I do agree with your points, but if you loot at rfc3775, it says that
" The use of IPsec Authentication Header (AH) for the Home Address option is not required, except that if the IPv6 header of a packet is covered by AH, then the authentication MUST also cover the Home Address option; this coverage is achieved automatically by the definition of the Option Type code for the Home Address option, since it indicates that the data within the option cannot change en route to the packet's final destination, and thus the option is included in the AH computation."
from the above, it is satisfactory that final destination option cannot be mutable.
any opinions?
Thanks,
Srinivas.
On 8/4/05, JINMEI Tatuya / 神明達哉 <[EMAIL PROTECTED]> wrote:
>>>>> On Wed, 3 Aug 2005 13:10:38 +0530,
>>>>> Srinivas Goud <[EMAIL PROTECTED]> said:
> Is Final Destination Option (just before upper layer protocol), mutable or
> immutable?
Whether an destination (or hop-by-hop) option is mutable is defined
per-option basis. It is irrelevant from the position of the options
header containing each particular option (e.g. just before upper layer
protocol). See RFC2460 for more details.
So,
> Can I assume that Destination Options inside AH (before AH) are mutable and
> Destination Option outside AH (after AH) as Immutable?
No, you can't. You need to examine the third-highest-order bit of
each option, regardless of the header position.
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
[EMAIL PROTECTED]
-------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
