Dow, Dow Street wrote: > I think the new draft is too extreme in its mitigation approach, and > would favor the "disable by default" option instead. > > Underlying this debate seems to be the question of whether *any* form of > source routing is ok / worthwhile. I'm curious how much of the RH0 FUD > is actually related to the question of control. While a significant > move to source routing is likely to impact the (economic) status quo, I > don't think that means all investigation of a new capability should be > taken off the table.
I don't think that is the case at all. What this draft does is deprecates a *form* of source routing that is open to attack. It does not ban all source routing (e.g. MIPv6 can still use Type 2 source routing) and it does not preclude someone from defining a new type that addresses a need that they have. For example, if someone wants source routing for a "remote traceroute" capability, they can submit an I-D describing the new type. > > It may not be the mechanism itself that is the inherent problem, but > rather the operational use model. In this case, disabling by default > and filtering when RH0 is turned on allows for careful investigation and > experimentation of different use models. Killing the mechanism outright > does not. > > If we decide that certain behaviors have no beneficial use, we can > modify behavior for the RH0 later (hard-code some limits for RH0 use). > We could also add a new RH type, and deprecate RH0 then. However, if we > jump to deprecate RH0 now, without any plan to re-introduce some general > source routing capability in IPv6, I can see a significant uphill battle > for adding source routing functionality later. "remember how dangerous > source routing is?!" Well, I don't see anyone on a witch hunt against MIPv6 source routing. Regards, Brian -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
