Suresh -
As far as I know, there are no legitimate applications for overlapping
fragments (please send in a note if you see any). I am not aware of
any
stack that generates these either under normal conditions either.
In addition, there doesn't seem to be a reason, other than malicious,
for generating overlapping fragments.
If there are no known legitimate applications of overlapping
fragments,
would you still like this cautionary note to be included?
Yes, the document should contain more explicit guidance for firewall
builders on how the document affects their products. Given the apparent
absence of overlapping fragment for legitimate traffic, it would be
safe, and even recommended, for firewall builders to directly apply the
conclusions from the document in their products. This should be made
explicit in a short extra paragraph in my opinion.
- Christian
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
