[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue 83 will be withdrawn

To: "William Dixon" <ietf-wd@v6security.com>
Subject: RE: Issue 83 will be withdrawn
From: Stephen Kent <kent@bbn.com>
Date: Fri, 2 Apr 2004 15:29:42 -0500
Cc: <ipsec@lists.tislabs.com>
In-reply-to: <200404021944.i32Ji1xA027106@rs9.luxsci.com>
References: <200404021944.i32Ji1xA027106@rs9.luxsci.com>
Sender: owner-ipsec@lists.tislabs.com

At 2:42 PM -0500 4/2/04, William Dixon wrote:
>If these codes are already defined, how were hosts envisioned to handle the
>notification that traffic was being dropped for security reasons ? Certainly
>sending hosts pay attention to the receipt of ICMP dest/port unreachables.
>

Willian,

The codes were defined over 20 years ago; I asked Jon Postel for them 
when I was working on IP layer crypto devices analogous to IPsec 
security gateways and we wanted to inform a host that packets were 
dropped because of access controls. we wanted to let the sender know 
that this was not a temporary transmission problem, and it would not 
be fixed unless the access controls were fixed. the fact that most 
hosts don't provide useful feedback to user or apps based on the type 
and codes is a separate problem.

steve

References:
- RE: Issue 83 will be withdrawn
  - From: "William Dixon" <ietf-wd@v6security.com>

Prev by Date: RE: Issue 83 will be withdrawn
Next by Date: Re: IDci and IDcr payloads with NAT Traversal
Previous by thread: RE: Issue 83 will be withdrawn
Next by thread: Re: Issue 83 will be withdrawn
Index(es):
- Date
- Thread