IPv7: Identity-Centric Network Protocol for Security, Proxy Mitigation, and Operability
Pangram verdict · v3.3
We believe that this document is a mix of AI-generated, and human-written content
AI likelihood · overall
MixedArticle text · 2,491 words · 8 segments analyzed
IETF A. Subbiah Internet-Draft Independent Intended status: Standards Track April 2026 Expires: 27 October 2026 IPv7: Identity-Centric Network Protocol for Security, Proxy Mitigation, and Operability draft-subbiah-ipv7-00 Abstract This document specifies a network-layer protocol, IPv7, that extends the Internet Protocol model with an identity-carrying address form and an origin-validation mechanism intended to mitigate abuse of residential proxy infrastructure. IPv7 replaces purely numerical source addressing with a hierarchical identity string and a Variable- Length Identity Block (VLIB) that carries an Ephemeral Identity Token (EIT), provider and tenant identifiers, role/policy signalling, and an Origin Signature verifiable by the originating provider. The protocol enables routers to apply policy and reputation signals at the network layer while limiting disclosure of a subscriber's long- term identity to intermediate systems. This document addresses growing security challenges in Internet-connected devices (IoT), including smart TVs, appliances, and other residential endpoints that are vulnerable to residential proxy exploitation and botnet infection. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 3 October 2026. Subbiah Expires 27 October 2026 [Page 1] Internet-Draft IPv7: Identity-Centric Network Protocol April 2026 Copyright Notice Copyright (c) 2026 IETF Trust and the persons identified as the document authors.
All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1. Conventions and Terminology . . . . . . . . . . . . . . . 5 1.2. Key Design Pillars . . . . . . . . . . . . . . . . . . . 5 1.3. Goals and Capabilities . . . . . . . . . . . . . . . . . 6 2. Non-Goals . . . . . . . . . . . . . . . . . . . . . . . . . . 6 3. Problems with IPv4 and IPv6 . . . . . . . . . . . . . . . . . 7 3.1. Identity Masking via Residential Proxies . . . . . . . . 7 3.2. Stateless Security (Dumb Headers) . . . . . . . . . . . . 7 3.3. Complexity and Human Error . . . . . . . . . . . . . . . 7 3.4. Lack of Native Trust Tiers . . . . . . . . . . . . . . . 8 4. IPv7 Solutions . . . . . . . . . . . . . . . . . . . . . . . 8 4.1. Identity-Centric Addressing . . . . . . . . . . . . . . .
8 4.2. Eliminating Residential Proxies via Source-Provider Validation . . . . . . . . . . . . . . . . . . . . . . . 8 4.3. Built-In Reputation and Hardware-Level Filtering . . . . 8 4.4. Granular Policy Enforcement . . . . . . . . . . . . . . . 9 4.5. Human-Readable Auditing . . . . . . . . . . . . . . . . . 9 5. Darknet Diaries Case Studies: IPv7 as the Fix . . . . . . . . 9 5.1. Episode 172: SuperBox . . . . . . . . . . . . . . . . . . 9 5.2. Episode 128: Gollumfun (Part 1) (Fraud and Identity Abuse) . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.3. Episode 110: Spam Botnets . . . . . . . . . . . . . . . . 10 5.4. Episodes 45-46: Xbox Underground (Credential Reuse and Lateral Movement) . . . . . . . . . . . . . . . . . . . . 10 6. Additional Motivation from Public Incident Reporting . . . . 10 6.1. Botnets Monetised as Residential Proxy Infrastructure . . 10 6.2. Credential Abuse and the Limits of Source Addressing . . 11 7. Technical Specification . . . . . . . . . . . . . . . . . . . 11 7.1. IPv7 Packet Header Format . . . . . . . . . . . . . . . . 11 7.1.1. Fixed Header Section (40 bytes) . . . . . . . . . . . 11 7.1.2. Variable-Length Identity Block (VLIB) . . . . . . . .
11 7.2. How Routers Process IPv7 Headers . . . . . . . . . . . . 11 Subbiah Expires 27 October 2026 [Page 2] Internet-Draft IPv7: Identity-Centric Network Protocol April 2026 7.2.1. Three-Stage Processing . . . . . . . . . . . . . . . 11 8. Operational Considerations . . . . . . . . . . . . . . . . . 12 8.1. Key Management and Rollover . . . . . . . . . . . . . . . 12 8.2. First-Hop Deployment Model . . . . . . . . . . . . . . . 12 8.3. Telemetry and Troubleshooting . . . . . . . . . . . . . . 12 8.4. Policy and Misconfiguration Risk . . . . . . . . . . . . 12 8.5. Interconnection Considerations . . . . . . . . . . . . . 13 8.6. Manageability Considerations . . . . . . . . . . . . . . 13 9. Deployment and Transition Considerations . . . . . . . . . . 13 9.1. Incremental Deployment Models . . . . . . . . . . . . . . 13 9.2. Coexistence and Negotiation . . . . . . . . . . . . . . . 13 9.3. Naming and Discovery Considerations . . . . . . . . . . . 13 9.4. Middleboxes, Firewalls, and Translation . . . . . . . . . 13 10. Privacy Model: Hybrid Anonymity . . . . . . . . . . . . . . . 14 10.1. Ephemeral Identity Tokens (EIT) . . . . . . . . . . . . 14 10.2. ISP-Level Verification . . . . . . . . . . . . . . . . .
14 10.3. Reputation without Identification . . . . . . . . . . . 14 10.4. Optional Selective Disclosure . . . . . . . . . . . . . 14 11. Advanced Security Features . . . . . . . . . . . . . . . . . 14 11.1. Quantum-Resistant Cryptography . . . . . . . . . . . . . 15 11.2. Multi-Layer Authentication . . . . . . . . . . . . . . . 15 11.3. Built-In DDoS Mitigation . . . . . . . . . . . . . . . . 15 11.4. Reputation-Based Filtering . . . . . . . . . . . . . . . 15 12. Advanced Routing Features . . . . . . . . . . . . . . . . . . 15 12.1. Trust-Aware Path Selection . . . . . . . . . . . . . . . 15 12.2. Policy-Aware Forwarding . . . . . . . . . . . . . . . . 16 12.3. SLA Enforcement . . . . . . . . . . . . . . . . . . . . 16 12.4. Real-Time Media (Voice and Video) Quality Signalling . . 16 12.5. On-Demand Streaming Video Delivery Optimisation . . . . 16 13. IPv4 vs IPv6 vs IPv7 Comparison . . . . . . . . . . . . . . . 16 14. Use Case: Botnet Attack Mitigation . . . . . . . . . . . . . 16 14.1. Scenario . . . . . . . . . . . . . . . . . . . . . . . . 17 14.2. IPv4/IPv6 Failure . . . . . . . . . . . . . . . . . . . 17 14.3.
IPv7 Solution . . . . . . . . . . . . . . . . . . . . . 17 14.4. Cost Shift . . . . . . . . . . . . . . . . . . . . . . . 17 15. Use Case: Interactive Conferencing (Voice and Video) . . . . 17 15.1. Scenario . . . . . . . . . . . . . . . . . . . . . . . . 18 15.2. IPv4/IPv6 Limitations . . . . . . . . . . . . . . . . . 18 15.3. IPv7 Approach . . . . . . . . . . . . . . . . . . . . . 18 15.4. Operational Notes . . . . . . . . . . . . . . . . . . . 18 16. Use Case: On-Demand Streaming Video . . . . . . . . . . . . . 18 16.1. Scenario . . . . . . . . . . . . . . . . . . . . . . . . 18 16.2. IPv4/IPv6 Limitations . . . . . . . . . . . . . . . . . 19 16.3. IPv7 Approach . . . . . . . . . . . . . . . . . . . . . 19 16.4. Operational Notes . . . . . . . . . . . . . . . . . . . 19 17. Implementation Considerations . . . . . . . . . . . . . . . . 19 17.1. Signature Verification Performance . . . . . . . . . . . 19 17.2. Trust Level Updates via Gossip Protocol . . . . . . . . 19 Subbiah Expires 27 October 2026 [Page 3] Internet-Draft IPv7: Identity-Centric Network Protocol April 2026 17.3.
EIT Generation and Rotation . . . . . . . . . . . . . . 20 17.4. Backward Compatibility and Incremental Deployment . . . 20 17.5. Scalability Considerations . . . . . . . . . . . . . . . 20 17.6. Resiliency and High Availability . . . . . . . . . . . . 20 17.7. AI/ML-Assisted Policy and Telemetry (Non-Normative) . . 20 17.8. Futuristic Extensions (Non-Normative) . . . . . . . . . 20 18. Security Considerations . . . . . . . . . . . . . . . . . . . 21 18.1. Signature Key Compromise . . . . . . . . . . . . . . . . 21 18.2.
Replay Attacks . . . . . . . . . . . . . . . . . . . . . 21 18.3. Role Escalation . . . . . . . . . . . . . . . . . . . . 22 18.4. Privacy Leakage via Traffic Analysis . . . . . . . . . . 22 18.5. Trust Level Depletion Attack . . . . . . . . . . . . . . 22 19. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 20. References . . . . . . . . . . . . . . . . . . . . . . . . . 22 20.1. Normative References . . . . . . . . . . . . . . . . . . 22 20.2. Informative References . . . . . . . . . . . . . . . . . 23 21. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . 23 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 23 1. Introduction The current Internet architecture (IPv4 and IPv6) is built upon the principle of "reachability first, security second." IP addresses identify connection points or topological locations, not the identity or intent of the sender. This fundamental architectural gap has enabled the proliferation of residential proxy networks - a multi- billion-dollar market where malicious actors mask their identity behind legitimate consumer IP addresses to conduct fraud, credential stuffing, and distributed denial of service (DDoS) attacks. With the explosive growth of Internet-connected devices (IoT) - including smart TVs, robotic vacuum cleaners, refrigerators, washing machines, and other consumer appliances - the security challenges have intensified. Most of these devices run Linux or Android-based systems with customizable network stacks that can be modified at the kernel level. However, current IPv4 and IPv6 lack the native mechanisms to authenticate the true origin of traffic or enforce network-layer policy based on device identity and trust.