Cite this BCP: TXTBCP 72 contains the following RFCs:
|RFC 3552, BCP 72||Guidelines for Writing RFC Text on Security Considerations||E. Rescorla, B. Korver||July 2003||Updated by RFC 8996, RFC 9416, Errata||Best Current Practice|
|RFC 9416, BCP 72||Security Considerations for Transient Numeric Identifiers Employed in Network Protocols||F. Gont, I. Arce||July 2023||Updates RFC 3552||Best Current Practice|
Abstract of RFC 3552
All RFCs are required to have a Security Considerations section. Historically, such sections have been relatively weak. This document provides guidelines to RFC authors on how to write a good Security Considerations section. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.
Abstract of RFC 9416
Poor selection of transient numerical identifiers in protocols such as the TCP/IP suite has historically led to a number of attacks on implementations, ranging from Denial of Service (DoS) or data injection to information leakages that can be exploited by pervasive monitoring. Due diligence in the specification of transient numeric identifiers is required even when cryptographic techniques are employed, since these techniques might not mitigate all the associated issues. This document formally updates RFC 3552, incorporating requirements for transient numeric identifiers, to prevent flaws in future protocols and implementations.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.