At Tue, 29 May 2007 21:37:39 +0300 (EEST), Pekka Savola wrote: > > [1 <text/plain; ISO-8859-1 (quoted-printable)>] > On Wed, 30 May 2007, JINMEI Tatuya / ¿ÀÌÀãºÈ wrote: > > - section 3.1 > > > > IPv6 implementations are no longer required to implement RH0 in any > > way. > > > > I don't understand why we bother to say this. Isn't it enough to > > state "IPv6 nodes MUST NOT originate IPv6 packets containing RH0."? > > Only commenting on this as I feel rather strongly on this.. > > I don't think the wording you propose is good. That begs the > question, is a compliant IPv6 node required to prevent origination of > RH0? I.e., if a user, through a raw socket for example, were to send > RH0, would the node be required to drop it? What about if the IPv6 > API is used to try to originate such a RH0 packet? > > I don't think this is what you're suggesting, and a "MUST NOT > originate" seems to be on the borderline of the past Robert Elz's > RFC3513 appeal of unclarity in the spec. > > However, I agree that the current wording could probably be better. >
I would prefer to not split too many hairs. I believe we want RH0 off, and if that is the case we should clearly state that: IPv6 nodes MUST NOT originate packets containing RH0 and SHOULD return a Parameter Problem ICMPv6 message with code of 2 Unrecognized IPv6 Option Encountered when such packets are received. That is in line with RFC 2463 in terms of error handling, gives users of the network sufficient debugging information without there being a new hole opened for attack, and leaves open the possibility that no error is returned at all, likely though the use of a kernel tuning variable (sysctl in FreeBSD). Best, George -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
