Re: [Technical Errata Reported] RFC4443 (6153)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Tue, 01 December 2020 12:28 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D41BC3A11C7 for <ipv6@ietfa.amsl.com>; Tue, 1 Dec 2020 04:28:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.12
X-Spam-Level:
X-Spam-Status: No, score=-9.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, GB_ABOUTYOU=0.5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=ZPfmRuFk; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=sPITQX3T
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16SKq7Ta0TZ9 for <ipv6@ietfa.amsl.com>; Tue, 1 Dec 2020 04:28:29 -0800 (PST)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D20013A11B9 for <ipv6@ietf.org>; Tue, 1 Dec 2020 04:28:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6754; q=dns/txt; s=iport; t=1606825708; x=1608035308; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=gD0Xm0ynj8nwO/VH5KUasUKY8SavUSWgoag1i89T69E=; b=ZPfmRuFk/OuLwcv4G3GRrTy28KpeCfpCUM/ztAZDzc3N61293zchmrbq SK7kxjV1GYUe3xRZT4MGW+H1Wmio5ELA8BYIkrhybQmh9XjXdTCf7EDhB HpWbd9r8ozs5UMiFGFpfabuQSWpQiU/6MKSmGCeGjj1Df1uayqKjWCIXr A=;
X-IPAS-Result: A0ACCQC7NcZffZtdJa1iHgEBCxIMQIMhUXxaLy6EPINJA40yJ4oWjnCCUwNUCwEBAQ0BASUIAgQBAYRKAheBfAIlOBMCAwEBAQMCAwEBAQEFAQEBAgEGBBQBAYY8DIVyAQEBAQMSEREMAQEFMgELBAIBCBEBAgECAwImAgICHxEVAgYIAgQBDQUigwQBglUDLgEOoToCgTyIaXaBMoMEAQEFMIReDQuCEAMGgQ4qgVyBF4N2hlcbgUE/gREnDBCCVT6BBIEXQgEBAgGBXIMXM4IskFQpCYI5PopViHGQWFcKgnCJF4x+hRcDH4Mgih2UX5NqggKJBYJ0jzNfgmQCBAIEBQIOAQEFgW0hgVlwFRpLAYIKAQEBMVAXAg2OIRiDWYUUhQkBOQF0NwIGAQkBAQMJfI5pAQE
IronPort-PHdr: 9a23:+oXY3BSoQlivAzxEHj2pGirSN9psv++ubAcI9poqja5Pea2//pPkeVbS/uhpkESQBN2J9+JPzeHRtvOoVW8B5MOHt3YPONxJWgQegMob1wonHIaeCEL9IfKrCk5yHMlLWFJ/uX3uN09TFZXid1aUqXq3vnYeHxzlPl9zIeL4UofZk8Ww0bW0/JveKwVFjTawe/V8NhKz+A7QrcIRx4BlL/U8
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.78,384,1599523200"; d="scan'208";a="605132297"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 01 Dec 2020 12:28:27 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by rcdn-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id 0B1CSRJ3032503 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 1 Dec 2020 12:28:27 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 1 Dec 2020 06:28:27 -0600
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 1 Dec 2020 06:28:27 -0600
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 1 Dec 2020 06:28:26 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EYXE315gT+NDAfPTg25kef5txDIqGBVqm6i0FWu5fVRzbFMSxnDi4kt1byS2NFiaN/2AuCHZyAJSP/uGVoZVQmdLvesMT9qqk6X/4Ic2Kr04jy+khA0UnEeLJudC478HW+dED9Z5BO1KIwfaU+6Ja+IFbZt+oCn6/XlECygQDTAmZTsFwc4xhgDWUqifmfMbe2v9UsDvJ1wP822MDGPWXRDIrhCqSuKHb+ylEp8UaO//AQs9rK/xuTG1nV8l21o4zyO93J9TUmptCDJkSOXD65ExKPW+YUDXt48j0EZQoxkezSVrsyiLxSINA3VZ73ufGp6xepPPY0cw6g7q4puyvA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gD0Xm0ynj8nwO/VH5KUasUKY8SavUSWgoag1i89T69E=; b=kFRMiIqgcP2CObNDTSarAjcKyri8vUtBkAT3oSvModLIrYKUB2hlEeRD5ggmK+zWefRLH0MAtcMsZG3r9HVmTNzvFtGZ9AiRfo6/aH9NKkJT8fDt9rAz3kJxaFEB59/q2MEmdlqoKtEN5aLrU/EWAPmH0xB4wnEirn7WXpd9dUIS/xiFazFRThog5GUjx101LQOU4WkRvMnMmagV84PrIrB4jlY83FVR3MXXLidx/0BFQb/xSHzVRyzj9o5vswp4n/jmlyMwkU0B8r0QZxZ2h1+1hkgwAUFVbfHtRdvDcDL2qvnPaScVjQBDvrFKtBOCCT5B5JZpcPxfH88dkB7oCg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gD0Xm0ynj8nwO/VH5KUasUKY8SavUSWgoag1i89T69E=; b=sPITQX3T9Y0Sa44L5s+kovLHXibUjm3E1A59fJbNFKcE+79D1cBQA8SDMR5YHUvwakC2Q7sETT/v19PxuZJxdJ556e7G8S3njv0R3Ib351EN5Duj8oNXg4zimQt4okqSSvPLeORZcD5IPavkUWzh0TRw8i/9rJGSPeGIhrxpoB4=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by PH0PR11MB5013.namprd11.prod.outlook.com (2603:10b6:510:30::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.25; Tue, 1 Dec 2020 12:28:26 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::453b:b2f5:ec29:410d]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::453b:b2f5:ec29:410d%7]) with mapi id 15.20.3611.025; Tue, 1 Dec 2020 12:28:26 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: "aconta@txc.com" <aconta@txc.com>, "mukesh.gupta@tropos.com" <mukesh.gupta@tropos.com>, "ek.ietf@gmail.com" <ek.ietf@gmail.com>, "brian@innovationslab.net" <brian@innovationslab.net>, "ipv6@ietf.org" <ipv6@ietf.org>
CC: Bob Hinden <bob.hinden@gmail.com>, RFC Errata System <rfc-editor@rfc-editor.org>, "mukesh.gupta@nokia.com" <mukesh.gupta@nokia.com>
Subject: Re: [Technical Errata Reported] RFC4443 (6153)
Thread-Topic: [Technical Errata Reported] RFC4443 (6153)
Thread-Index: AQHWH6hESE3QtC2xUkaVcbDl28NkyanjjGCA
Date: Tue, 01 Dec 2020 12:28:25 +0000
Message-ID: <9999CCF5-7E69-4711-9C9D-46EBAB0A10D2@cisco.com>
References: <20200501110357.90D62F40722@rfc-editor.org>
In-Reply-To: <20200501110357.90D62F40722@rfc-editor.org>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.43.20110804
authentication-results: txc.com; dkim=none (message not signed) header.d=none;txc.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c1:36:c5a2:8fb:e443:c1ef]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f2709bc5-6c20-4f56-ed9a-08d895f49a06
x-ms-traffictypediagnostic: PH0PR11MB5013:
x-microsoft-antispam-prvs: <PH0PR11MB5013900571E0598FFFF48762A9F40@PH0PR11MB5013.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: xh3Pyztf3uII1CqezvsnPWj7FAAyzp3QAVwuxEaUZAzHcn9jfkINMY1gdvRN9FBqa9Ibfk7B7JaiAV8SgbYj+zvuVPcvWh1E4oLSSjHNK1HfXJlxWcKeXLk5sm35Pnkqf5OPg4YeOAgczUaW7ByLUCgjQac2pMsMOWlBuxLrMWb8eL0uMBhAiAr2daL7H2oivfUJDmpw34msUIqf4UdWnESO+vMembb3nylgytMksAndbraCZ+Zki54TP9I+CpUGGKOJs+YNBvFTnyXOsFJUsIuViKBK/GVWWBdWb2aKVIUV7Zgu5/Ehs5Q2Pfub4mbniGNT1HhrflzQ5EbDsBkj/mkxOYG4iZX/3s2ORtC+joh01bwK20u7oBXw6MkN1uq1EXxetiwU7uIfUNq5PRKMAQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(136003)(376002)(396003)(366004)(39860400002)(6506007)(64756008)(110136005)(54906003)(6512007)(2906002)(33656002)(186003)(966005)(2616005)(478600001)(6486002)(66476007)(66446008)(8936002)(86362001)(316002)(53546011)(71200400001)(91956017)(66556008)(66946007)(76116006)(8676002)(83380400001)(5660300002)(66574015)(36756003)(4326008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: mGHAAR/tteNGPx/OeUpmZaWS2MmYNHnskxWq0EHoRfLtoZ/5f4GmVJtvFW7mVRB+xydrtT6aNIuKfGZbgLYIEkfY13GfmIjtPWbIDMXLyIh2dk1IpOMcX+SXgFLHZ2k6kD8lF0G75AEhcrNSXmUyXagQG6BbL7YEFgo8nandPfrzZiTOmiOYnVMM3eCznSSZoM1KiJ70fyoE4Nwz1t+VSzfojhw/gfsDjzFLgUsCn1rXJLzsCkjp/e1LCUJvwB0XdkTpmSrEk0MjhJBfc0vhIo3cszk6ov0v/igoCn31gXJVXxu9CUQzO0i0x7VAKvd38Dn2yO2Gh1DT7+85SxSJMm9DHHIIM98fKExG3hcswAvL2gwoRBkbo8RZ250gt97uI+0FNctja6viPF9ed2GD3nCwr1u36SJgsm1QNRmvQSrBELLnuP29WWEpX4L2jQXEAhiO7OFHN4AnZjHi8WdTG9UKkerS/i5oda9OZ0RBPwGIgFAhSKZ6gECSgSTTSj8NaOV8MDkNr0MqLzrR7lk1Eom0DH1pfFyvidojocVgvWTD37Kw/QGsrDU/iguNcxzrZdsoTSvPKdxC10/BcTZohlos8nIlte2MGz1ZzELmZApBav6nEIC0XdftiOyKOZN66n2fSx2jiiDriCmtPVl257O9E1NTCmGsANcAyqPuNl5TU9URAkUR51zT6RyEPAxVHY/K+cepkt84bVl7eT3vz5Z4qbLNtgUfLyA4PiYX46xKDUV9smi3Gz+iKfb4xTWj1HmtiwZaV0EybQskSI7llq/31hKGJbHWgjh8PzHXTdMdjtomwaes/vnYWX9PZTPIfU8iUOqOe1aHsAS4QxEQte0vZcviSJnOPYr1HYiQeXYOn92eCD8EPFUy/RGAFJaFhrL56bYbiYogbUTORO6vBNGISCg04zaPudrdW3aWpEHewx4nUnfx2mNu6pyjDRrdedtoC+o5ongDR1glYwvM4wCv7FYYt4Ih1ZM7Vc9BtZ2ZdAp6/pwg9QOg/jdCDQaIRupYqR/DOFfcaStkluLdHuXV+YeNiWZTwtcMNs/HSiesKLrvDIt8r3V37Z+wJsi7
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <3612001D32B6E84EAC86CD0BEB365336@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f2709bc5-6c20-4f56-ed9a-08d895f49a06
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Dec 2020 12:28:26.0016 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: E6f9DF5xPrX1z83iE0xDbtuxWnLykPfpvNvflhKPxMLhE/bVMoWJCdjQycb0SPKld3oWQQ+aRH2bY7W7JMg4pQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5013
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.15, xch-aln-005.cisco.com
X-Outbound-Node: rcdn-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/H79efNSRDOs-ypQEVCfBov0KyRU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 12:28:31 -0000

Töma,

If you do not mind, then I am replying to the original errata report rather on your today kind reminder.

Please bear in mind that it is up to the responsible AD to act on the errata reports for the IETF stream (per https://www.ietf.org/about/groups/iesg/statements/processing-rfc-errata/ ), so, I am posting this without any hat.

Having written the above, while technically you may be right, I consider that the original text in RFC 4443 is clear enough to prevent implementation mistakes. Hence, I would personally select the 'hold for document update' rather than 'verified' (again check the URL above).

BTW, really curious about your sentence ".. RFC 4443 allows for an ambiguity which is already causing vendors to reject packets in this case...": would you mind explaining a case where your new text would clearly be applicable and where the original text would clearly be non-applicable?

Regards

-éric

-----Original Message-----
From: RFC Errata System <rfc-editor@rfc-editor.org>
Date: Friday, 1 May 2020 at 13:04
To: "aconta@txc.com" <aconta@txc.com>, "none@rfc-editor.org" <none@rfc-editor.org>, "mukesh.gupta@tropos.com" <mukesh.gupta@tropos.com>, "ek.ietf@gmail.com" <ek.ietf@gmail.com>, Eric Vyncke <evyncke@cisco.com>, "bob.hinden@nokia.com" <bob.hinden@nokia.com>, "brian@innovationslab.net" <brian@innovationslab.net>
Cc: "ximaera@gmail.com" <ximaera@gmail.com>, "rfc-editor@rfc-editor.org" <rfc-editor@rfc-editor.org>
Subject: [Technical Errata Reported] RFC4443 (6153)

    The following errata report has been submitted for RFC4443,
    "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification".

    --------------------------------------
    You may review the report below and at:
    https://www.rfc-editor.org/errata/eid6153

    --------------------------------------
    Type: Technical
    Reported by: Töma Gavrichenkov <ximaera@gmail.com>

    Section: 3.1

    Original Text
    -------------
    3.1.  Destination Unreachable Message

       [..]

       If the reason for the failure to deliver is that the destination is
       beyond the scope of the source address, the Code field is set to 2.
       This condition can occur only when the scope of the source address is
       smaller than the scope of the destination address (e.g., when a
       packet has a link-local source address and a global-scope destination
       address) and the packet cannot be delivered to the destination
       without leaving the scope of the source address.

    Corrected Text
    --------------
    3.1.  Destination Unreachable Message

       [..]

       If the reason for the failure to deliver is that the destination is
       beyond the scope zone of the source address, the Code field is set to
       2.  The scope zone of the destination address is determined by the
       scope of the address and arrival interface of the packet, as specified
       in [IPv6-SCOPE, Section 9].  Similarly, the scope zone of the source
       address is determined by the scope of the address and arrival
       interface of the packet.  This condition can occur only when
       transmitting the packet on the chosen next-hop interface would cause
       the packet to leave the zone of the source address, i.e., cross a zone
       boundary of the scope of the source address.

    7.1.  Normative References

       [..]

       [IPv6-SCOPE] Deering, S., Haberman, B., Jinmei, T., Nordmark, E.,
                    and B. Zill, "IPv6 Scoped Address Architecture", RFC
                    4007, March 2005.   

    Notes
    -----
    https://tools.ietf.org/html/rfc4007#section-9

    Scope zone is not scope.

    Consider a case when the source IP is link-local and the destination is global, yet the routing happens in the same VLAN. Per RFC 4007, the packet should be transmitted; however, RFC 4443 allows for an ambiguity which is already causing vendors to reject packets in this case.

    Instructions:
    -------------
    This erratum is currently posted as "Reported". If necessary, please
    use "Reply All" to discuss whether it should be verified or
    rejected. When a decision is reached, the verifying party  
    can log in to change the status and edit the report, if necessary. 

    --------------------------------------
    RFC4443 (draft-ietf-ipngwg-icmp-v3-07)
    --------------------------------------
    Title               : Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification
    Publication Date    : March 2006
    Author(s)           : A. Conta, S. Deering, M. Gupta, Ed.
    Category            : DRAFT STANDARD
    Source              : IP Version 6 Working Group
    Area                : Internet
    Stream              : IETF
    Verifying Party     : IESG