editorial bug in IP Auth Hdr spec

[Ran Atkinson <rja@bodhi.cs.nrl.navy.mil>]

Folks,

  Partly because I'm working on "TCP for IPv6" and partly to sanity
check that my specs are readable by folks other than me, Craig Metz is
the person working on our Auth Hdr implementation for IPv6.  This past
week, Craig has been working on IPv6 reassembly code.  For those
unfamiliar with IPv6, it might be worthwhile to note that there is no
intermediate fragmentation in IPv6 because Path MTU Discovery is
always used, but end-to-end fragmentation can still occur (e.g. due to
naive UDP applications).

  As part of work on IPv6 reassembly, Craig pointed out that I put a
crucial sentence about fragmentation/reassembly in an "IPv4-only"
paragraph rather than in an "applies to both IPv4 and IPv6" paragraph
where it should have been.  I will make this editorial fix prior to
going to RFC, but the change is too small to merit bothering the CNRI
folks with putting out a revised online I-D.

  In Section 4 of that I-D, the existing sentence below applies to
both IPv4 and IPv6:

	"Reassembly of fragmented IP packets occurs PRIOR to processing
	by the local IP Authentication Header implementation."

  For clarity, Craig suggested (and I agree) that I should also note
with a new sentence in the outgoing processing description that:

	"For outgoing IP datagrams, IP Authentication Header processing
	always occurs PRIOR to IP packet fragmentation."

Ran
rja@cs.nrl.navy.mil

---

• Prev by Date: Last Call: Security Architecture for the Internet Protocol to Proposed Standard
• Next by Date: CFP: ISOC Symposium on Network and Distributed System Security
• Prev by thread: Last Call: Security Architecture for the Internet Protocol to Proposed Standard
• Next by thread: CFP: ISOC Symposium on Network and Distributed System Security
• Index(es):
  • Main
  • Thread