This didn't seem to actually make it out the first time.
From: Thomas Narten <[EMAIL PROTECTED]>
To: Jim Bound <[EMAIL PROTECTED]>
cc: Bob Hinden <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Date: Wed, 09 Aug 2000 14:01:33 -0400
Subject: Re: W.G. Last Call on "Privacy Extensions for Stateless Address
Autoconfiguration in IPv6s"
Jim,
> >4. Implications of Changing Interface Identifiers
> >
> > The IPv6 addressing architecture goes to great lengths to ensure that
> > interface identifiers are globally unique. During the IPng
> > discussions of the GSE proposal [GSE], it was felt that keeping
> > interface identifiers globally unique in practice might prove useful
> > to future transport protocols. Usage of the algorithms in this
> > document would eliminate that future flexibility.
> Can we get more words that this spec does not eliminate users who want
> to use identifiers that are globally unique by ignoring this entire
> spec?
I'm not sure what more you want the document to say. Can you be more
specific? Here is my reasoning. I think it is true that if anonymous
addresses become widely used in practice, the fact will be that a
large proportion of addresses will not have globally unique
identifiers in interface identifier part of an address. It may well be
that future uses of globally unique interface identifiers only makes
sense if the vast majority of addresses do have a globally unique
component. I.e, will such a scheme even be useful if only 80% of the
addresses have unique interface identifiers? What if the percentage is
only 50%?
> Also I waited to respond cause I asked 3 sys admins of very large
> networks to tell me if they would shut this off on an IPv6
> implementation. All said yes and it appears the IETF had to play
> some poltics here. This is just plain silly for corporate
> Intranets.
I tend to agree that anonymous addresses may not be appropriate in
some environments. One of the issues you are really getting at is
where the knobs to control useage of anonymous addresses should be. I
think a case can be made that the site should be able to disable their
usage (i.e, it may be corporate policy to do this). Should an end user
have the ability to override such a policy? In a corporate setting,
the answer is quite possibly no. But if a user is at home, and the
policy is set by the ISP, what then?
> Hence, I suggest that some words be stated that for corproate Intranet
> traffic this is may be very unnecessary.
How about I add the following lines to paragraph 2 in Section 4.:
> The desires of protecting individual privacy vs. the desire to
> effectively maintain and debug a network can conflict with each
> other. Having clients use addresses that change over time will make
> it more difficult to track down and isolate operational problems. For
> example, when looking at packet traces, it could become more
> difficult to determine whether one is seeing behavior caused by a
> single errant machine, or by a number of them.
new line:
Consequently, system administrators in environments where privacy
is not a primary concern (e.g., corporate intranets) may choose
to prohibit the assignment and usage of anonymous addresses on
the nodes that it manages.
Thomas
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
