Re: CRH and RH0 Tue, 12 May 2020 22:04 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B89D43A0C35 for <>; Tue, 12 May 2020 15:04:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 299DKQGBjSuS for <>; Tue, 12 May 2020 15:04:06 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 759243A0C2B for <>; Tue, 12 May 2020 15:04:06 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 08C674E11D39; Tue, 12 May 2020 22:04:06 +0000 (UTC)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by (Postfix) with ESMTP id EFB5C33DF685; Wed, 13 May 2020 00:04:00 +0200 (CEST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.\))
Subject: Re: CRH and RH0
In-Reply-To: <>
Date: Wed, 13 May 2020 00:04:00 +0200
Cc: 6man <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <> <> <> <>
To: Ron Bonica <>
X-Mailer: Apple Mail (2.3608.
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 May 2020 22:04:08 -0000


> What claim needs further substantiation?

Eh... the claim that CRH could be a RH0 replacement.
Not sure if that's something we'd want anyway, but I wasn't the one making that claim.
Nor did I think that was CRH's purpose.

To repeat:
If CRH could be a RH0 replacement, you would have to show how the tag distribution mechanism would work across the Internet?
RH0 was supported in every IPv6 node, given the requirement for a tag->IPv6 address (or is it forwarding method) mapping, I can't quite see how that would be done in a general enough fashion for CRH?

I don't think RFC5095 taught us that source routing cannot be done across the Internet.
In fact I don't see how the CRH draft prevents the RFC5095 attack to happen inside of the CRH limited domain.
Just send a packet with a list of tag#0, tag#1, tag#0, tag#1 and you have the same amplification attack.