Re: [v6ops] Extension Headers / Impact on Security Devices

Fernando Gont <fgont@si6networks.com> Fri, 26 June 2015 07:50 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 399161A1A8C for <v6ops@ietfa.amsl.com>; Fri, 26 Jun 2015 00:50:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sXlLPGmri53B for <v6ops@ietfa.amsl.com>; Fri, 26 Jun 2015 00:50:29 -0700 (PDT)
Received: from web01.jbserver.net (web01.jbserver.net [IPv6:2a00:8240:6:a::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E83061A1A4C for <v6ops@ietf.org>; Fri, 26 Jun 2015 00:50:28 -0700 (PDT)
Received: from [186.137.82.224] (helo=[192.168.3.107]) by web01.jbserver.net with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.85) (envelope-from <fgont@si6networks.com>) id 1Z8OP3-0001RM-B7; Fri, 26 Jun 2015 09:50:25 +0200
Message-ID: <558D00A0.1090406@si6networks.com>
Date: Fri, 26 Jun 2015 04:34:56 -0300
From: Fernando Gont <fgont@si6networks.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: "Fred Baker (fred)" <fred@cisco.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>
References: <20150515105406.GA3028@ernw.de> <87siav2m6p.fsf@stepladder-it.com> <F1D4404E5E6C614EB9D3083F4D15A7E7C4A92C@hex02> <D17F4C51.4ABB0%evyncke@cisco.com> <20150611165858.GT39827@ernw.de> <CAFU7BAR7m0sZsU9Rc=fUao32zaRE1=9XMBWjiL0AukehdpVpWQ@mail.gmail.com> <5580CC33.2080503@gmail.com> <8447882A-6B4B-4ABE-9BDF-5DA7AFE13AB1@cisco.com>
In-Reply-To: <8447882A-6B4B-4ABE-9BDF-5DA7AFE13AB1@cisco.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/TGYelyhqzp0on0tWSdGlBRrGrgs>
Cc: "v6ops@ietf.org" <v6ops@ietf.org>, "ipv6-wg@ripe.net IPv6" <ipv6-wg@ripe.net>
Subject: Re: [v6ops] Extension Headers / Impact on Security Devices
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jun 2015 07:50:32 -0000

On 06/17/2015 01:45 AM, Fred Baker (fred) wrote:
> 
>> On Jun 16, 2015, at 6:24 PM, Brian E Carpenter
>> <brian.e.carpenter@gmail.com> wrote:
>> 
>> Personally I still think RFC 7045 is the most realistic on this
>> point, but Fred would like things to get better ;-).
> 
> And I haven't finished with Dennis Ferguson's comment.
> 
> Bottom line, if one accepts the present status quo as the state
> forever, then we should stop with RFC 7045, and (with Fernando) agree
> to deprecate all extension headers. I'd like to not do that, and the
> only way I see to not do that is to not accept the status quo.

Not sure if that's simply a matter of an error in punctuation (or in my
interpretation)... but for the record, I'm not arguing in favor of
deprecating IPv6 EHs. Actually, I've worked to figured out what's the
status quo, and working on stuff that may help to change that (e.g.,
RFC7112).

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492