On 15 Apr 2009, at 16:39, [email protected] wrote:
The benefits and tradeoffs are different for IPv6, which discards header checksums, making the pseudo-header check more important for reliability reasons.
There are still zero "security" benefits for IPv6. (For my part, I would not want to claim that there are other IPv6 benefits to including IP addresses in the pseudo-header checksum, but the crux of the original claim was an inaccurate one relating to "security".) It is still trivially easy to modify the IPv6 address, and recalculate TCP/UDP checksums to hide the modification.
Besides, shouldn't NAT be difficult?
It isn't difficult now, and hasn't been for years. It is so easy that it keeps self-deploying. Yours, Ran _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
