(IETF I-D): Implications of IPv6 Addressing on Security Operations (Fwd: New Version Notification for draft-gont-opsec-ipv6-addressing-00.txt)

Fernando Gont fgont at si6networks.com
Sun Feb 5 10:44:58 UTC 2023

Hi, All,

Recently, I happened to participate in an IPv6 deployment meeting with 
some large content provider, and said meeting included a discussion 
about how to mitigate some attacks using block-lists. These folks argued 
that they ban offending IPv6 addresses as /128s, following IPv4 practices.

So it seemed to me that some of the implications arising from the 
increased IPv6 address space were non-obvious to them.  -- that has been 
the motivation for the publication of this document.

* TXT: 
* HTML: 

Comments welcome!

P.S.: The document is targeted at the IETF opsec wg 
(https://www.ietf.org/mailman/listinfo/opsec), but I'll be happy to 
discuss it on this mailing-list, off-list, or at the opsec wg 



-------- Forwarded Message --------
Subject: New Version Notification for 
Date: Thu, 02 Feb 2023 19:48:40 -0800
From: internet-drafts at ietf.org
To: Fernando Gont <fgont at si6networks.com>, Guillermo Gont 
<ggont at si6networks.com>

A new version of I-D, draft-gont-opsec-ipv6-addressing-00.txt
has been successfully submitted by Fernando Gont and posted to the
IETF repository.

Name:		draft-gont-opsec-ipv6-addressing
Revision:	00
Title:		Implications of IPv6 Addressing on Security Operations
Document date:	2023-02-02
Group:		Individual Submission
Pages:		8
URL: https://www.ietf.org/archive/id/draft-gont-opsec-ipv6-addressing-00.txt
Status: https://datatracker.ietf.org/doc/draft-gont-opsec-ipv6-addressing/

    The increased address availability provided by IPv6 has concrete
    implications on security operations.  This document discusses such
    implications, and sheds some light on how existing security
    operations techniques and procedures might need to be modified
    accommodate the increased IPv6 address availability.

The IETF Secretariat

More information about the NANOG mailing list