On Tue, Oct 1, 2019 at 8:38 AM Fred Baker <[email protected]> wrote: > > > > On Oct 1, 2019, at 11:14 AM, Tom Herbert <[email protected]> wrote: > > Taking "the IPsec approach" would be creating a new extension header > > and code point that is unique to IPv4-- I don't see how that's any > > better than just using an existing EH defined for IPv6. > > I'm not sure I agree with that. > > When we added IPsec to IPv4, a system that didn't implement IPsec could not > step past the IPsec header when parsing. It had no idea the length of the > ipSEC header. If we add an extension header to IPv6 (for example, when we > added the security header to IPv6), we could continue to parse the IPv6 > header even if we didn't implement a given header beyond parsing. So they are > not the same thing.
Fred, Yes, I was assuming Joe meant to create a new extension header for IPv4. The EH, rather it's a new one or reuse of HBH or DO, would have the properties of other plain text EHs with next header field and explicit length and so could be parsed over. Tom _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
