Date:Thu, 17 Jan 2002 12:45:24 +0100
From:Brian E Carpenter <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
| In any case, the behaviour when you see an "unknown" flow label should be
| the same as when you see a zero label - apply default treatment, whatever
Erik Nordmark writes:
> For the IETF I think this means that we should not issue a proposed standard
> (e.g. for MIPv6) with a hole (e.g. assuming that ingress filtering will be
> made aware of HAO). If we want to go this path I think we need a community
> supported ingress filtering RFC (BCP
Charles E. Perkins writes:
> Hello folks,
>
> I'm pretty far behind on reading these voluminous e-mails, but
> I would at least like to express again my belief that we could
> go forward with the HAO as it is. If the downside is that then
> there is vulnerability to (single!) packets being
Hello folks,
I'm pretty far behind on reading these voluminous e-mails, but
I would at least like to express again my belief that we could
go forward with the HAO as it is. If the downside is that then
there is vulnerability to (single!) packets being reflected back
to an unsuspecting home addr
- Original Message -
From: "Erik Nordmark" <[EMAIL PROTECTED]>
>
> If we (the IETF) really care about security we need to make sure that we
don't
> create holes in the set of standards track RFCs we issue.
For some people, RFC means Request For Comment.
Surely you don't think an RFC mean
- Original Message -
From: "Pekka Savola" <[EMAIL PROTECTED]>
To: "JINMEI Tatuya / " <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, January 17, 2002 6:28 AM
Subject: Re: IPv6 w.g. Last Call on "IPv6 Host to Router Load Sharing"
> On Thu, 17 Jan 2002, JINMEI Tatuya / [ISO
> => we don't need to wait because mobile IPv6 is not yet fully specified.
> IMHO the only thing we need is to be ready and the first step should
> be to get (traditional) ingress filtering and firewalls with IPv6 support
> (or do you suggest to stop IPv6 until they are implemented and deploye
- Original Message -
From: "Brian E Carpenter" <[EMAIL PROTECTED]>
To: "Robert Elz" <[EMAIL PROTECTED]>
Cc: "Steven M. Bellovin" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>; "Subrata Goswami" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Thursday, January 17, 2002 3:45 AM
Subject: Re: Flow L
On Thu, 17 Jan 2002, Francis Dupont wrote:
> => we don't need to wait because mobile IPv6 is not yet fully specified.
> IMHO the only thing we need is to be ready and the first step should
> be to get (traditional) ingress filtering and firewalls with IPv6 support
> (or do you suggest to stop IPv6
On Thu, 17 Jan 2002, JINMEI Tatuya / [ISO-2022-JP] 神明達哉 wrote:
> I agre with Francis. And, actually, our implementation (i.e. all *BSD
> variants) basically keeps the same router (of the same priority), so
> it will be non-compliant with the SHOULD. I believe our
> implementation is no
>>Also, waiting for AAA solutions to be available
> (specified, implemeted,
>>and deployed) before MIPv6 can be used seems to be
> counter to our desire
>>to finish up MIPv6 soon.
>>
>> => I never proposed to wait for AAA solutions (as I
> ask
In your previous mail you wrote:
>Also, waiting for AAA solutions to be available (specified, implemeted,
>and deployed) before MIPv6 can be used seems to be counter to our desire
>to finish up MIPv6 soon.
>
> => I never proposed to wait for AAA solutions (as I ask
> On Thu, 17 Jan 2002 10:54:33 +0100,
> Francis Dupont <[EMAIL PROTECTED]> said:
>Note that the current "hint" for round robin is less than perfect.
> => I agree but my concern is more about the requirement level.
>I think the current implementations are covered by the SHOUL
In any case, the behaviour when you see an "unknown" flow label should be
the same as when you see a zero label - apply default treatment, whatever
that happens to be locally. No need to either drop the packet or
rewrite the label; at that point it's just a noise field.
Brian
Robert Elz wrote:
> >Hesham wrote:
> >I haven't heard anyone answering my question as to why
> >reverse tunnelling by the MN thru the HA is so much
> >worse than triangular routing,
> >
> > Francis wrote in response:
> > => d(bidir tunnel) = 2 * d(MN,HA) + 2 * d(HA,CN)
> >d(triangu
>Hesham wrote:
>I haven't heard anyone answering my question as to why
>reverse tunnelling by the MN thru the HA is so much
>worse than triangular routing,
>
> Francis wrote in response:
> => d(bidir tunnel) = 2 * d(MN,HA) + 2 * d(HA,CN)
>d(triangular) = d(MN,HA) + d(HA,CN) + d(
>Also, waiting for AAA solutions to be available (specified, implemeted,
>and deployed) before MIPv6 can be used seems to be counter to our desire
>to finish up MIPv6 soon.
>
> => I never proposed to wait for AAA solutions (as I ask only for network
> access control, not everywher
In your previous mail you wrote:
>I have two concerns about this:
> - the random order is not defined (this is a formal concern because
>the intention is clear)
I think most people will understand the intent of "random order".
=> as I've written this is a *formal* concern..
18 matches
Mail list logo
