Re: [v6ops] Extension Headers / Impact on Security Devices

Ca By <cb.list6@gmail.com> Wed, 17 June 2015 15:11 UTC

Return-Path: <cb.list6@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F6781ACF57 for <v6ops@ietfa.amsl.com>; Wed, 17 Jun 2015 08:11:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PBQ7shcz2_ED for <v6ops@ietfa.amsl.com>; Wed, 17 Jun 2015 08:11:28 -0700 (PDT)
Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F2541ACF1C for <v6ops@ietf.org>; Wed, 17 Jun 2015 08:11:28 -0700 (PDT)
Received: by wiwd19 with SMTP id d19so136825242wiw.0 for <v6ops@ietf.org>; Wed, 17 Jun 2015 08:11:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=a8z8lCuOb+KmiDZ8cOfUm/x1RpBhvNSgBeWRer7TTY0=; b=0A8ts+7TErMw3VOdUdG4kU1cBJxQF9b3Z8moCDnnzqyxuIiCBFyG1U4lthI9pmvMew O6Swct3guPektUn89NZdSwDmlv7bzefDINPEC8HcS5rBno/BHCebcxxOD4UgSTYrbhxp VoVySxEXOxGqywrAm8hn1v7iiWxXiKPx845yqVPhb0g5bkmJvUmFJoR5Qi8Jdj+uQkET 91nrlaYATLGTwP3pE+yhxz+s1v0PYPIC0fmz0eCzsJ2Yw3GMYQbvLnzITIlm6TEFwv5u xVOyrEObgpE5ejyyQc2ApleCEe58CpnoXKl/gZBk4WKxtWCYgMtQWNnBwbdRK+DANPGr ggXA==
MIME-Version: 1.0
X-Received: by 10.180.109.136 with SMTP id hs8mr18413608wib.73.1434553887295; Wed, 17 Jun 2015 08:11:27 -0700 (PDT)
Received: by 10.194.79.65 with HTTP; Wed, 17 Jun 2015 08:11:27 -0700 (PDT)
In-Reply-To: <CAD6AjGSUPV_9EEQGCRHRpKe8Hejgx_CMPq6bEkCsK3v4qmgJgg@mail.gmail.com>
References: <20150515105406.GA3028@ernw.de> <87siav2m6p.fsf@stepladder-it.com> <F1D4404E5E6C614EB9D3083F4D15A7E7C4A92C@hex02> <D17F4C51.4ABB0%evyncke@cisco.com> <20150611165858.GT39827@ernw.de> <CAFU7BAR7m0sZsU9Rc=fUao32zaRE1=9XMBWjiL0AukehdpVpWQ@mail.gmail.com> <5580CC33.2080503@gmail.com> <8447882A-6B4B-4ABE-9BDF-5DA7AFE13AB1@cisco.com> <CAD6AjGSUPV_9EEQGCRHRpKe8Hejgx_CMPq6bEkCsK3v4qmgJgg@mail.gmail.com>
Date: Wed, 17 Jun 2015 08:11:27 -0700
Message-ID: <CAD6AjGSFEG1Gi_EDC+Qxd0bxx=rdFveRbVq20ODZE6B5rDwF_Q@mail.gmail.com>
From: Ca By <cb.list6@gmail.com>
To: "Fred Baker (fred)" <fred@cisco.com>
Content-Type: multipart/alternative; boundary=e89a8f234557dd0d670518b81aff
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/NkqIrM6YQ9w_1_5kXYswVEE6n-4>
Cc: "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] Extension Headers / Impact on Security Devices
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jun 2015 15:11:30 -0000

On Tue, Jun 16, 2015 at 9:52 PM, Ca By <cb.list6@gmail.com> wrote:

>
>
> On Tuesday, June 16, 2015, Fred Baker (fred) <fred@cisco.com> wrote:
>
>>
>> > On Jun 16, 2015, at 6:24 PM, Brian E Carpenter <
>> brian.e.carpenter@gmail.com> wrote:
>> >
>> > Personally I still think RFC 7045 is the most realistic on this point,
>> > but Fred would like things to get better ;-).
>>
>> And I haven't finished with Dennis Ferguson's comment.
>>
>> Bottom line, if one accepts the present status quo as the state forever,
>> then we should stop with RFC 7045, and (with Fernando) agree to deprecate
>> all extension headers. I'd like to not do that, and the only way I see to
>> not do that is to not accept the status quo.
>>
>
>
> So you build a bridge to nowhere?
>
>
>

Responding to my own comment.

IPv6 is serious business now.  That means it needs to be the narrow waist
of the internet that is small on services and large on stability and
predictability.

Please review
https://www.iab.org/wp-content/IAB-uploads/2011/03/hourglass-london-ietf.pdf

For the folks looking for extension header innovation, would you be willing
to work on IP version X instead of IPv6?  Or perhaps you can use the Class
E IPv4 space for your innovation?

Serious.  IPv6 is not a place for innovation at the Network / Internet
layer.  Attempts to do so achieve the results in
draft-ietf-v6ops-ipv6-ehs-in-real-world-00 also referenced in slide 7