Re: draft-ietf-opsec-filter-caps-08.txt

[Danny McPherson <danny@tcb.net>]

On Jun 27, 2007, at 8:16 PM, Roland Dobbins wrote:
> I think the idea is to note that while (hopefully) mitigating the  
> effects of the attack for the target(s), the imposition of such  
> filters would then break any PMTU-D from the perspective of those  
> target(s) as long as it was left in place (which may well be an  
> acceptable tradeoff in exchange for ameliorating the effects of a  
> substantial ICMP-based DDoS, of course), and of course many  
> temporary measures tend to become permanent due to operational  
> entropy.

Right, that I understand.

> The verbiage should probably be massaged a bit to more accurately  
> reflect this.

I agree and believe a change to the text, which can easily be done
during RFC editing, should address this.

-danny