Re: New "IP Version 6 Addressing Architecture" draft

$B5HF#1QL@(B Sat, 22 Jul 2000 22:44:04 -0700
In article <[EMAIL PROTECTED]> (at Sun, 23 Jul 2000 13:21:27 +0900), 
[EMAIL PROTECTED] says:

>       that briefly?  i'm trying to understand your mindset, and it looks
>       like as follows (correct me if i'm wrong):
>       - IPv4 packet on the wire, and native-ipv4-mapped packet on the wire,
>         must go through the same set of accept/deny policy in the kernel.
>         (I believe this is not correct understanding of RFC2553 section 3.7.
>         see below)
>       - this is applications' responsibility to deal with native-ipv4-mapped
>         packet.  (this is close to impossible, from what RFC2553 provides)

        I think:

        - IPv4 packet on the wire, and native-ipv4-mapped packet on the wire,
          should be handled by the same set of accept/deny policy in
          APPLICATIONs.

        - this is KERNEL's responsibility to deal with native-ipv4-mapped
          packet.  KERNEL should drop malicious packet from outside.

You too, Brian (Zill)?

-- 
Hideaki YOSHIFUJI @ USAGI Project  <[EMAIL PROTECTED]>
Web Page: http://www.ecei.tohoku.ac.jp/%7Eyoshfuji/
PGP5i FP: F731 6599 5EB2 BBA7 1515  1323 1806 A96F 5700 6B25 
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
Re: New "IP Version 6 Addressing Architecture" draft

Reply via email to
