format type='TXT' target='https://tools.ietf.org/id/draft-ietf-6man-predictable-fragment-id-02.txt' />name="Internet-Draft" value="draft-ietf-6man-predictable-fragment-id-10"/> </reference> <referenceanchor='draft-gont-6man-predictable-fragment-id-00'>anchor="draft-ietf-6man-predictable-fragment-id-01" target="https://www.ietf.org/archive/id/draft-ietf-6man-predictable-fragment-id-01.txt"> <front><title>Security<title> Security Implications of Predictable Fragment IdentificationValues</title>Values </title> <authorinitials='F.' surname='Gont' fullname='Fernando Gont'> <organization /> </author>fullname="Fernando Gont" initials="F." surname="Gont"/> <datemonth='December' day='15' year='2011' /> <abstract><t>IPv6 specifies the Fragment Header, which is employed for the fragmentation and reassembly mechanisms. The Fragment Header contains an "Identification" field which, together with the IPv6 Source Address and the IPv6 Destination Address of the packet, identifies fragments that correspond to the same original datagram, such that they can be reassembled together at the receiving host. The only requirement for setting the "Identification" value is that it must be different than that of any other fragmented packet sent recently with the same Source Address and Destination Address. Some implementations simply use a global counter for setting the Fragment Identification field, thus leading to predictable values. This document analyzes the security implications of predictable Identification values, and updates RFC 2460 specifying additional requirements for setting the Fragment Identification, such that the aforementioned security implications are mitigated.</t></abstract>day="29" month="April" year="2014"/> </front> <seriesInfoname='Internet-Draft' value='draft-gont-6man-predictable-fragment-id-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-gont-6man-predictable-fragment-id-00.txt' />name="Internet-Draft" value="draft-ietf-6man-predictable-fragment-id-01"/> </reference> <referenceanchor='draft-ietf-6man-predictable-fragment-id-00'>anchor="draft-ietf-6man-predictable-fragment-id-02" target="https://datatracker.ietf.org/doc/html/draft-ietf-6man-predictable-fragment-id-02"> <front> <title>Security Implications of Predictable Fragment Identification Values</title> <authorinitials='F.' surname='Gont' fullname='Fernando Gont'> <organization /> </author>initials="F." surname="Gont" fullname="Fernando Gont"> <organization/></author> <datemonth='March' day='22' year='2013' />month="December" day="19" year="2014"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-6man-predictable-fragment-id-00' /> <format type='TXT' target='https://tools.ietf.org/id/draft-ietf-6man-predictable-fragment-id-00.txt' />name="Internet-Draft" value="draft-ietf-6man-predictable-fragment-id-02"/> </reference> <referenceanchor='draft-ietf-6man-predictable-fragment-id-08'>anchor="draft-gont-6man-predictable-fragment-id-00" target="https://www.ietf.org/archive/id/draft-gont-6man-predictable-fragment-id-00.txt"> <front><title>Security<title> Security Implications of Predictable Fragment IdentificationValues</title>Values </title> <authorinitials='F.' surname='Gont' fullname='Fernando Gont'> <organization /> </author>fullname="Fernando Gont" initials="F." surname="Gont"/> <datemonth='June' day='9' year='2015' /> <abstract><t>IPv6 specifies the Fragment Header, which is employed for the fragmentation and reassembly mechanisms. The Fragment Header contains an "Identification" field which, together with the IPv6 Source Address and the IPv6 Destination Address of a packet, identifies fragments that correspond to the same original datagram, such that they can be reassembled together by the receiving host. The only requirement for setting the "Identification" field is that the corresponding value must be different than that employed for any other fragmented packet sent recently with the same Source Address and Destination Address. Some implementations use a simple global counter for setting the Identification field, thus leading to predictable Identification values. This document analyzes the security implications of predictable Identification values, and provides implementation guidance for selecting the Identification fieldday="15" month="December" year="2011"/> </front> <seriesInfo name="Internet-Draft" value="draft-gont-6man-predictable-fragment-id-00"/> </reference> <reference anchor="draft-ietf-6man-predictable-fragment-id-00" target="https://www.ietf.org/archive/id/draft-ietf-6man-predictable-fragment-id-00.txt"> <front> <title> Security Implications ofthePredictable FragmentHeader, such that the aforementioned security implications are mitigated.</t></abstract>Identification Values </title> <author fullname="Fernando Gont" initials="F." surname="Gont"/> <date day="22" month="March" year="2013"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-6man-predictable-fragment-id-08' /> <format type='TXT' target='https://tools.ietf.org/id/draft-ietf-6man-predictable-fragment-id-08.txt' />name="Internet-Draft" value="draft-ietf-6man-predictable-fragment-id-00"/> </reference><!--<referenceanchor='I-D.hinden-6man-rfc2460bis-07'>anchor="draft-ietf-6man-predictable-fragment-id-08" target="https://www.ietf.org/archive/id/draft-ietf-6man-predictable-fragment-id-08.txt"> <front><title>Internet Protocol, Version 6 (IPv6) Specification</title> <author initials='S.E.' surname='Deering' fullname='Stephen E. Deering'><title> Security Implications of Predictable Fragment Identification Values </title> <authorinitials='R.M.' surname='Hinden' fullname='Robert M. Hinden'> <organization /> </author>fullname="Fernando Gont" initials="F." surname="Gont"/> <datemonth='June' day='9' year='2015' /> <abstract><t> This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng. It obsoletes RFC2460.</t></abstract>day="9" month="June" year="2015"/> </front> <seriesInfoname='Internet-Draft' value='draft-ietf-6man-rfc2460bis-02' /> <format type='TXT' target='http://www.ietf.org/internet-drafts/draft-ietf-6man-rfc2460bis-02.txt' />name="Internet-Draft" value="draft-ietf-6man-predictable-fragment-id-08"/> </reference>--> <!-- http://u.cs.biu.ac.il/~herzbea/security/13-03-frag.pdf --> <!-- DNS --><reference anchor="Schuba1993" target="http://ftp.cerias.purdue.edu/pub/papers/christoph-schuba/schuba-DNS-msthesis.pdf"> <front><title>ADDRESSING WEAKNESSES IN THE DOMAIN NAME SYSTEM PROTOCOL</title><title>Addressing Weakness in the Domain Name System Protocol</title> <author initials="C." surname="Schuba" fullname="Christoph Schuba"><organization></organization><organization/> </author> <dateyear="1993"/>year="1993" month="August"/> </front> </reference> <reference anchor="Vixie1995" target="https://www.usenix.org/legacy/publications/library/proceedings/security95/full_papers/vixie.pdf"> <front> <title>DNS and BIND Security Issues</title> <author initials="P." surname="Vixie" fullname="Paul Vixie"><organization></organization><organization/> </author> <datemonth="May" day="2"month="June" year="1995"/> </front><seriesInfo name="5th<refcontent>5th Usenix SecuritySymposium" value="May 2, 1995"/>Symposium</refcontent> </reference> <reference anchor="Klein2007b"target="https://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.86.4474">target="https://citeseerx.ist.psu.edu/doc/10.1.1.86.4474"> <front> <title>BIND 9 DNS Cache Poisoning</title> <author initials="A." surname="Klein" fullname="Amit Klein"><organization></organization><organization/> </author> <date month="March" year="2007"/> </front> </reference> <reference anchor="Klein2007c" target="https://dl.packetstormsecurity.net/papers/attack/Windows_DNS_Cache_Poisoning.pdf"> <front> <title>Windows DNS Server Cache Poisoning</title> <author initials="A." surname="Klein" fullname="Amit Klein"><organization></organization><organization/> </author> <date month="March" year="2007"/> </front> </reference> <reference anchor="Sacramento2002" target="https://seclists.org/bugtraq/2002/Nov/331"> <front> <title>CAIS-ALERT: Vulnerability in the sending requests control of BIND</title> <author initials="V." surname="Sacramento " fullname="Vagner Sacramento "><organization></organization><organization/> </author> <date day="25" month="November"day="19"year="2002"/> </front> <refcontent>message to the Bugtraq mailing list</refcontent> </reference> <reference anchor="Kaminsky2008" target="https://www.blackhat.com/presentations/bh-jp-08/bh-jp-08-Kaminsky/BlackHat-Japan-08-Kaminsky-DNS08-BlackOps.pdf"> <front> <title>Black Ops 2008: It's The End Of The Cache As We Know It</title> <author initials="D." surname="Kaminsky " fullname="Dan Kaminsky "><organization></organization><organization/> </author> <date month="August" year="2008"/> </front> </reference> <reference anchor="Economou2010" target="https://www.coresecurity.com/core-labs/advisories/core-2010-0424-windows-smtp-dns-query-id-bugs"> <front> <title>Windows SMTP Service DNS query Id vulnerabilities</title> <author initials="N." surname="Economou" fullname="Nicolas Economou"><organization></organization><organization/> </author> <date month="May"day="4"year="2010"/> </front><seriesInfo name="Advisory<refcontent>Advisory ID InternalCORE-2010-0427" value="May 4, 2010"/>CORE-2010-0427</refcontent> </reference> <reference anchor="TCPT-uptime" target="https://seclists.org/bugtraq/2001/Mar/182"> <front> <title>TCP Timestamping - Obtaining System Uptime Remotely</title> <author initials="B." surname="McDanel" fullname="Bret McDanel"> <organization>Securiteam</organization> </author> <date month="March" year="2001"/> </front> <refcontent>message to the Bugtraq mailing list</refcontent> </reference> </references> </references> <section numbered="false" toc="default"> <name>Acknowledgements</name> <t>The authors would like to thank (in alphabetical order) <contact fullname="Bernard Aboba"/>, <contact fullname="Dave Crocker"/>, <contact fullname="Spencer Dawkins"/>, <contact fullname="Theo de Raadt"/>, <contact fullname="Sara Dickinson"/>, <contact fullname="Guillermo Gont"/>, <contact fullname="Christian Huitema"/>, <contact fullname="Colin Perkins"/>, <contact fullname="Vincent Roca"/>, <contact fullname="Kris Shrishak"/>, <contact fullname="Joe Touch"/>, <contact fullname="Brian Trammell"/>, and <contact fullname="Christopher Wood"/> for providing valuable comments on earlier versions of this document.</t> <t>The authors would like to thank (in alphabetical order) <contact fullname="Steven Bellovin"/>, <contact fullname="Joseph Lorenzo Hall"/>, <contact fullname="Gre Norcie"/>, and <contact fullname="Martin Thomson"/> for providing valuable comments on <xref target="draft-gont-predictable-numeric-ids-03" format="default"/>, on which this document is based.</t> <t><xref target="tcp-isns" format="default"/> of this document borrows text from <xref target="RFC6528" format="default"/>, authored by <contact fullname="Fernando Gont"/> and <contact fullname="Steven Bellovin"/>.</t> <t>The authors would like to thank <contact fullname="Sara Dickinson"/> and <contact fullname="Christopher Wood"/> for their guidance during the publication process of this document.</t> <t>The authors would like to thank <contact fullname="Diego Armando Maradona"/> for his magic and inspiration.</t> </section> </back> </rfc>