RFC 1455 (rfc1455) - Page 1 of 6
Physical Link Security Type of Service
Alternative Format: Original Text Document
Network Working Group D. Eastlake, III
Request for Comments: 1455 Digital Equipment Corporation
May 1993
Physical Link Security Type of Service
Status of this Memo
This memo defines an Experimental Protocol for the Internet
community. Discussion and suggestions for improvement are requested.
Please refer to the current edition of the "IAB Official Protocol
Standards" for the standardization state and status of this protocol.
Distribution of this memo is unlimited.
Abstract
This RFC documents an experimental protocol providing a Type of
Service (TOS) to request maximum physical link security. This is an
addition to the types of service enumerated in RFC 1349: Type of
Service in the Internet Protocol Suite. The new TOS requests the
network to provide what protection it can against surreptitious
observation by outside agents of traffic so labeled. The purpose is
protection against traffic analysis and as an additional possible
level of data confidentiality. This TOS is consistent with all other
defined types of service for IP version 4 in that it is based on link
level characteristics and will not provide any particular guaranteed
level of service.
1. Nature of Requirement
This Internet Protocol addition addresses two potential security
requirements: resistance to traffic analysis and confidentiality.
These are described in the two subsections below followed by a
discussion of why links have different levels of physical security so
that it is meaningful to request that more secure links be used.
1.1 Traffic Analysis
At this time all Internet Protocol (IP) packets must have most of
their header information, including the "from" and "to" addresses, in
the clear. This is required for routers to properly handle the
traffic even if a higher level protocol fully encrypts all bytes in
the packet after the IP header. This renders even end-to-end
encrypted IP packets subject to traffic analysis if the data stream
can be observed. While traffic statistics are normally less
sensitive than the data content of packets, in some cases activities
of hosts or users are deducible from traffic information.
Eastlake