Implications of Oversized IPv6 Header Chains
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: RFC Editor <email@example.com>, 6man mailing list <firstname.lastname@example.org>, 6man chair <email@example.com> Subject: Protocol Action: 'Implications of Oversized IPv6 Header Chains' to Proposed Standard (draft-ietf-6man-oversized-header-chain-09.txt) The IESG has approved the following document: - 'Implications of Oversized IPv6 Header Chains' (draft-ietf-6man-oversized-header-chain-09.txt) as Proposed Standard This document is the product of the IPv6 Maintenance Working Group. The IESG contact persons are Brian Haberman and Ted Lemon. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-6man-oversized-header-chain/
Technical Summary: The IPv6 specification allows IPv6 header chains of an arbitrary size. The specification also allows options which can in turn extend each of the headers. In those scenarios in which the IPv6 header chain or options are unusually long and packets are fragmented, or scenarios in which the fragment size is very small, the first fragment of a packet may fail to include the entire IPv6 header chain. This document discusses the interoperability and security problems of such traffic, and updates RFC 2460 such that the first fragment of a packet is required to contain the entire IPv6 header chain. Working Group Summary: This document is the product of the IPv6 WG. It has undergone significant revision over eight versions. The final version reflects strong WG consensus. Document Quality: In the 6man working group, the chairs do a detailed review and also ask one or two volunteers (or hand picked experts) to do a thorough review of documents before the are being advanced to the IESG. Brian Carpenter performed a detailed review of the final version. Ran Atkinson and others have reviewed recent versions. Implementations: Several devices that implement stateless firewalls already discard packets when the entire header chain is not included in the first fragment. Personnel: Ole Troan is the document Shepherd. Brian Haberman is the Area Director.