On Oct 1, 2019, at 11:14 AM, Tom Herbert <[email protected]> wrote:
> Taking "the IPsec approach" would be creating a new extension header
> and code point that is unique to IPv4-- I don't see how that's any
> better than just using an existing EH defined for IPv6.
I'm not sure I agree with that.
When we added IPsec to IPv4, a system that didn't implement IPsec could not
step past the IPsec header when parsing. It had no idea the length of the ipSEC
header. If we add an extension header to IPv6 (for example, when we added the
security header to IPv6), we could continue to parse the IPv6 header even if we
didn't implement a given header beyond parsing. So they are not the same thing.
_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area
