Hi Brian, On 04/08/2015 06:18 PM, Brian Haberman wrote: > Fred, > > On 4/8/15 3:30 PM, Templin, Fred L wrote: >> To be constructive, one way forward would be to define a new field in the GRE >> header called the "fragment" field. It would be used to fragment the payload >> packet prior to encapsulating each fragment in a separate delivery header. >> This would be an example of tunnel fragmentation as suggested in Section >> 3.1.7 of RFC2764. > > That would be a fine proposal to write-up, but it does not belong in > this document. *This* document describes what vendors have implemented. > It is an Informational document.
Exactly. > > If anything were to go in this document, I could see an additional > description in the Security Considerations section that describes the > vulnerability you are concerned about. > > WG? This was discussed even before the document was adopted. The document was originally shooting for BCP and due to these concerns, all prescriptive text was removed and it became solely a description of existing (and widely deployed) implementations. I had summarized this in the WG summary of the Shepherd writeup. I am not sure what to add to the Security considerations of this draft, but it is worth exploring. Thanks Suresh _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
