On Sun, 17 Oct 2021, 06:36 Michael Richardson, <m...@sandelman.ca> wrote: > > Mark Smith <markzzzsm...@gmail.com> wrote: > > In fight changing DAs also will break AH protection of the IPv6 header. > > AH is dead. It's been dead for decades. > I say this as an IPsec enthusiast who wishes this wasn't true. > But it is.
Then all IPv6 field immutability while the packet is in flight is also dead. "Controlled domain" == redefine any field, field semantics, and field processing we like in an existing protocol, yet claim we're still using the original protocol. That has been tacitly endorsed via standards track RFC8986. The Next Header field is not supposed to be modified in flight per internet standard RFC8200, yet standards track RFC8986 specifies the behaviour via PSP. This SRH compression ID is redefining the IPv6 DA field semantics. It encodes multiple network hop destinations in the single IPv6 destination address field. Structured Flow Label - https://datatracker.ietf.org/doc/draft-filsfils-6man-structured-flow-label/ is redefining the IPv6 flow label field. This will be an operational nightmare in the future, when there are multiple applicable RFCs that conflict with each other. I don't want to have to spend time getting into arguments with vendors about which protocol variant RFC their implementation should or shouldn't have to comply with while I have 1000s, 10s or 100s of 1000s of customers off-line. _______________________________________________ spring mailing list spring@ietf.org https://www.ietf.org/mailman/listinfo/spring
