FW: Protocol Action: 'Deprecation of Type 0 Routing Headers in IPv6' to Proposed Standard
Jari Arkko <jari.arkko@piuha.net> Mon, 08 October 2007 19:05 UTC
Return-path: <ipv6-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iexuh-0007wQ-1T; Mon, 08 Oct 2007 15:05:11 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iexue-0007w2-Lz for ipv6@ietf.org; Mon, 08 Oct 2007 15:05:08 -0400
Received: from p130.piuha.net ([193.234.218.130]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Iexue-0003em-0I for ipv6@ietf.org; Mon, 08 Oct 2007 15:05:08 -0400
Received: from p130.piuha.net (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 5D249198683 for <ipv6@ietf.org>; Mon, 8 Oct 2007 22:05:07 +0300 (EEST)
Received: from [127.0.0.1] (p130.piuha.net [193.234.218.130]) by p130.piuha.net (Postfix) with ESMTP id 0B87E19866A for <ipv6@ietf.org>; Mon, 8 Oct 2007 22:05:07 +0300 (EEST)
Message-ID: <470A7F62.1040307@piuha.net>
Date: Mon, 08 Oct 2007 22:05:06 +0300
From: Jari Arkko <jari.arkko@piuha.net>
User-Agent: Thunderbird 1.5.0.13 (X11/20070824)
MIME-Version: 1.0
To: IETF IPv6 Mailing List <ipv6@ietf.org>
References: <E1IewMs-00042z-Hp@stiedprstage1.ietf.org>
In-Reply-To: <E1IewMs-00042z-Hp@stiedprstage1.ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV using ClamSMTP
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 10ba05e7e8a9aa6adb025f426bef3a30
Subject: FW: Protocol Action: 'Deprecation of Type 0 Routing Headers in IPv6' to Proposed Standard
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Errors-To: ipv6-bounces@ietf.org
FYI The IESG wrote: > The IESG has approved the following document: > > - 'Deprecation of Type 0 Routing Headers in IPv6 ' > <draft-ietf-ipv6-deprecate-rh0-01.txt> as a Proposed Standard > > This document is the product of the IP Version 6 Working Group. > > The IESG contact persons are Jari Arkko and Mark Townsley. > > A URL of this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-ipv6-deprecate-rh0-01.txt > > Technical Summary > > The functionality provided by IPv6's Type 0 Routing Header can be > exploited in order to achieve traffic amplification over a remote > path for the purposes of generating denial-of-service traffic. This > document updates the IPv6 specification to deprecate the use of IPv6 > Type 0 Routing Headers, in light of this security concern. > > Working Group Summary > > This document is a product of the IPv6 WG. Considerable > discussion of the impacts of the Type 0 processing > has happened over the course of the last few months. > The document, as it currently stands, has the backing > of the (rough) consensus of the group. However, the > topic has generated a lot heated discussion, and this > action is not unanimously supported by everyone in the > group. Counter arguments against deprecation have > raised potential (but so far unused) applications, > difficulty of introducing new similar functionality > once the feature has been disabled, ability to > deal with this issue in an operational manner, > the difference to the IPv4 situation (where source > routing is still a part of the specifications), etc. > > The authors, chairs, and the AD believe, however, that > the current contents of the document have the backing > of the majority of the group, and that the recommendation > is a valid one. In particular, new RH types can and > have been defined for more specialized uses safely, > and it would be hard to depend on RH0 in new applications, > given that it has legitimate security issues and > that irrespective of IETF's documents, this feature > is largely disabled in many IPv6 implementations. > > Protocol Quality > > Jari Arkko has reviewed this document for the IESG. Several > implementations of IPv6 have for a long time not allowed > Type 0 Routing Header processing by default; recently > a number of implementations (BSD, for instance) have > disabled it in accordance with this document's > recommendations. > > Call for input also in NANOG list was made. > > Note to RFC Editor > > Please change: > > OLD: > IPv6 nodes MUST NOT process RH0 in packets whose > destination address in the IPv6 header is an address assigned to them. > Such packets... > NEW: > An IPv6 node that receives a packet with a > destination address assigned to it and containing an RH0 extension > header MUST NOT execute the algorithm specified in the latter part > of Section 4.4 of [RFC2460] for RH0. Instead such packets... > > OLD: > type-2 RH > NEW: > type 2 Routing Header > > > _______________________________________________ > IETF-Announce mailing list > IETF-Announce@ietf.org > https://www1.ietf.org/mailman/listinfo/ietf-announce > > > -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- Protocol Action: 'Deprecation of Type 0 Routing H… ext The IESG
- FW: Protocol Action: 'Deprecation of Type 0 Routi… Jari Arkko