RFCs

  • Gont, F., Hilliard, N., Doering, G., Kumari, W., Huston, G., Liu, W. Operational Implications of IPv6 Packets with Extension Headers. RFC 9098, September 2021. [pdf] [txt]
  • Gont, F., Žorž, J., Patterson, R., Volz, B. Improving the Reaction of Customer Edge Routers to IPv6 Renumbering Events. RFC 9096, August 2021. [pdf] [txt]
  • Gont, F., Gont, G., Lichvar, M. Network Time Protocol Version 4: Port Randomization. RFC 9109, August 2021. [pdf] [txt]
  • Gont, F., Žorž, J., Patterson, R. Reaction of IPv6 Stateless Address Autoconfiguration (SLAAC) to Flash-Renumbering Events. RFC 8978, March 2021. [pdf] [txt]
  • Gont, F., Krishnan, S., Narten, T., Draves, R. Temporary Address Extensions for Stateless Address Autoconfiguration in IPv6. RFC 8981, February 2021. [pdf] [txt]
  • Bonica, R., Baker, F., Huston, G., Hinden, R., Troan, O., Gont, F. IP Fragmentation Considered Fragile. RFC 8900, September 2020. [pdf] [txt]
  • Gont, F., Cooper, A., Thaler, D., Liu, W. Recommendation on Stable IPv6 Interface Identifiers, RFC 8064, February 2017. [pdf] [txt]
  • Gont, F., Liu, W., Anderson, T. Generation of IPv6 Atomic Fragments Considered Harmful, RFC 8021, January 2017. [pdf] [txt]
  • Gont, F., Liu, W. A Method for Generating Semantically Opaque Interface Identifiers with Dynamic Host Configuration Protocol for IPv6 (DHCPv6), RFC 7943, September 2016. [pdf] [txt]
  • Bao, C., Li, X., Baker, F., Anderson, T., Gont, F. IP/ICMP Translation Algorithm, RFC 7915, June 2016. [pdf] [txt]
  • Gont, F., Linkova, J., Chown, T., Liu, W. Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World, RFC 7872, June 2016. [pdf] [txt]
  • Gont, F. Security Implications of Predictable Fragment Identification Values, RFC 7739, February 2016. [pdf] [txt]
  • Cooper, A., Gont, F., Thaler, D. Security and Privacy Considerations for IPv6 Address Generation Mechanisms, RFC 7721, March 2016. [pdf] [txt]
  • Gont, F., Chown, T. Network Reconnaissance in IPv6 Networks, RFC 7707, March 2016. [pdf] [txt]
  • Gont, F., Liu, W., Van de Velde, G. DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers, RFC 7610, August 2015. [pdf] [txt]
  • Bagnulo, M., Paasch, C., Gont, F., Bonaventure, O., Raiciu, C. Analysis of MPTCP residual threats and possible fixes, RFC 7430, July 2015. [pdf] [txt]
  • Carpenter, B., Chown, T., Gont, F., Jiang, S., Petrescu, A., Yourtchenko, A. Analysis of the 64-bit Boundary in IPv6 Addressing, RFC 7421, January 2015. [pdf] [txt]
  • Gont, F. Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks, RFC 7359, August 2014. [pdf] [txt]
  • Gont, F. A Method for Generating Semantically Opaque Interface Identifiers with IPv6 Stateless Address Autoconfiguration (SLAAC), RFC 7217, April 2014. [pdf] [txt]
  • Gont, F., Atkinson, R., Pignataro, C. Recommendations on Filtering of IPv4 Packets Containing IPv4 Options, RFC 7126, February 2014. [pdf] [txt]
  • Gont, F. Security Implications of IPv6 on IPv4 Networks, RFC 7123, February 2014. [pdf] [txt]
  • Gont, F. Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard), RFC 7113, February 2014. [pdf] [txt]
  • Gont, F., Manral, V., Bonica, R. Implications of Oversized IPv6 Header Chains, RFC 7112, January 2014. [pdf] [txt]
  • Gont, F., Security Implications of IPv6 Fragmentation with IPv6 Neighbor Discovery, RFC 6980, August 2013. [pdf] [txt]
  • Gont, F., Processing of IPv6 “atomic” fragments, RFC 6946, May 2013. [pdf] [txt]
  • Gont, F., Pignataro, C.,Formally Deprecating Some ICMPv4 Message Types, RFC 6918, April 2013. [pdf] [txt]
  • Pignataro, C., Gont, F., Formally Deprecating Some IPv4 Options, RFC 6814, November 2012. [pdf] [txt]
  • Gont, F., Deprecation of ICMP Source Quench messages, RFC 6633, May 2012. [pdf] [txt]
  • Gont, F., Bellovin, S., Defending Against Sequence Number Attacks, RFC 6528, February 2012. [pdf] [txt]
  • Gont, F., Security Assessment of the Internet Protocol Version 4, RFC 6274, July 2011. [pdf] [txt]
  • Gont, F., Reducing the TIME-WAIT State Using TCP Timestamps, RFC 6191, April 2011. [pdf] [txt]
  • Larsen, M., Gont, F., Recommendations for Transport-Protocol Port Randomization, RFC 6056, January 2011. [pdf] [txt]
  • Gont, F., Yourtchenko, A., On the Implementation of the TCP Urgent Mechanism, RFC 6093, January 2011. [pdf] [txt]
  • Gont, F., ICMP Attacks against TCP, RFC 5927, July 2010. [pdf] [txt]
  • Eggert, L., Gont, F., TCP User Timeout Option, RFC 5482, March 2009. [pdf] [txt]
  • Gont, F., TCP’s Reaction to Soft Errors, RFC 5461, February 2009. [pdf] [txt]

Internet Drafts

  • Gont, F., Borman, D., On the Validation of TCP Sequence Numbers, IETF Internet Draft. [all versions]
  • Gont, F., Security Assessment of Neighbor Discovery (ND) for IPv6, IETF Internet Draft. [all versions]
  • Gont, F., Atkinson, R., IP Options Filtering Recommendations. [Available all versions]
  • Gont, F., Pignataro, C., Recommendations for filtering ICMP messages. [Available all versions]
  • Gont, F., Simerda, P. Current issues with DNS Configuration Options for SLAAC, IETF Internet Draft. [all versions]
  • Gont, F., Security Implications of IPv6 options of Type 10xxxxxx, IETF Internet Draft. [all versions]
  • Gont, F., Neighbor Discovery Shield (ND-Shield): Protecting against Neighbor Discovery Attacks, IETF Internet Draft. [all versions]
  • Gont, F., Security Assessment of the IPv6 Flow Label, IETF Internet Draft. [all versions]
  • Gont, F., Managing the Address Generation Policy for Stateless Address Autoconfiguration in IPv6, IETF Internet Draft. [all versions]
  • Gont, F., Processing of TCP segments with Mirrored End-points, IETF Internet Draft. [all versions]
  • Gont, F., Processing of IP Security/Compartment and Precedence Information by TCP, IETF Internet Draft. [all versions]
  • Gont, F. Security Assessment of the Transmission Control Protocol (TCP). [Available all versions]
  • Gont F., Mitigating Teredo Rooting Loop Attacks. [Available here]
  • Gont, F., Moving the Endpoint Identifier (EID) Option to Obsolete Status. [Available here]
  • Gont, F., On the generation of TCP timestamps. [Available here]
  • Gont, F., On the problem of long delays between connection-establishment attempts in TCP. Available [here]
  • Gont, F., Increasing the payload of ICMP error messages. [Available here]
  • Gont, F., Srisuresh, P., Security implications arising from NATs. [Available here]
  • Gont, F., TCP Adaptive User TimeOut (AUTO) Option. [Available here]