FW: Protocol Action: 'Deprecation of Type 0 Routing Headers in IPv6' to Proposed Standard

[Jari Arkko <jari.arkko at piuha.net>]

FYI

The IESG wrote:
> The IESG has approved the following document:
>
> - 'Deprecation of Type 0 Routing Headers in IPv6 '
>    <draft-ietf-ipv6-deprecate-rh0-01.txt> as a Proposed Standard
>
> This document is the product of the IP Version 6 Working Group. 
>
> The IESG contact persons are Jari Arkko and Mark Townsley.
>
> A URL of this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-ietf-ipv6-deprecate-rh0-01.txt
>
> Technical Summary
>  
>   The functionality provided by IPv6's Type 0 Routing Header can be
>   exploited in order to achieve traffic amplification over a remote
>   path for the purposes of generating denial-of-service traffic.  This
>   document updates the IPv6 specification to deprecate the use of IPv6
>   Type 0 Routing Headers, in light of this security concern.
>  
> Working Group Summary
>  
>   This document is a product of the IPv6 WG. Considerable
>   discussion of the impacts of the Type 0 processing
>   has happened over the course of the last few months.
>   The document, as it currently stands, has the backing
>   of the (rough) consensus of the group. However, the
>   topic has generated a lot heated discussion, and this
>   action is not unanimously supported by everyone in the
>   group. Counter arguments against deprecation have
>   raised potential (but so far unused) applications,
>   difficulty of introducing new similar functionality
>   once the feature has been disabled, ability to
>   deal with this issue in an operational manner,
>   the difference to the IPv4 situation (where source
>   routing is still a part of the specifications), etc.
>
>   The authors, chairs, and the AD believe, however, that
>   the current contents of the document have the backing
>   of the majority of the group, and that the recommendation
>   is a valid one. In particular, new RH types can and
>   have been defined for more specialized uses safely,
>   and it would be hard to depend on RH0 in new applications,
>   given that it has legitimate security issues and
>   that irrespective of IETF's documents, this feature
>   is largely disabled in many IPv6 implementations.
>  
> Protocol Quality
>  
>   Jari Arkko has reviewed this document for the IESG. Several
>   implementations of IPv6 have for a long time not allowed
>   Type 0 Routing Header processing by default; recently
>   a number of implementations (BSD, for instance) have
>   disabled it in accordance with this document's
>   recommendations.
>
>   Call for input also in NANOG list was made.
>
> Note to RFC Editor
>  
>   Please change:
>
>   OLD:
>   IPv6 nodes MUST NOT process RH0 in packets whose
>   destination address in the IPv6 header is an address assigned to them.
>   Such packets...
>   NEW:
>   An IPv6 node that receives a packet with a 
>   destination address assigned to it and containing an RH0 extension
>   header MUST NOT execute the algorithm specified in the latter part
>   of Section 4.4 of [RFC2460] for RH0. Instead such packets...
>
>   OLD:
>   type-2 RH
>   NEW:
>   type 2 Routing Header
>
>
> _______________________________________________
> IETF-Announce mailing list
> IETF-Announce at ietf.org
> https://www1.ietf.org/mailman/listinfo/ietf-announce
>
>
>   


--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6 at ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------