We have language for that in other rfcs. Drop usually means silent drop.
So is drop a silent drop or a reject?
http://tools.ietf.org/html/rfc3871

"Ability to Specify Filter Actions

   Requirement.

      The device MUST provide a mechanism to allow the specification of
      the action to be taken when a filter rule matches.  Actions MUST
      include "permit" (allow the traffic), "reject" (drop with
      appropriate notification to sender), and "drop" (drop with no
      notification to sender).  Also see Section 2.7.7 and Section 2.9"

Are there cases where reject (with notification) makes more sense then drop?
Or where the end user should get to choose one over the other?




(coffee != sleep) & (!coffee == sleep)
 [email protected]



From: OPSEC [[email protected]] on behalf of Fernando Gont 
[[email protected]]
Sent: Tuesday, August 12, 2014 4:40 AM
To: Mikael Abrahamsson
Cc: [email protected]; [email protected]; IPv6 
Operations
Subject: Re: [OPSEC] I-D Action: draft-gont-opsec-ipv6-eh-filtering-00.txt


Hi, Mikael,

On 08/12/2014 06:32 AM, Mikael Abrahamsson wrote:
>>> I find this document advocates dropping things way too much.
>>
>> Actually, of the top of my head, the only EH that we were advocated
>> dropping (from the standard set) is/was HBH (this is to be changed in
>> the upcoming rev of the document).
> 
> Ok, good! Another thing I don't know if I mentioned, is that there is a
> mix of different ways of saying the same thing in the advice section,
> sometimes it's "pass", sometimes it's "do not drop". Are you fixing that
> as well?

I wasn't... but now I will.



> Anyhow, I'll wait until the next rev and give it a complete read-through.

Thanks so much!

Best regards,
-- 
Fernando Gont
SI6 Networks
e-mail: [email protected]
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492




_______________________________________________
OPSEC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/opsec
_______________________________________________
OPSEC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/opsec

Reply via email to