Security Considerations for Transient Numeric Identifiers Employed in Network Protocols
RFC 9416, “Security Considerations for Transient Numeric Identifiers Employed in Network Protocols”, is a Best Current Practice document published in July 2023 by F. Gont, I. Arce. It updates RFC 3552. The canonical text is published by the RFC Editor.
Abstract
Poor selection of transient numerical identifiers in protocols such as the TCP/IP suite has historically led to a number of attacks on implementations, ranging from Denial of Service (DoS) or data injection to information leakages that can be exploited by pervasive monitoring. Due diligence in the specification of transient numeric identifiers is required even when cryptographic techniques are employed, since these techniques might not mitigate all the associated issues. This document formally updates RFC 3552, incorporating requirements for transient numeric identifiers, to prevent flaws in future protocols and implementations.
What “Best Current Practice” means
Documents the IETF community's recommended operational or procedural practice rather than a protocol specification.
The canonical text of RFC 9416 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9415 On the Generation of Transient Numeric Identifiers
- RFC 9417 Service Assurance for Intent-Based Networking Architecture
- RFC 9414 Unfortunate History of Transient Numeric Identifiers
- RFC 9418 A YANG Data Model for Service Assurance
- RFC 9413 Maintaining Robust Protocols
- RFC 9419 Considerations on Application - Network Collaboration Using Path Signals
- RFC 9412 The ORIGIN Extension in HTTP/3
- RFC 9420 The Messaging Layer Security Protocol