Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Nick Hilliard <nick@xxxxxxxxxx>
Subject: Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
From: Joe Touch <touch@xxxxxxxxxxxxxx>
Date: Wed, 5 Dec 2018 05:48:43 -0800
Cc: ietf <ietf@xxxxxxxx>, draft-ietf-opsec-ipv6-eh-filtering.all@xxxxxxxx, opsec wg mailing list <opsec@xxxxxxxx>, tsv-art@xxxxxxxx
In-reply-to: <59c6c31e-05ea-65b2-4ffe-ca05a449c8cd@foobar.org>
References: <977CA53D-7F72-4443-9DE2-F75F7A7C1569@strayalpha.com> <d6deb7af-99dd-9013-2722-8ebbe00c0b37@si6networks.com> <1CB13135-D87A-4100-8668-D761058E1388@strayalpha.com> <0f56c25d-7ac7-e534-4e2c-cc09f5154e77@foobar.org> <28EDE667-457E-4AED-8480-F27ECAA8E985@strayalpha.com> <6bd1ec94-f420-1f4c-9254-941814704dbb@gmail.com> <6be84ccf-9a72-2694-e19d-fa19043a0cb1@huitema.net> <4C249487-BD58-41BB-B8B6-081323E29F6C@strayalpha.com> <20181126075746.GO72840@Space.Net> <6C50775C-EB67-4236-93B8-DF0259E04167@strayalpha.com> <20181126175336.GW72840@Space.Net> <c959d8cb6f6a04a8da8318cfa89da341@strayalpha.com> <2425355d-e7cc-69dd-5b5d-78966056fea7@foobar.org> <C4D47788-0F3D-4512-A4E3-11F3E6EC230B@strayalpha.com> <8d3d3b05-ecc3-ad54-cb86-ffe6dc4b4f16@gmail.com> <C929A8B9-D65C-4EF7-9707-2238AE389BE3@strayalpha.com> <CAL9jLaY4h75KK4Bh-kZC6-5fJupaNdUfm1gK2Dg99jBntMCEyQ@mail.gmail.com> <59c6c31e-05ea-65b2-4ffe-ca05a449c8cd@foobar.org>

> On Dec 5, 2018, at 5:02 AM, Nick Hilliard <nick@xxxxxxxxxx> wrote:
> 
> there is a more general issue, namely that protocols are often written without the benefit of hindsight or experience

Yet we had that experience by 8200 and did not remove HBH options or their flags.

I agree there is a problem her, but it is not a security problem.  We cannot continue to claim that the options exist if they can be silently ignored at will while being marked Sa ‘drop if not supported’. 

Fix the problem. But let’s not perpetuate the lies.

Joe

References:
- Re: Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Joe Touch
- Re: Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Fernando Gont
- Re: Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Joe Touch
- Re: Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Nick Hilliard
- Re: [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Joe Touch
- Re: [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Brian E Carpenter
- Re: [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Christian Huitema
- Re: [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Joe Touch
- Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Gert Doering
- Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Joe Touch
- Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Gert Doering
- Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Joe Touch
- Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Nick Hilliard
- Re: [Tsv-art] [OPSEC] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Joe Touch
- Re: [Tsv-art] [OPSEC] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Stewart Bryant
- Re: [Tsv-art] [OPSEC] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Joe Touch
- Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Christopher Morrow
- Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
  - From: Nick Hilliard

Prev by Date: Re: [Tsv-art] [OPSEC] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
Next by Date: Re: [Tsv-art] [OPSEC] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
Previous by thread: Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
Next by thread: Re: [OPSEC] [Tsv-art] Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06
Index(es):
- Date
- Thread

[Index of Archives] [IETF Annoucements] [IETF] [IP Storage] [Yosemite News] [Linux SCTP] [Linux Newbies] [Mhonarc] [Fedora Users]