Geoff and Chris,
But trying to erase the capability itself from the protocol standard
smacks to me of overreaction, and in terms of the security and safety of
the internet is another classic example of security pantomime!
[But, like Chris, in thinking these evil thoughts I'm now a heretic.
Quick, fetch the stake, the rope and some fire! :-)]
My first thought some weeks ago was to add rules to RH0 to eliminate
at least most of the problem, but I've become convinced that the
cleanest way to do that is to abolish RH0 and design a new RHn
which is intrinsically safer. As far as implementers and operators
are concerned that should be better, since there won't be ambiguity
about whether code has been updated to support RH0bis or not, since
we have no provision for versioning routing headers.
That way, we could avoid the auto da fé.
Brian
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
