[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Issue 83 will be withdrawn
At 2:42 PM -0500 4/2/04, William Dixon wrote:
>If these codes are already defined, how were hosts envisioned to handle the
>notification that traffic was being dropped for security reasons ? Certainly
>sending hosts pay attention to the receipt of ICMP dest/port unreachables.
>
Willian,
The codes were defined over 20 years ago; I asked Jon Postel for them
when I was working on IP layer crypto devices analogous to IPsec
security gateways and we wanted to inform a host that packets were
dropped because of access controls. we wanted to let the sender know
that this was not a temporary transmission problem, and it would not
be fixed unless the access controls were fixed. the fact that most
hosts don't provide useful feedback to user or apps based on the type
and codes is a separate problem.
steve