No, no, that's the whole point - assuming standards-compliant users and attackers who follow this RFC, this simplifies firewall operation so that all packets with the evil bit off are not evil and can safely be forwarded, as any malicious traffic without the evil bit is simply noncompliant and should not be there, so any consequences of that are the fault of the noncompliant device (i.e. the attacker) as the firewall is operating properly according to the requirements.