Hello Fernando, Thanks for the quick reply. Your responses all work for me. Just a couple of small comments ...
On Thu, 21 Aug 2014, Fernando Gont wrote: > On 08/20/2014 04:20 PM, C. M. Heard wrote: > > Alternative advice: > > Intermediate systems should discard packets containing these > > extension headers. This policy could be overridden in specific > > environments where the experimental headers are used. > > The thing is that "this policy could be overriden.." sounds a bit like > defining configuration defaults. mm.. how about: > > Intermediate systems should discard packets containing these > extension headers. Only in in specific scenarios in which > experiments are to be performed, an operator may want to permit > these extension headers. That works for me (as do the other tweaks of a similar nature that you suggested). I suggested the text "This policy could be overridden ..." because it appeared elsewhere in the draft. If you don't like it here, you may want to do a "search and destroy" mission to root it out in other places where it appears. > > General comment on Section 4, advice about options: should the > > advice be nuanced to distinguish between cases where an option > > appears in a Hop-by-Hop option header vs a Destination Options > > header? > > Yes. Even if te advice ends up being the same. I will check if there are > any options (other than the padding ones) that cane be included in > different EH types (of the top of my head, most of the options are meant > for specific EH types). As far as I could tell, the padding options are the only ones that are allowed to appear in both kinds of option extension headers. > > Unknown options: there is no section covering these. I am not > > concerned if the RFC 2460 implementation defaults (i.e., obey the > > instructions in the top two bits of the option type) is > > operationally acceptable. > > mm.. let me think about this one -- I'll come back to you. Sounds good. Thanks again for your efforts. Mike Heard _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
