On 20-aug-2007, at 22:43, Bob Hinden wrote:
We would like to get your comments on the following two choices:
1) Deprecate RH0 as specified in <draft-ietf-ipv6-deprecate-
rh0-01.txt>.
2) Revising the draft to restrict the usage of RH0. This would
continue to require RH0 to be implemented but would restrict the
functionality of RH0. For example, require nodes to have support
for RH0 turned off by default, limit the number of RH0 headers in a
packet to one, limit the number of addresses in the RH0 to a
smaller number (e.g., 6), and and a requirement that addresses can
only be in the header once.
My objections to the draft:
- I do not consider this a security issue as such
- I don't consider this text to be proper use of the word
"deprecate", "remove" would be more appropriate
- not specified that processing the header in a system functioning as
a host is erroneous
- overly aggressive stance on future use of the mechanism
So if the above are my only two choices, I'm coming down in favor of 2.
However, what I'd really like to see is a clear statement that hosts
MUST NOT send out packets not generated locally, for reasons of the
RH0 header or otherwise, and "optional to implement" and "off by
default" language. That leaves current and future implementations the
freedom to implement and administrators to enable the mechanism if
and when desired.
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------