Technical Summary
This document analyzes both
the general security implications of IPv6 Extension Headers and the
specific security implications of each Extension Header and Option
type. Additionally, it discusses the operational and
interoperability implications of discarding packets based on the IPv6
Extension Headers and IPv6 options they contain. Finally, it
provides advice on the filtering of such IPv6 packets at transit
routers for traffic *not* directed to them, for those cases in which
such filtering is deemed as necessary.
Working Group Summary
At the beginning, there was a controversy about filtering in the Internet.
The authors took the right decisions to limit the purpose of the document to
transit routers as well as using a black list approach (in order to prevent the ossification).
The OPSEC WG consensus is that it is a useful document (albeit informational only) and
the current approach is the right one.
The WGLC was sent to OpSec, 6MAN and V6OPS t oget better coverage:
<https://mailarchive.ietf.org/arch/msg/v6ops/MvzKKTYCDtWVtlIGxb6OfQlUats>
Document Quality
The document is clear and easy to read. There are some minor nits / typos,
but (unusually) I decided it wasn't worth asking for a respin for these.
Personnel
The document shepherd is Eric Vyncke.
Warren Kumari is RAD!