IETF Logo Mail Archive

Re: [Errata Rejected] RFC6564 (4423)

"C. M. Heard" <heard@pobox.com> Sun, 25 October 2015 22:55 UTC

Return-Path: <heard@pobox.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA6411B3323 for <ipv6@ietfa.amsl.com>; Sun, 25 Oct 2015 15:55:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.079
X-Spam-Level:
X-Spam-Status: No, score=-2.079 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id At1KMZ1Eb4GX for <ipv6@ietfa.amsl.com>; Sun, 25 Oct 2015 15:55:51 -0700 (PDT)
Received: from sasl.smtp.pobox.com (pb-smtp0.int.icgroup.com [208.72.237.35]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 356F01B3320 for <ipv6@ietf.org>; Sun, 25 Oct 2015 15:55:50 -0700 (PDT)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-smtp0.pobox.com (Postfix) with ESMTP id C526A26528 for <ipv6@ietf.org>; Sun, 25 Oct 2015 18:55:49 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=mime-version :in-reply-to:references:from:date:message-id:subject:to:cc :content-type; s=sasl; bh=d1h/FbPMyYbNhDosd4VWc8Ar9o0=; b=iQED3D QMqR5fsPuEx8yuq/EyZPobmibrhiPNNXUUuGJwtlbpBcVnBDlfGRKB3UcW/orOdq 4bDHAIsP/sTes6ISodn5eBCqZD1QReBnOYJye56WWH1inqyPFDcgf1SH5zhk5vb2 4+N49ZdBfRNNKOOJDzEAyaB7ycM5BrJSC0Bvs=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=mime-version :in-reply-to:references:from:date:message-id:subject:to:cc :content-type; q=dns; s=sasl; b=jeK4db/1dapyAybODWy9cpSCfBdCSije d1kqIiQS7x++b9VpkIi2Rp1ScnhUZBCd+juGMwc10r2MIfjV7GOgBqQt+en/0P+z hhQFbB+P1z92+1VL9MZzJzpCUpuNzNWSOoYsO/LLtUft1it257dsVaSL/faoC8i5 7v7tECqjiUY=
Received: from pb-smtp0.int.icgroup.com (unknown [127.0.0.1]) by pb-smtp0.pobox.com (Postfix) with ESMTP id BD17E26526 for <ipv6@ietf.org>; Sun, 25 Oct 2015 18:55:49 -0400 (EDT)
Received: from mail-ob0-f170.google.com (unknown [209.85.214.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp0.pobox.com (Postfix) with ESMTPSA id 5819E2651F for <ipv6@ietf.org>; Sun, 25 Oct 2015 18:55:49 -0400 (EDT)
Received: by obctp1 with SMTP id tp1so102481858obc.2 for <ipv6@ietf.org>; Sun, 25 Oct 2015 15:55:48 -0700 (PDT)
X-Received: by 10.182.28.199 with SMTP id d7mr21560689obh.31.1445813748771; Sun, 25 Oct 2015 15:55:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.202.211.202 with HTTP; Sun, 25 Oct 2015 15:55:29 -0700 (PDT)
In-Reply-To: <562D2D78.8080508@gmail.com>
References: <CACL_3VGidNH-WrAw_2j9JbepnFC_idiPB2phsWVNDjzWhpSDoA@mail.gmail.com> <56298818.6040001@gont.com.ar> <F19FDF66-66BD-4A35-9267-345B90E0F294@employees.org> <5629F2BD.8050806@si6networks.com> <562A87B9.5080304@gmail.com> <CACL_3VFwGobrs_H2sa4_0VEwiPRsRdXH-x_GxMKssvn_GPpTZQ@mail.gmail.com> <562D2D78.8080508@gmail.com>
From: "C. M. Heard" <heard@pobox.com>
Date: Sun, 25 Oct 2015 15:55:29 -0700
Message-ID: <CACL_3VEV5wPG7n2=+rbmPQQ919tzhupDEKdZ6cwsVDi67Tt3Xw@mail.gmail.com>
Subject: Re: [Errata Rejected] RFC6564 (4423)
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Pobox-Relay-ID: 88EE9B7E-7B6B-11E5-A68E-6BD26AB36C07-06080547!pb-smtp0.pobox.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/J2yvL1EXWAscMcLhTs7yOhr3ZDA>
Cc: Fernando Gont <fgont@si6networks.com>, 6man WG <ipv6@ietf.org>, "tsv-ads@tools.ietf.org" <tsv-ads@tools.ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Oct 2015 22:55:53 -0000

On Sun, Oct 25, 2015 at 12:28 PM, Brian E Carpenter
<brian.e.carpenter@gmail.com> wrote:
> On 26/10/2015 05:06, C. M. Heard wrote:
>> On Fri, Oct 23, 2015 at 12:17 PM, Brian E Carpenter <brian.e.carpenter
>> at gmail.com> wrote:
>>> On 23/10/2015 21:41, Fernando Gont wrote:
>>>> Question: If you're a middle-box meaning to find the upper-layer
>>>> protocol (e.g. transport ports, etc), what would you do if you find an
>>>> unknown protocol number? Infer RFC6564? Infer new transport protocol? --
>>>> whatever option you choose, would be wrong.
>>>
>>> You have failed to find the upper layer protocol. There seem to be three
>>> choices:
>>>
>>> 1. Crash. Probably a bad idea.
>>> 2. Let the packet continue on its path. That's what RFC2460 requires anyway.
>>> 3. Drop the packet.
>>>
>>> As it happens we already have IETF consensus about this. As RFC 7045 says,
>>> the choice between #2 and #3 must be configurable:
>>>
>>>    Forwarding nodes MUST be configurable to allow packets containing
>>>    unrecognised extension headers, but the default configuration MAY
>>>    drop such packets.
>>
>> I agree, but the wording in RC 7045 leaves room for ambiguity. Perhaps a clarification
>> would be in order: s/unrecognised extension headers/unrecognised Next Header values/
>
> The authors of 7045 were well aware of this issue, but we chose to word the
> text exclusively for extension headers and to add the corresponding IANA
> registry - in other words we didn't intend to cover the issue of unrecognised
> protocol numbers at all. So this wasn't careless wording.

Understood, but it seems to me that gives middle-box implementors an excuse
to unconditionally discard an IPv6 datagram with an unrecognised Next Header
value, on the grounds that it might identify an unrecognised
upper-layer protocol,
to which the requirements of RFC 7045, by explicit design, do not
apply.  I would
of course argue that such a strategy would not comply with RFC 7045, since the
unrecognized Next Header value could just as well identify unrecognised
extension header, but I'd like to see text that unambiguously rules out this
(broken) behavior.  That said, maybe I'm in the rough here, and the text in
RFC 7045 is sufficiently clear as it stands.

> If you were suggesting this as an erratum on RFC 7045, I would recommend
> it as 'hold for document update' since I think it needs explanatory text.

If there were to be an erratum, a better choice than the change I suggested --
given that the text reflects the authors' intent -- would be a note
explaining that
the indistinguishability of unrecognised extension headers and unrecognised
upper layer protocol headers implies that forwarding nodes complying with the
requirements 7045 must be configurable to pass unrecognised upper-layer
protocols.

> (There was a fix proposed that people didn't seem to like:
> https://tools.ietf.org/html/draft-zhang-6man-offset-option-01)

I wasn't ware of that draft, though I had heard of such proposals.  Thanks for
the pointer.

//cmh

v2.23.0 | Report a Bug | By Email