RE: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-11 Thread Templin, Fred L
Sorry Brian; here is the correct explanation: > > They must have just made that up; there's no justification for it. > > It could be an unknown extension header of unknown length, or it > > could be an unknown payload of unknown length. In real life > > I'd expect firewalls to default-drop such pa

RE: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-11 Thread Templin, Fred L
org; ipv6@ietf.org > Subject: Re: Adrian Farrel's No Objection on draft-ietf-6man-ext- > transmit-04: (with COMMENT) > > Fred, > > On 09/10/2013 04:28, Templin, Fred L wrote: > ... > > When Wireshark encounters a header type 253 or 254, it assumes it is > > an unkn

Re: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-10 Thread Brian E Carpenter
Fred, On 09/10/2013 04:28, Templin, Fred L wrote: ... > When Wireshark encounters a header type 253 or 254, it assumes it is > an unknown extension header of length 8 bytes, then skips ahead and > attempts to parse anything that follows as additional headers. They must have just made that up; the

RE: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-08 Thread Templin, Fred L
tf.org; ipv6@ietf.org; The IESG > Subject: Re: Adrian Farrel's No Objection on draft-ietf-6man-ext- > transmit-04: (with COMMENT) > > On 08/10/2013 10:28, C. M. Heard wrote: > ... > > > Maybe I'm making too much of this. Certainly a reasonable action > > for

Re: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-07 Thread Brian E Carpenter
On 08/10/2013 10:28, C. M. Heard wrote: ... > Maybe I'm making too much of this. Certainly a reasonable action > for a middlebox that's told to pass packets with extension header > types 253 and 254 is to stop parsing when it encounters those next > header types and forward the packet in quest

Re: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-07 Thread C. M. Heard
On Tue, 8 Oct 2013, Brian E Carpenter wrote: > Yes, and for a moment there you had me worried, but if the security > concern is that the unknown header may contain bad stuff and/or cause > a buffer overflow bug, then it really doesn't matter whether it is > an extension header or a payload header.

Re: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-07 Thread Brian E Carpenter
On 08/10/2013 05:53, C. M. Heard wrote: > On Mon, 7 Oct 2013, Adrian Farrel wrote: >> Section 1.1 >> >> A couple of points about the following paragraph: >> >>In this document "standard" IPv6 extension headers are those >>specified in detail by IETF standards actions. "Experimental" >>

Re: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-07 Thread Brian E Carpenter
On 08/10/2013 03:43, Adrian Farrel wrote: ... > Section 1.1 > > A couple of points about the following paragraph: > >In this document "standard" IPv6 extension headers are those >specified in detail by IETF standards actions. "Experimental" >extension headers are those defined by any

Re: Adrian Farrel's No Objection on draft-ietf-6man-ext-transmit-04: (with COMMENT)

2013-10-07 Thread C. M. Heard
On Mon, 7 Oct 2013, Adrian Farrel wrote: > Section 1.1 > > A couple of points about the following paragraph: > >In this document "standard" IPv6 extension headers are those >specified in detail by IETF standards actions. "Experimental" >extension headers are those defined by any Expe