Re: [v6ops] Extension Headers / Impact on Security Devices

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 19 May 2015 20:35 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14E721A037B for <v6ops@ietfa.amsl.com>; Tue, 19 May 2015 13:35:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U8Yer-ZpDTBf for <v6ops@ietfa.amsl.com>; Tue, 19 May 2015 13:35:33 -0700 (PDT)
Received: from mail-pd0-x235.google.com (mail-pd0-x235.google.com [IPv6:2607:f8b0:400e:c02::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E7971A8AD1 for <v6ops@ietf.org>; Tue, 19 May 2015 13:35:33 -0700 (PDT)
Received: by pdbqa5 with SMTP id qa5so39894748pdb.0 for <v6ops@ietf.org>; Tue, 19 May 2015 13:35:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=ZzE2IAqanOGcZEQgX1wgvzUFduC/nA2uM6T15na5qPk=; b=JtabWInMx+/e3eMKDAD+sXBp3QD5MsBAKNk5SeWTsAPrv88kE1DbHfIDNJ+3Vp8I3W 7w/xYViTSvX62LxdORxI4EB69wBZLjJqrOn5gWuVNDJM3Zw61hQ+95nCxqnC4M9/+uu4 TqHjTeVjV8G/rzoliNuVz2H8BYGcvjyjLEKjh60VWMeSZQgSxN3mReHJJYxcMbE63dWP Zvm2WMg6RKHEREwKtHUIlals5O4+zps0AayBoI002PhZXgBaD1eoTnj7GiktZRUg4ORE 9QnqsKF9sLweSK+68lcf5WfHPaqeQTMEA+2tTRUdWjlRbTvbcMpJ8Xy4zi9bA2/T31fY 94HQ==
X-Received: by 10.69.19.129 with SMTP id gu1mr57094597pbd.162.1432067732937; Tue, 19 May 2015 13:35:32 -0700 (PDT)
Received: from ?IPv6:2406:e007:4858:1:28cc:dc4c:9703:6781? ([2406:e007:4858:1:28cc:dc4c:9703:6781]) by mx.google.com with ESMTPSA id dp4sm13880045pbb.82.2015.05.19.13.35.29 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 May 2015 13:35:31 -0700 (PDT)
Message-ID: <555B9E93.8040706@gmail.com>
Date: Wed, 20 May 2015 08:35:31 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Joe Touch <touch@isi.edu>, sthaug@nethelp.no, otroan@employees.org
References: <20150515113728.GH3028@ernw.de> <7449B614-BF21-4AD8-A642-831D5B385B41@employees.org> <20150518.134312.74662992.sthaug@nethelp.no> <555B8712.9080906@isi.edu>
In-Reply-To: <555B8712.9080906@isi.edu>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/KOPbXUrHDZmhX9PiJKB5HSmUazE>
Cc: v6ops@ietf.org
Subject: Re: [v6ops] Extension Headers / Impact on Security Devices
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 May 2015 20:35:35 -0000

On 20/05/2015 06:55, Joe Touch wrote:
> 
> 
> On 5/18/2015 4:43 AM, sthaug@nethelp.no wrote:
>>>> - it has not happened in the past 17 yrs (since publication of RFC2460) that compelling, Internet-scale use cases of extension headers have been brought up.
>>>
>>> this is clearly wrong. FH, AH, ESP are all widely deployed.
>>> any form of tunnelling is essentially either using the IP header as an extension header. including GRE.
>>
>> AH is in RFC 2402 (1998).
>> ESP is in RFC 2406 (1998).
>> FH is in RFC 2460 (1998).
>>
>> Do we have any examples of Internet-scale use cases where the extension
>> header has been defined *after* RFC 2460?
> 
> The following are defined after 2460:

To be clear, there is now an IANA registry for this, defined by RFC 7045:

http://www.iana.org/assignments/ipv6-parameters/ipv6-parameters.xhtml#extension-header

    Brian

> 
> 135 	Mobility Header 			[RFC6275]
> 139 	Host Identity Protocol 			[RFC7401]
> 140 	Shim6 Protocol 				[RFC5533]
> 253 	Use for experimentation and testing 	[RFC3692][RFC4727]
> 254 	Use for experimentation and testing 	[RFC3692][RFC4727]
> 
> FWIW.
> 
> Joe
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>