File formats:

Also available: XML file for editing

 

Status:

INFORMATIONAL

Authors:

F. Gont
I. Arce

Stream:

IRTF

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9415

Discuss this RFC: Send questions or comments to the mailing list pearg@irtf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9415

Abstract

This document performs an analysis of the security and privacy implications of different types of "transient numeric identifiers" used in IETF protocols and tries to categorize them based on their interoperability requirements and their associated failure severity when such requirements are not met. Subsequently, it provides advice on possible algorithms that could be employed to satisfy the interoperability requirements of each identifier category while minimizing the negative security and privacy implications, thus providing guidance to protocol designers and protocol implementers. Finally, it describes a number of algorithms that have been employed in real implementations to generate transient numeric identifiers and analyzes their security and privacy properties. This document is a product of the Privacy Enhancements and Assessments Research Group (PEARG) in the IRTF.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.