On Thu, 11 Mar 2004 [EMAIL PROTECTED] wrote: > I do not have any preferences here either. I agree with Pekka > that it should be either MUST or MUST NOT. Leaving it as a > SHOULD is not a good idea. > > Now, who can tell if multicast echo request is the primary > multicast debugging mechanism or not ??
It is extensively used for link-local at least, and used a bit for wider scopes as well. But IMHO the real question is this: as there are a number of ways how you could elicit this "response storm" from any node at all (e.g., using the parameter problem trick, using TCP/UDP which is bound to the wildcard address, etc.), I'm not sure if I see the need for expressly prohibiting ICMPv6 echo requests -- it would seem like (mostly) wasted effort to close one door, while leaving the other two dozen doors open. Whether there are 24 or 25 open doors doesn't really impact the overall security but only create more corner cases the implementations should get right. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
