Josh, That's a very good rational.
But also we can consider IPsec. In IPv4 world, most of the users don't have an IPsec capable router in their access to the ISP network. In IPv6, they have the option to enable it or not, but the security features are at least there. Also, the users always have the option to use proxies, personal firewalls, or anything like that, same as today is already being used. And of course, we need to consider the lots of advantages that IPv6 bring, specially for the home users, things like autoconfiguration, that will facilitate their life. Regards, Jordi ----- Original Message ----- From: "Josh Littlefield" <[EMAIL PROTECTED]> To: "Margaret Wasserman" <[EMAIL PROTECTED]> Cc: "Pekka Savola" <[EMAIL PROTECTED]>; "Thomas Narten" <[EMAIL PROTECTED]>; "Steve Deering" <[EMAIL PROTECTED]>; "Joe Baptista" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, August 29, 2002 10:11 PM Subject: Re: IPv6 Interview Questions and critic > Margaret Wasserman wrote: > >>How much this will help you depends on the circumstances. It could help a > >>lot in some cases (e.g. when the prefix changes rapidly too), close to > >>zero in others (e.g. when your prefix is nearly static). > > > > The use of temporary addresses in IPv6 will make it somewhat harder for > > servers to track information about individual IPv6 hosts. They could > > still store tracking information based on the prefix, but they would > > not know if the prefix refers to a single host or a large multi-user > > network. > > I think perhaps the point is that if users (households, for example) are > assigned prefixes, rather than addresses, then if that prefix assignment is > pretty static, having a random interface identifier does little to hide the > identity of the household. > > So, while random interface identifiers may make the full address in IPv6 > less predictable than in IPv4, the prefix assignment policies of the network > provider may make that a cause the upper 64 bits to be just as identifying > as typical IPv4 addresses. > > I'm not sure it's likely to be worse than v4, but I think its unlikely to be > any better since we're recommending households get assigned a subnet in v6, > the way they are assigned an address in v4. It depends on the amount of > prefix affinity the network provider enforces/allows. > > -josh > > -- > ===================================================================== > Josh Littlefield Cisco Systems, Inc. > [EMAIL PROTECTED] 250 Apollo Drive > tel: 978-497-8378 fax: same Chelmsford, MA 01824-3627 > > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to [EMAIL PROTECTED] > -------------------------------------------------------------------- > *********************************************************** Madrid 2002 Global IPv6 Summit See all the documents on line at: www.ipv6-es.com -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
