[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CONSENSUS TEST: Fragmentation handling
At 12:27 PM 4/6/2004 -0400, Theodore Ts'o wrote:
>OK, do we have have consensus on the following text? (Taken from
>Steve's message of March 22nd, with #2 changed to MAY and #3 changed
>to SHOULD).
>
>Please respond by Friday....
Hi Ted,
I had raised several points on this that I believe Steve agreed to and no
one else commented on:
a) For modes #1 and #2, the document should mention that the same behavior
must apply for drop and bypass rules. (I think Steve wanted to put it in
another section.)
b) For mode #3 the text should be extended to state that if the #3 behavior
has been negotiated, the receiver MUST NOT accept non-initial fragments
without verifying that they comply with the security policy called for for
the overall packet.
c) Port selector ANY should include OPAQUE as well as all specific
values. I.e. an opaque port number in a packet should match a policy that
has the value ANY.
Beyond that, I would much rather make both #2 and #3 be MAY and
MAY. (Rather than MAY and SHOULD.)
--Mark