> On Wed, Jun 16, 2004 at 11:00:23PM -0400, Soliman Hesham wrote: > > > > > > It implies that mobile IPv6 depndeing on routing header > > > may not work. > > > > => This statement is true IFF people assume that > > Record Route Option == Routing header type 2 used for MIPv6. > > Of course that is not true because there are security > > implications for using routing header type 2 and an > > assumption that the end node will verfiy such use. Moreover, > > RH type 2 will not impact other nodes behind the FW > > if used in a malicious way. All this points to two things: > > 1. The two are not equivalent, and > > 2. We need to make sure that network admins know (1). > > But (2) is the same issue with ICMP filtering ! So, I would not trust > admins to tell the difference. => No it's not the same... MIPv6 includes e2e security (authentication and authorisation), I don't see people doing that with ping or PMTUD. So one could put an argument for filtering some of the ICMP messages. So far I don't see that as a valid argument for MIPv6 RH type 2. Hesham =========================================================== This email may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies. =========================================================== _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf