Technical Summary:
The IPv6 specification allows IPv6 header chains of an arbitrary
size. The specification also allows options which can in turn extend
each of the headers. In those scenarios in which the IPv6 header
chain or options are unusually long and packets are fragmented, or
scenarios in which the fragment size is very small, the first
fragment of a packet may fail to include the entire IPv6 header
chain. This document discusses the interoperability and security
problems of such traffic, and updates RFC 2460 such that the first
fragment of a packet is required to contain the entire IPv6 header
chain.
Working Group Summary:
This document is the product of the IPv6 WG. It has undergone
significant revision over eight versions. The final version reflects
strong WG consensus.
Document Quality:
In the 6man working group, the chairs do a detailed review
and also ask one or two volunteers (or hand picked experts) to
do a thorough review of documents before the are being
advanced to the IESG.
Brian Carpenter performed a detailed review of the final version. Ran
Atkinson and others have reviewed recent versions.
Implementations: Several devices that implement stateless firewalls
already discard packets when the entire header chain is not included
in the first fragment.
Personnel:
Ole Troan is the document Shepherd. Brian Haberman is the Area Director.