Re: [OPSEC] [v6ops] WGLC for draft-ietf-opsec-ipv6-eh-filtering-03

Bob Hinden <> Wed, 04 October 2017 21:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 76EA2133073; Wed, 4 Oct 2017 14:38:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id g4TateNDoKyg; Wed, 4 Oct 2017 14:38:25 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400e:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 52F571323B4; Wed, 4 Oct 2017 14:38:25 -0700 (PDT)
Received: by with SMTP id r25so4804819pgn.4; Wed, 04 Oct 2017 14:38:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=idVfSa0mrUORTczwuJLWYrnAykdo+DRWmEzfQgFBMqs=; b=NijQ97LwEQ1gyFjuVRTBa87IVqr7EboLDW8T1JWBljgKPsaMX4xoUF+mxp4159aefi E6PKqNoNHOS9fpzDfoB7nds4oDXaDwpId5xKttgF/zWS/22pnKJntZ26W7ib0JD86BNc O+eFyCeSOAdmrHNEx5MB7qHil9FjzKR3XFnXKPLImQSwZVVroEDbWo0VZOBK8bt3c5L6 SDBgQnXw/vklHbQQPoXkOwEMSDc7uYn7XVd3sTquUvq2eYD3AWMIzwzq3bRYM/CrxL5s GHcD/rPBX68sd/lkBUyEsbA+PkImwE2U0eEXN9Px5pO4FyiSFIuIvIGHbDd8ehMIg5xe nSfA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=idVfSa0mrUORTczwuJLWYrnAykdo+DRWmEzfQgFBMqs=; b=FaWX43J7JYUErIde28yg/hOlGpOGJOktrsFfsh1ueu5lpmyVk+hRZIQvAEM+rwsOWI xg0vKNaVoOQwauvh3+5BEzMYgDwNL0JxxOYQx73jhcfG7EqAOcuwSaqk+ldyAsnu7sI9 vQyGtCqVHxvs8x2mS+PBIUlfHF8vTDAp6zxta9gfn6KulK/bGVoYX9LDMr+fpa6nDvgP pfzCAy/SgZQTdbkNqi8J/7amnHz/L5WqdjQZzpvHNXjGHVF7HK9aYRWtI9+mEYGOvLjE eHfmFeCUPd9sxu0AM5hWV0wNG7eXxLtS/4EncNHQSj7qrpsOqHBatoaNfQsLldmQyL7c L+GQ==
X-Gm-Message-State: AHPjjUjJdFsmVctnkepQSMYrgX9q6AVwawsLg1yFxuIp2+QH873C5rwx sXxQ9OUr4f7HGiNXytov/AU=
X-Google-Smtp-Source: AOwi7QBnCPMt5HbFYNkPlS72srXHhR4CMYS/nsJh8/tsyZjMwhAqb/MI8ocjQrbrvFHavaIm7oO2TA==
X-Received: by with SMTP id b11mr18842299pgr.186.1507153104735; Wed, 04 Oct 2017 14:38:24 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id u20sm26363349pfh.171.2017. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 04 Oct 2017 14:38:23 -0700 (PDT)
From: Bob Hinden <>
Message-Id: <>
Content-Type: multipart/signed; boundary="Apple-Mail=_1B231D9A-4A46-450A-865B-BDED0483DA8F"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Wed, 4 Oct 2017 14:38:22 -0700
In-Reply-To: <>
Cc: Bob Hinden <>, "" <>, "" <>
To: "Van De Velde, Gunter (Nokia - BE/Antwerp)" <>, "" <>
References: <>
X-Mailer: Apple Mail (2.3273)
Archived-At: <>
Subject: Re: [OPSEC] [v6ops] WGLC for draft-ietf-opsec-ipv6-eh-filtering-03
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: opsec wg mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 04 Oct 2017 21:38:27 -0000

I also don’t think this is ready for a w.g. last call.

It doesn’t reference the new version of the IPv6 specification RFC8200.  There were a number of clarifications in RFC8200 regarding extension headers that may require changes in the draft.

For example, Hop by Hop headers are now a “may” in RFC8200, but this draft says:

   The Hop-by-Hop Options header is used to carry optional information
   that should be examined by every node along a packet's delivery path.

This doesn’t match what is in RFC8200:

   The Hop-by-Hop Options header is not inserted or deleted, but may be
   examined or processed by any node along a packet's delivery path,…

I didn’t do a through review after I saw it didn’t reference RFC8200, but I suspect there are other things that need to be changed to match RFC8200.  I think the authors need to do detailed review and publish a new draft.


> On Sep 29, 2017, at 1:12 AM, Van De Velde, Gunter (Nokia - BE/Antwerp) <> wrote:
> This is to open a two week WGLC for
> If you have not read it, please do so now. You may send nits to the author, but substantive discussion should go to the list.
> (While V6OPS WG is in cc because of close alignment with the WG expertise area, may we ask to send feedback and comments in the OPSEC WG)
> We will close the call on 13 October 2017
> Gunter & Eric
> OPSEC WG co-chairs
> _______________________________________________
> v6ops mailing list