The draft is valuable as a security considerations document, but I suggest emphasizing operationally enforceable guidance:
1) Clearly state boundary enforcement expectations (who is allowed to inject SRH/segments; what must be filtered/dropped at domain edges). 2) Add explicit guidance on extension header / fragmentation handling so mitigations remain effective in real deployments. 3) Where possible, tie mitigations to concrete controls (ACLs/policy filters/strict validation of SRH and segment lists) rather than only descriptive text. Regards, Meir Goldman FAZON Foundation [email protected] https://fazon.org
_______________________________________________ spring mailing list -- [email protected] To unsubscribe send an email to [email protected]
