On Thu, 13 Dec 2001, JJ Behrens wrote: > If the mn tries to send an ICMP message compaining that the packet is > source routed, does it send the ICMP message by way of reversing the route > used up to that point?
ICMP message would not be source routed. Regular replies could be if the packet had been authenticated with AH. > If so, isn't that just as bad as allowing source routing (i.e. exploits > are equally possible)? If so, dropping the packet is the appropriate > action over sending an ICMP message. I'm slightly favouring the silent discard of the packet, but that basically requires that there's clear view on what the default setting is/should be. It appears this is not currently the case. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
