draft-ietf-6lo-privacy-considerations says: When Short Addresses are desired on links that are not guaranteed to have a short enough lifetime, the mechanism for constructing an IPv6 interface identifier from a Short Address could be designed to sufficiently mitigate the problem. For example, if all nodes on a given L2 network have a shared secret (such as the key needed to get on the layer-2 network), the 64-bit IID might be generated using a one-way hash that includes (at least) the shared secret together with the Short Address. The use of such a hash would result in the IIDs being spread out among the full range of IID address space, thus mitigating address scans, while still allowing full stateless compression/elision.
such work does not yet exist. I think it would be in charter for 6lo at this time? It would seem to be an extension to draft-ietf-6lo-paging-dispatch in some way. I wonder if it worth delay to do this now? -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
Description: PGP signature
_______________________________________________ 6lo mailing list email@example.com https://www.ietf.org/mailman/listinfo/6lo