Closed gorryfair closed 2 months ago
This issue pertains to APC, not AUTH.
APC remains an ordinary SAFE option in -33, meaning that its failure does not (by default) cause the packet to be discarded. The status is passed to the application/upper layer, which many then make a decision whether to accept or reject the packet.
"It is not an alternative to the UDP checksum because it does not cover the IP pseudoheader or UDP header, and it is not a supplement to the OCS because the latter covers the surplus area only."
It doesn't supplement the OCS, but the OCS is needed to protect the APC option itself from being corrupted since the APC option can't protect itself. For instance, if someone sends an APC option but the kind byte flips to some unknown value then the receiver would completely miss the APC. For this reason, it should be strongly RECOMMENDED that the OCS be used when the APC is used (note that the computation required to compute the CRC over the packet dwarfs that for computing the checksum over the surplus area so the overhead of OCS in this case is inconsequential)
"Like all SAFE UDP options, APC needs to be silently ignored when failing by default, unless the receiver has been configured to do otherwise."
Accepting a packet that is known to be corrupted is a major departure from how other protocols work. If TCP checksum fails, Ethernet CRC fails, UDP checksum fails, or IPv4 header checksum fails to be validated then the packet is dropped (this isn't just default behavior, this is the only behavior for those protocols)
(Added by GF during WGLC)