On Sun, 3 Mar 2024, at 23:02, Alan DeKok wrote: >> My proposal would be to just use a dummy (marked optional) Outer-TLV that would be ignored by the other end to avoid this problem; sort of like GREASE...but to fix an insecurity instead. > > I think that changes existing implementations. Unless the > recommendation is for each end to add a dummy Outer-TLV which > implementations are *known* to ignore. It is completely optional to add this and it is marked as an 'optional' TLV so will have no impact to existing implementations. The document already states that if you receive an *optional* TLV you do not understand, just ignore it. For people who think this attack may be a problem, they have the option to append effectively a NOP TLV could solve this. I think providing someone with an option is a good thing. It is fine for *us* to state "this if perfectly okay though" but someone else may find that harder to eat so if they want to do this extra thing nothing prevents them. Of course we could add a new TLV with no problems (it is marked optional) or more dirty we suggest the implementor picks something in their own Vendor TLV space. Alternatively we meditate on using Vendor-ID 0 or someone donates? Cheers -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
