RFC 6943

Issues in Identifier Comparison for Security Purposes, May 2013

Canonical URL:
https://www.rfc-editor.org/rfc/rfc6943.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Author:
D. Thaler, Ed.
Stream:
IAB

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC6943

Discuss this RFC: Send questions or comments to iab@iab.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

Identifiers such as hostnames, URIs, IP addresses, and email addresses are often used in security contexts to identify security principals and resources. In such contexts, an identifier presented via some protocol is often compared using some policy to make security decisions such as whether the security principal may access the resource, what level of authentication or encryption is required, etc. If the parties involved in a security decision use different algorithms to compare identifiers, then failure scenarios ranging from denial of service to elevation of privilege can result. This document provides a discussion of these issues that designers should consider when defining identifiers and protocols, and when constructing architectures that use multiple protocols.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×