Skip to main content

Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers
draft-ietf-opsec-ipv6-eh-filtering-10

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: =?utf-8?q?=C3=89ric_Vyncke?= <evyncke@cisco.com>, The IESG <iesg@ietf.org>, draft-ietf-opsec-ipv6-eh-filtering@ietf.org, evyncke@cisco.com, opsec-chairs@ietf.org, opsec@ietf.org, rfc-editor@rfc-editor.org, warren@kumari.net
Subject: Document Action: 'Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers' to Informational RFC (draft-ietf-opsec-ipv6-eh-filtering-10.txt)

The IESG has approved the following document:
- 'Recommendations on the Filtering of IPv6 Packets Containing IPv6
   Extension Headers at Transit Routers'
  (draft-ietf-opsec-ipv6-eh-filtering-10.txt) as Informational RFC

This document is the product of the Operational Security Capabilities for IP
Network Infrastructure Working Group.

The IESG contact persons are Warren Kumari and Robert Wilton.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-opsec-ipv6-eh-filtering/


Ballot Text

Technical Summary

   This document analyzes both
   the general security implications of IPv6 Extension Headers and the
   specific security implications of each Extension Header and Option
   type.  Additionally, it discusses the operational and
   interoperability implications of discarding packets based on the IPv6
   Extension Headers and IPv6 options they contain.  Finally, it
   provides advice on the filtering of such IPv6 packets at transit
   routers for traffic *not* directed to them, for those cases in which
   such filtering is deemed as necessary.

Working Group Summary

  At the beginning, there was a controversy about filtering in the Internet.
  The authors took the right decisions to limit the purpose of the document to
   transit routers as well as using a black list approach (in order to prevent the ossification).

  The OPSEC WG consensus is that it is a useful document (albeit informational only) and 
  the current approach is the right one. 

 The WGLC was sent to OpSec, 6MAN and V6OPS t oget better coverage:
 <https://mailarchive.ietf.org/arch/msg/v6ops/MvzKKTYCDtWVtlIGxb6OfQlUats>

Document Quality

   The document is clear and easy to read. There are some minor nits / typos,
  but (unusually) I decided it wasn't worth asking for a respin for these.

Personnel

   The document shepherd is Eric Vyncke.
   Warren Kumari is RAD!

RFC Editor Note