On Thu, 14 Dec 2006, [email protected] wrote:
Title : The Generalized TTL Security Mechanism (GTSM)
Author(s) : V. Gill, et al.
Filename : draft-ietf-rtgwg-rfc3682bis-08.txt
Pages : 17
Date : 2006-12-14
The use of a packet's Time to Live (TTL) (IPv4) or Hop Limit (IPv6)
to verify whether the packet was originated by an adjacent node on a
connected link has been used in many recent protocols. This document
generalizes this technique. This document obsoletes RFC 3682.
A URL for this Internet-Draft is:
This draft has been significantly revised. I'd recommend everyone to
take a look at it. See the diffs etc at:
Appendix C.1. Changes between -07 and -08
o Describe the assumption of ingress filtering to protect against
o Rewrite the IP over MPLS section based on the new MPLS TTL
handling procedure (from Carlos Pignataro) to get the details of
new MPLS architecture right.
o Rephrase IP over IP tunneling section a bit, to make distinction
between encapsulation and decapsulation behaviour clearer.
o Make it clearer in the tunneling section that unless the tunnel
peer is also the protocol peer, GTSM should be able to offer
o Describe better the applicability of GTSM when tunneling.
o Rephrase Multi-hop GTSM section to mainly refer to the difficult-
to-quantify security properties as a reason for exclusion at this
o Some editorial updates.
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
rtgwg mailing list