RE: RE:Pre-draft: SEAL as an IPv6 extension header(was:Fragmentation-related Security issues) (Templin, Fred L)

2012-01-13 Thread Templin, Fred L
FYI, I have posted a new version that addresses these issues: https://datatracker.ietf.org/doc/draft-templin-sealopt/ Thanks - Fred From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of Templin, Fred L Sent: Friday, January 13, 2012 9:37 AM To:

Re: [Technical Errata Reported] RFC5722 (3089)

2012-01-13 Thread Simon Perreault
On 2012-01-13 15:05, RFC Errata System wrote: - It breaks at fairly low speeds. See draft-ietf-intarea-ipv4-id-update. I was confusing IPv6 with IPv4 (they do look similar!). You can ignore this argument. The other argument still stands. Simon -- DTN made easy, lean, and smart --> http://pos

[Technical Errata Reported] RFC5722 (3089)

2012-01-13 Thread RFC Errata System
The following errata report has been submitted for RFC5722, "Handling of Overlapping IPv6 Fragments". -- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=5722&eid=3089 -- Type: Technica

RE: RE:Pre-draft: SEAL as an IPv6 extension header(was:Fragmentation-related Security issues) (Templin, Fred L)

2012-01-13 Thread Templin, Fred L
Hi Sreenatha, You are right that the draft needs to be clarified on this point. The answer is that whether or not there is a shared secret key the destination node can validate or not validate the signature as it deems fit. If the destination willl not validate the signature, then it simply ignore

New revision of draft-gont-6man-flowlabel-security

2012-01-13 Thread Fernando Gont
Folks, I have just posted a revision of the aforementioned I-D. It is available at: Any comments will be appreciated. Thanks! Best regards, Fernando Original Message Subject: New Version Notification for

RE:Pre-draft: SEAL as an IPv6 extension header(was:Fragmentation-related Security issues) (Templin, Fred L)

2012-01-13 Thread Sreenatha setty
Hi Fred, In the draft, the behavior of destination node in processing the SEAL header is need to be cleared. If nodes are not exchanging symmetric key and it received SEAL extension header packet and the packet is not ICMPv6 error packet, how destination node should process the SEAL header?