Source Ports in Abuse Reporting Format (ARF) Reports
RFC 6692

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'Source Ports in ARF Reports' to Proposed Standard (draft-kucherawy-marf-source-ports-05.txt)

The IESG has approved the following document:
- 'Source Ports in ARF Reports'
  (draft-kucherawy-marf-source-ports-05.txt) as Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group.

The IESG contact person is Barry Leiba.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-kucherawy-marf-source-ports/


Technical Summary

The information included in an ARF report has not included the source
port number on which a message was received.  As RFC 6032 notes, the
increasing use of NAT on IPv4 networks means that the port number for a
connection is often needed to determine the actual host.  This draft adds
a new report field for the port number.

Working Group Summary

This individual submission was briefly disucssed at the MARF meeting
at IETF 83 and has had some discussion on the MARF mailing list.  Because
it is simple and uncontroversial, and MARF is scheduled to close once its
existing documents are done, it wasn't worth the hassle of keeping MARF
open to handle it.

Document Quality

The quality is good.  It's a tiny tweak to ARF which I added to my
reporting scripts in about 15 minutes.  No formal reviews are required.

Personnel

John Levine is the Document Shepherd.
Barry Leiba is the Responsible Area Director.