posted by ![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
eftychia at 02:29am on 2003-04-11
eftychia at 02:29am on 2003-04-11Late for All-Fools-Day (because I waited for permission to
post it here) but still worth it, IMNSHO ... Remember that
RFC about a security enhancement to TCP/IP, the "Evil Bit",
that I mentioned in a
link sausage entry? (RFC 3514) Drew Dean posted a
proposed tweak in the
Risks
Digest, which a friend forwarded to me:
Subject: The Angelic Bit vs the Evil Bit
Steve Bellovin's proposed RFC 3514 finds a very constructive use for the last unused bit in the IPv4 header. In his proposal, the unused bit is sometimes affectionately referred to as the "evil" bit, although that naming convention reflects a fundamentally *pessimistic* world view. We prefer an *optimistic* world view, and therefore propose that this last bit should be used for the "angelic" bit. Our proposed semantics for the angelic bit are as follows:
0x1 The angelic bit is set. All routers, firewalls, switches, and any other network devices MUST forward this packet to its indicated destination. This packet MUST NOT have any undesirable effect on any network device. Anyone who improperly sets the angelic bit on any packet SHALL be subject to divine retribution. Civil authorities MAY subject the perpetrator to any punishment provided for in applicable law. 0x0 The angelic bit is reset. All routers, firewalls, switches, and other network devices MAY filter this packet according to any policy they deem fit. This packet MAY have undesirable effects if forwarded. The sender of the packet SHALL NOT be subject to divine retribution in case of undesirable effects. Civil authorities MAY subject the perpetrator to punishment provided for in applicable law. NB: The angelic bit may have miraculous properties in face of network links severed by backhoes; however, this SHALL NOT relieve the router of its responsibilities.
Yours for a more genteel Internet, Drew Dean