I support the promotion of draft-ietf-ipv6-deprecate-rh0-01.txt to a Proposed Standard.
IMO the editor and author(s) did an exceptionally good job in distilling our many and often somewhat divergent comments into the document we're considering. The above having been said, I'd like to share one _suggestion_ (to be redundant, it is just a suggestion). Section 4.2 (now): "Firewall policy intended to protect against packets containing RH0 MUST NOT simply filter all traffic with a routing header; it must be possible to disable forwarding of type 0 traffic without blocking other types of routing headers. In addition, the default configuration MUST permit forwarding of traffic using a RH other than 0." I don't see it as necessary to dictate firewall policy (particularly to the degree that it is here... for the remaining RH types) in this draft. The original intent, as I understood it, was to call for the deprecation of RH0 and state why. If dictating firewall policy (for the remaining RH types) must be done in this draft, I'd at least prefer to see more concise language. A _suggestion_: "A de facto discarding of all packets containing any routing headers is inappropriate (and may hamper future functionality using other routing headers). Presently, Mobile IPv6 uses Routing Header Type 2 [RFC 3775]. Firewall policy (intended to protect against RH0) MUST have the ability to handle routing headers by specific type." Regardless of the exact language that's employed, I can almost hear people saying (something like): "My firewall doesn't have the granularity to filter on RH type. From reading this RFC, it seems we shouldn't filter on any RH. But what about the dangers associated with RH0? I know that ingress filtering doesn't completely solve the problem. What do I do?" __________ Best Regards, Tim Enos Rom 8:28-39 >This starts a two week IPv6 working group last call on advancing > > Title : Deprecation of Type 0 Routing Headers in IPv6 > Author(s) : J. Abley, et al. > Filename : draft-ietf-ipv6-deprecate-rh0-01.txt > Pages : 9 > Date : 2007-6-28 > >to Proposed Standard. Please send substantive comments to the IPv6 >mailing list. Editorial comments can be sent to the authors. > >This last call will end on July 12, 2007. > >Regards, >Bob Hinden & Brian Haberman >IPv6 WG chairs > > >-------------------------------------------------------------------- >IETF IPv6 working group mailing list >ipv6@ietf.org >Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 >-------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
