Re: [v6ops] [Last-Call] Tsvart last call review of draft-ietf-v6ops-ipv6-ehs-packet-drops-05

Joseph Touch <touch@strayalpha.com> Tue, 23 February 2021 22:59 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27B6E3A0EB5; Tue, 23 Feb 2021 14:59:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.242
X-Spam-Level:
X-Spam-Status: No, score=0.242 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HAS_X_OUTGOING_SPAM_STAT=2.339, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XErfSfM8Qkio; Tue, 23 Feb 2021 14:59:25 -0800 (PST)
Received: from server217-5.web-hosting.com (server217-5.web-hosting.com [198.54.116.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6ACD63A0EAF; Tue, 23 Feb 2021 14:59:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=rVhqkUqLY3rVPFOOD1KfLfxYZGOmIyQAvynggDYbCB8=; b=x9mkCv6aYtum6ScRyTTsoPSEf rre9qUpwY5RRbYgRv7j3iFEkJtt9PTGaRralVxa2cL8na3c/3vSnknZV2ixX6yqk9JppioG3ADnil dSQ2D6zF4GsTb5UCkdNsMz9fRdlYgEC2+6tnDP8zhDx8WRpQO92QhP9rowYypG1zvV0EDfk9Xm/Yz Fpvf5MAeqvuSiE3pNJyIDPqjOGBQlOLA8zoIUY61KzP+2Xs9DvU9hMOizD9TuTErjf6idmtwM4lR3 3M2g3YXnaxx/6Hlw+bPUoChsU2POuEBnPc3GAOwqeOzwUFQZZIA0XaTMZ4pl58mmTIBa6kCi1RFoW moGYt/SJA==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:49169 helo=[192.168.1.14]) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <touch@strayalpha.com>) id 1lEge0-002MC8-9i; Tue, 23 Feb 2021 17:59:08 -0500
Content-Type: multipart/alternative; boundary="Apple-Mail=_F7105AA9-B8B6-4A17-AF03-BDD5DCD5C751"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
From: Joseph Touch <touch@strayalpha.com>
In-Reply-To: <CAO42Z2zqD9_d2Fbr25Y2CV1GdzYKd167yf5DHeHna7V66pF65A@mail.gmail.com>
Date: Tue, 23 Feb 2021 14:59:03 -0800
Cc: Fernando Gont <fgont@si6networks.com>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, IPv6 Operations <v6ops@ietf.org>, Tom Herbert <tom@herbertland.com>, draft-ietf-v6ops-ipv6-ehs-packet-drops.all@ietf.org, Last Call <last-call@ietf.org>, tsv-art@ietf.org
Message-Id: <8296B6C0-0010-4EAE-A6C9-6C3D43AC5BAB@strayalpha.com>
References: <161366727749.10107.14514005068158901089@ietfa.amsl.com> <42668fb5-a355-e656-7d99-c40b3d33fb92@si6networks.com> <0e377231-c319-2157-30a0-759e2f96a692@gmail.com> <5f464f17-85ed-f105-35f9-02f35d04aed2@si6networks.com> <CALx6S364zGbq_HZNNVEaJHnHccuk4Zau2DXhmaVYbwnYQc-5bw@mail.gmail.com> <1847e8e3-543f-5deb-dd14-f7c7fa3677db@si6networks.com> <CALx6S34TPppMRJrOvyJ05LLeRvv+S51pQHJnzZDKk-qOdsF0AA@mail.gmail.com> <e41f3484-f816-e185-2d99-94323c8da732@si6networks.com> <CALx6S34qSxGijVcs229bAL5gMhMvMNYUXm3yEmrg6wxUiUAiaA@mail.gmail.com> <bf83d228-25bc-21bb-f984-d58ead6bf492@si6networks.com> <CALx6S35Kh-QAXJDAucuw5Wty37MBiwS=pqQknMZ+15b7D5Sn8A@mail.gmail.com> <34e78618-cb28-71a1-a9d3-7aec38032659@si6networks.com> <CAO42Z2zqD9_d2Fbr25Y2CV1GdzYKd167yf5DHeHna7V66pF65A@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
X-OutGoing-Spam-Status: No, score=-0.5
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/29d-qlA5WBS6lpFIUC6Zliifp9c>
Subject: Re: [v6ops] [Last-Call] Tsvart last call review of draft-ietf-v6ops-ipv6-ehs-packet-drops-05
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Feb 2021 22:59:27 -0000


> On Feb 23, 2021, at 8:54 AM, Mark Smith <markzzzsmith@gmail.com> wrote:
> 
> "It is possible for an attacker to send a large amount of IPv6 traffic
> employing IPv6 Extension Headers with the purpose of performing a
> Denial of Service (DoS) attack.”


FWIW, it would be nice if these sort of “current implementations don’t keep up” docs said more like “ALWAYS support EHs, but with lower rates as the length increases”, so we don’t end up limiting ourselves based on current implementations.

Joe