Joe, On 24/11/18 17:59, Joe Touch wrote: > The problem is operators using this advice as if it were BCP - and later docs > treating the suggestions as recommended advice. > > This treats everything unknown as an attack (a disease I’ve noted in many > similar docs for years), where it should also consider that doing so is > *itself* an attack on the very flexibility we design in as standard.
This is the reality: RFC7872. We should consider claiming vitory if somehow people were to follow the advice in this draft. This is what happens in the operations camp: https://tools.ietf.org/html/draft-gont-v6ops-ipv6-ehs-packet-drops-03- Ironically, the possible harm you apparently see behind this document is, from an operations-reality pov, kind of a very idealistic take. -- the situation right now is that you cannot use EHs reliably on the Internet. If if you even expect non-standardized EHs to go through, then, while nice, that expectation really needs a reality-check. Thanks, -- Fernando Gont SI6 Networks e-mail: [email protected] PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
