Search RFCs
RFC 6943
Issues in Identifier Comparison for Security Purposes,May 2013
- File formats:
- Status:
- INFORMATIONAL
- Author:
- D. Thaler, Ed.
- Stream:
- IAB
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC6943
Discuss this RFC: Send questions or comments to the mailing listiab@iab.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 6943
Abstract
Identifiers such as hostnames, URIs, IP addresses, and emailaddresses are often used in security contexts to identify securityprincipals and resources. In such contexts, an identifier presentedvia some protocol is often compared using some policy to makesecurity decisions such as whether the security principal may accessthe resource, what level of authentication or encryption is required,etc. If the parties involved in a security decision use differentalgorithms to compare identifiers, then failure scenarios rangingfrom denial of service to elevation of privilege can result. Thisdocument provides a discussion of these issues that designers shouldconsider when defining identifiers and protocols, and whenconstructing architectures that use multiple protocols.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.