Extension headers and firewalls

Brian E Carpenter brian.e.carpenter at gmail.com
Sun Jul 22 09:55:24 CEST 2012


hang on - Cameron's statement is ambiguous.

Does it mean "firewalls blocking legal extension headers should be deprecated"
or "hosts sending legal extension headers should be deprecated"?

One of the problems here, as was mentioned on an IETF list quite recently,
is that RFC 2460 specifies behaviour *only* for the extension headers
defined in RFC 2460, and there is no clear list in any RFC or at IANA
of the current set of legal extension headers. Firewall implementers
seem to go by RFC 2460 alone.

This is a gap that needs to be filled by the IETF (imho).

    Brian

On 22/07/2012 01:09, Jared Mauch wrote:
> You might find a lot of support for this I suspect. 
> 
> Jared Mauch
> 
> On Jul 21, 2012, at 4:38 PM, Cameron Byrne <cb.list6 at gmail.com> wrote:
> 
>> Perhaps this functionality should be officially depricated. 
>>
>> CB
>>
> 



More information about the ipv6-ops mailing list