Does that mean that Path MTU was badly designed, because it failed to take into account stupid firewalls?
Path MTU disovery was implemented very poorly because implementations tend expect certain functionality in routers, and usually don't recover when this functionality is absent. (For whatever reason.)
Does it mean that backwards compatibility is **SO** important that we cannot add security, lest we break some badly designed, but yet deployed infrastructure boxes?
The way things are today (and will probably stay for a long time), there is no course of action that is completely problem-free.
In the mean time, can anyone explain to me which real-world problem ECN solves?