[Ipsec] draft-ietf-ipsec-esp-v3-10.txt
"Vishwas Manral" <Vishwas@sinett.com> Wed, 07 December 2005 11:41 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Ejxfb-0002iD-G9; Wed, 07 Dec 2005 06:41:11 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EjxfZ-0002hj-L5 for ipsec@megatron.ietf.org; Wed, 07 Dec 2005 06:41:09 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA22693 for <ipsec@ietf.org>; Wed, 7 Dec 2005 06:40:18 -0500 (EST)
Received: from 63-197-255-154.ded.pacbell.net ([63.197.255.154] helo=sinett.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Ejy1D-0004Ke-HU for ipsec@ietf.org; Wed, 07 Dec 2005 07:03:34 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 07 Dec 2005 03:45:33 -0800
Message-ID: <BB6D74C75CC76A419B6D6FA7C38317B2B873B8@sinett-sbs.SiNett.LAN>
Thread-Topic: draft-ietf-ipsec-esp-v3-10.txt
Thread-Index: AcX7I7sj5sDiqZwESNmb3c/FMYziKg==
From: Vishwas Manral <Vishwas@sinett.com>
To: IPsec <ipsec@ietf.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17
Content-Transfer-Encoding: quoted-printable
Cc: Pekka Savola <pekkas@netcore.fi>
Subject: [Ipsec] draft-ietf-ipsec-esp-v3-10.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
Hi Steve, (CC'ing Pekka for IPv6 inputs) Sorry for getting this late. I noticed in section 3.3.4 it is stated that: - NOTE: For IPv6 -- For bump-in-the-stack and bump-in-the-wire implementations, it will be necessary to examine all the extension headers to determine if there is a fragmentation header and hence that the packet needs reassembling prior to IPsec processing. However I do not think having a fragment header itself means the packet is a fragment. Only if the offset field or the more fragment field is set to non-zero, only then is a packet a fragment. The fragment header is also used to signal to an IPv4-to-IPv6 translator that the packet can be fragmented, DF bit setting in the outer IPv4 header (SIIT - RFC2765). I think the same text is there for AH draft draft-ietf-ipsec-rfc2402bis-11.txt too. We could change the text to NOTE: For IPv6 -- For bump-in-the-stack and bump-in-the-wire implementations, it will be necessary to examine all the extension headers to determine if there is a fragmentation header, and either the More flag or the Fragment Offset is non-zero. If so that packet needs reassembling prior to IPsec processing. We can bounce the text off the IPv6 list too if we desire. Thanks, Vishwas _______________________________________________ Ipsec mailing list Ipsec@ietf.org https://www1.ietf.org/mailman/listinfo/ipsec
- [Ipsec] draft-ietf-ipsec-esp-v3-10.txt Vishwas Manral
- Re: [Ipsec] draft-ietf-ipsec-esp-v3-10.txt Stephen Kent