On 7/15/2014 5:08 PM, Brian E Carpenter wrote:
The problem with both of these great inventions is that a single box on the path that takes the "drop" option breaks everything, whereas "ignore" at least provides best effort service and protects against any specific attack on the middlebox. As far as the destination host goes, HbH can't be any more dangerous than a destination option.
IPv6 already indicates - inside the option type - what to do if an option isn't supported.
Why is honoring that set of flags not the only correct behavior? Joe _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
