Publications

Our contributions to the Internet Engineering Task Force

RFCs

  • Gont, F., Cooper, A., Thaler, D., Liu, W. Recommendation on Stable IPv6 Interface Identifiers, RFC 8064, February 2017. [pdf] [txt]
  • Gont, F., Liu, W., Anderson, T. Generation of IPv6 Atomic Fragments Considered Harmful, RFC 8021, January 2017. [pdf] [txt]
  • Gont, F., Liu, W. A Method for Generating Semantically Opaque Interface Identifiers with Dynamic Host Configuration Protocol for IPv6 (DHCPv6), RFC 7943, September 2016. [pdf] [txt]
  • Bao, C., Li, X., Baker, F., Anderson, T., Gont, F. IP/ICMP Translation Algorithm, RFC 7915, June 2016. [pdf] [txt]
  • Gont, F., Linkova, J., Chown, T., Liu, W. Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World, RFC 7872, June 2016. [pdf] [txt]
  • Gont, F. Security Implications of Predictable Fragment Identification Values, RFC 7739, February 2016. [pdf] [txt]
  • Cooper, A., Gont, F., Thaler, D. Security and Privacy Considerations for IPv6 Address Generation Mechanisms, RFC 7721, March 2016. [pdf] [txt]
  • Gont, F., Chown, T. Network Reconnaissance in IPv6 Networks, RFC 7707, March 2016. [pdf] [txt]
  • Gont, F., Liu, W., Van de Velde, G. DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers, RFC 7610, August 2015. [pdf] [txt]
  • Bagnulo, M., Paasch, C., Gont, F., Bonaventure, O., Raiciu, C. Analysis of MPTCP residual threats and possible fixes, RFC 7430, July 2015. [pdf] [txt]
  • Carpenter, B., Chown, T., Gont, F., Jiang, S., Petrescu, A., Yourtchenko, A. Analysis of the 64-bit Boundary in IPv6 Addressing, RFC 7421, January 2015. [pdf] [txt]
  • Gont, F. Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks, RFC 7359, August 2014. [pdf] [txt]
  • Gont, F. A Method for Generating Semantically Opaque Interface Identifiers with IPv6 Stateless Address Autoconfiguration (SLAAC), RFC 7217, April 2014. [pdf] [txt]
  • Gont, F., Atkinson, R., Pignataro, C. Recommendations on Filtering of IPv4 Packets Containing IPv4 Options, RFC 7126, February 2014. [pdf] [txt]
  • Gont, F. Security Implications of IPv6 on IPv4 Networks, RFC 7123, February 2014. [pdf] [txt]
  • Gont, F. Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard), RFC 7113, February 2014. [pdf] [txt]
  • Gont, F., Manral, V., Bonica, R. Implications of Oversized IPv6 Header Chains, RFC 7112, January 2014. [pdf] [txt]
  • Gont, F., Security Implications of IPv6 Fragmentation with IPv6 Neighbor Discovery, RFC 6980, August 2013. [pdf] [txt]
  • Gont, F., Processing of IPv6 "atomic" fragments, RFC 6946, May 2013. [pdf] [txt]
  • Gont, F., Pignataro, C.,Formally Deprecating Some ICMPv4 Message Types, RFC 6918, April 2013. [pdf] [txt]
  • Pignataro, C., Gont, F., Formally Deprecating Some IPv4 Options, RFC 6814, November 2012. [pdf] [txt]
  • Gont, F., Deprecation of ICMP Source Quench messages, RFC 6633, May 2012. [pdf] [txt]
  • Gont, F., Bellovin, S., Defending Against Sequence Number Attacks, RFC 6528, February 2012. [pdf] [txt]
  • Gont, F., Security Assessment of the Internet Protocol Version 4, RFC 6274, July 2011. [pdf] [txt]
  • Gont, F., Reducing the TIME-WAIT State Using TCP Timestamps, RFC 6191, April 2011. [pdf] [txt]
  • Larsen, M., Gont, F., Recommendations for Transport-Protocol Port Randomization, RFC 6056, January 2011. [pdf] [txt]
  • Gont, F., Yourtchenko, A., On the Implementation of the TCP Urgent Mechanism, RFC 6093, January 2011. [pdf] [txt]
  • Gont, F., ICMP Attacks against TCP, RFC 5927, July 2010. [pdf] [txt]
  • Eggert, L., Gont, F., TCP User Timeout Option, RFC 5482, March 2009. [pdf] [txt]
  • Gont, F., TCP's Reaction to Soft Errors, RFC 5461, February 2009. [pdf] [txt]

Internet Drafts

  • Bagnulo, M., Paasch, C., Gont, F., Bonaventure, O., Raiciu, C., Analysis of MPTCP residual threats and possible fixes, IETF Internet Draft. [all versions]
  • Cooper, A., Gont, F., Thaler, D., Privacy Considerations for IPv6 Address Generation Mechanisms, IETF Internet Draft. [all versions]
  • Gont, F., Borman, D., On the Validation of TCP Sequence Numbers, IETF Internet Draft. [all versions]
  • Gont, F., Security Assessment of Neighbor Discovery (ND) for IPv6, IETF Internet Draft. [all versions]
  • Gont, F., Security Implications of Predictable Fragment Identification Values, IETF Internet Draft. [all versions]
  • Gont, F., Virtual Private Network (VPN) traffic leakages in dual-stack hosts/networks, IETF Internet Draft. [all versions]
  • Gont, F., A method for Generating Stable Privacy-Enhanced Addresses with IPv6 Stateless Address Autoconfiguration (SLAAC), IETF Internet Draft. [all versions]
  • Gont, F., DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers, IETF Internet Draft. [all versions]
  • Gont, F., Network Reconnaissance in IPv6 Networks, IETF Internet Draft. [all versions]
  • Gont, F., Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard), IETF Internet Draft. [all versions]
  • Gont, F., Manral, V., Security and Interoperability Implications of Oversized IPv6 Header Chains, IETF Internet Draft. [all versions]
  • Gont, F., Atkinson, R., IP Options Filtering Recommendations. [Available all versions]
  • Gont, F., Pignataro, C., Recommendations for filtering ICMP messages. [Available all versions]
  • Gont, F., Simerda, P.Current issues with DNS Configuration Options for SLAAC, IETF Internet Draft. [all versions]
  • Gont, F., Security Implications of IPv6 options of Type 10xxxxxx, IETF Internet Draft. [all versions]
  • Gont, F., Neighbor Discovery Shield (ND-Shield): Protecting against Neighbor Discovery Attacks, IETF Internet Draft. [all versions]
  • Gont, F., Security Assessment of the IPv6 Flow Label, IETF Internet Draft. [all versions]
  • Gont, F., Managing the Address Generation Policy for Stateless Address Autoconfiguration in IPv6, IETF Internet Draft. [all versions]
  • Gont, F., Processing of TCP segments with Mirrored End-points, IETF Internet Draft. [all versions]
  • Gont, F., Processing of IP Security/Compartment and Precedence Information by TCP, IETF Internet Draft. [all versions]
  • Gont, F. Security Assessment of the Transmission Control Protocol (TCP). [Available all versions]
  • Gont F., Mitigating Teredo Rooting Loop Attacks. [Available here]
  • Gont, F., Moving the Endpoint Identifier (EID) Option to Obsolete Status. [Available here]
  • Gont, F., On the generation of TCP timestamps. [Available here]
  • Gont, F., On the problem of long delays between connection-establishment attempts in TCP. Available [here]
  • Gont, F., Increasing the payload of ICMP error messages. [Available here]
  • Gont, F., Srisuresh, P., Security implications arising from NATs. [Available here]
  • Gont, F., TCP Adaptive User TimeOut (AUTO) Option. [Available here]