Re: [v6ops] Extension Headers / Impact on Security Devices

sthaug@nethelp.no Mon, 18 May 2015 11:43 UTC

Return-Path: <sthaug@nethelp.no>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EA751A89C7 for <v6ops@ietfa.amsl.com>; Mon, 18 May 2015 04:43:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.511
X-Spam-Level:
X-Spam-Status: No, score=-1.511 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8lG8L6Dn3L3l for <v6ops@ietfa.amsl.com>; Mon, 18 May 2015 04:43:15 -0700 (PDT)
Received: from bizet.nethelp.no (bizet.nethelp.no [195.1.209.33]) by ietfa.amsl.com (Postfix) with SMTP id 43E7B1A89E1 for <v6ops@ietf.org>; Mon, 18 May 2015 04:43:14 -0700 (PDT)
Received: (qmail 88144 invoked from network); 18 May 2015 11:43:12 -0000
Received: from bizet.nethelp.no (HELO localhost) (195.1.209.33) by bizet.nethelp.no with SMTP; 18 May 2015 11:43:12 -0000
Date: Mon, 18 May 2015 13:43:12 +0200 (CEST)
Message-Id: <20150518.134312.74662992.sthaug@nethelp.no>
To: otroan@employees.org
From: sthaug@nethelp.no
In-Reply-To: <7449B614-BF21-4AD8-A642-831D5B385B41@employees.org>
References: <20150515113728.GH3028@ernw.de> <7449B614-BF21-4AD8-A642-831D5B385B41@employees.org>
X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/cmebctj5cx03hmEbfRVhq11wpk8>
Cc: v6ops@ietf.org
Subject: Re: [v6ops] Extension Headers / Impact on Security Devices
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 May 2015 11:43:18 -0000

> > - it has not happened in the past 17 yrs (since publication of RFC2460) that compelling, Internet-scale use cases of extension headers have been brought up.
> 
> this is clearly wrong. FH, AH, ESP are all widely deployed.
> any form of tunnelling is essentially either using the IP header as an extension header. including GRE.

AH is in RFC 2402 (1998).
ESP is in RFC 2406 (1998).
FH is in RFC 2460 (1998).

Do we have any examples of Internet-scale use cases where the extension
header has been defined *after* RFC 2460?

Steinar Haug, AS 2116