Subject: Defines for IP security options wrong in
To: None <firstname.lastname@example.org>
From: Darren Reed <email@example.com>
Date: 04/23/2001 02:00:20
In <netinet/ip.h>, we have a bunch of #defines like this:
/* bits for security (not byte swapped) */
#define IPOPT_SECUR_UNCLASS 0x0000
#define IPOPT_SECUR_CONFID 0xf135
#define IPOPT_SECUR_EFTO 0x789a
#define IPOPT_SECUR_MMMM 0xbc4d
#define IPOPT_SECUR_RESTR 0xaf13
#define IPOPT_SECUR_SECRET 0xd788
#define IPOPT_SECUR_TOPSECRET 0x6bc5
These are based on RFC 791.
RFC 1108 redefines the way basic IP security options (such as these) are
to be used.
Does anyone know, without doubt, about whether or not the old semantics in
RFC791 are still valid or is the format in RFC 1108 the only one used ?
If the latter (and there is confirmation of it), does anyone object to
these being changed ?