RFC 9415
On the Generation of Transient Numeric Identifiers, July 2023
- File formats:
- Also available: XML file for editing
- Status:
- INFORMATIONAL
- Authors:
- F. Gont
I. Arce - Stream:
- IRTF
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9415
Discuss this RFC: Send questions or comments to the mailing list pearg@irtf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9415
Abstract
This document performs an analysis of the security and privacy implications of different types of "transient numeric identifiers" used in IETF protocols and tries to categorize them based on their interoperability requirements and their associated failure severity when such requirements are not met. Subsequently, it provides advice on possible algorithms that could be employed to satisfy the interoperability requirements of each identifier category while minimizing the negative security and privacy implications, thus providing guidance to protocol designers and protocol implementers. Finally, it describes a number of algorithms that have been employed in real implementations to generate transient numeric identifiers and analyzes their security and privacy properties. This document is a product of the Privacy Enhancements and Assessments Research Group (PEARG) in the IRTF.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.