On 10/05/2017 03:04 PM, Ron Bonica wrote: > Mike, > > > > I think that you just struck the note that Fernando and I missed. > Transit routers filter extension headers for one of the following reasons: > > > > - To protect themselves (as in RFC 6192) > - To protect downstream devices
We're kind of tackling item #2 above, in the hopes of improving the situation described in RFC7872. -- this is expected to be a default permissive approach. For item #1, it would probably boil down to block anything you don't use (i.e., way more aggressive approach)-- but that would be a different project. Thoughts? Thanks, -- Fernando Gont SI6 Networks e-mail: [email protected] PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
