Security Assessment of the Internet Protocol Version 4
RFC 6274

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>,
    opsec mailing list <opsec@ietf.org>,
    opsec chair <opsec-chairs@tools.ietf.org>
Subject: Document Action: 'Security Assessment of the Internet Protocol version 4' to Informational RFC (draft-ietf-opsec-ip-security-07.txt)

The IESG has approved the following document:
- 'Security Assessment of the Internet Protocol version 4'
  (draft-ietf-opsec-ip-security-07.txt) as an Informational RFC

This document is the product of the Operational Security Capabilities for
IP Network Infrastructure Working Group.

The IESG contact persons are Ron Bonica and Dan Romascanu.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-opsec-ip-security/


Technical Summary

This document contains a security assessment of the IETF
specifications of the Internet Protocol version 4, and of a number of
mechanisms and policies in use by popular IPv4 implementations.  It
is based on the results of a project carried out by the UK's Centre
for the Protection of National Infrastructure (CPNI).

Working Group Summary

Working group consensus required the settlement of two major points of
contention:

Was this document in scope for the opsec working group charter, and were
the participants sufficiently knowledgeable to provide input?

What status should be pursued by the document authors?

Regarding to former, it was the opinion of the area director and WG
consensus that the document  was compatible with the working group
charter. capabilities and limitations of the ipv4 protocol fall within the
scope of operational security capabilities work.

Regarding the second question, consensus that informational status was
the appropriate approach for this document. The number of documents
potentially touched by this document is considerable. It is not necessary
in the process of making recommendations on the basis of operational
experience to update the protocol specification so long as those
recommendations do not result in divergence from the protocol
specification that would  result in non-inter-operable operation. That
said, operationaly some such as source routing can be expected not to work
as a product of current practice.

Document Quality

Numerous implementations of the IPv4 protocol exist. The recommendations
contained within this document have accumulated over the course of close
to 30 years worth of operational experience. The information contained in
this document has not been collected in one IETF document before, doing so
has produced a document that is quite challenging to review from a scale
perspective. We have solicited and received a number of reviews high
quality reviews and we believe that prior publication of previous versions
of document also aided considerably with development and review.



Personnel

Joel Jaegli is shepherd for this draft.