Brian E Carpenter wrote:
If IPv6 has a better anonymity solution, can someone point me to it? Or do I have to start working on NATv6? (See, this is why I don't always want to identify myself! :-)

See RFC 3041 - It does exactly what you want without the drawbacks of NAT.


Actually not, if you have a domestic /48 or /64 prefix. But the MobileIP solution looks OK.

Looks but doesn't act like really providing location privacy, IMHO.


In my understanding, the essence of the hmipv6 location privacy
mechanism lies in the MAP replacing a RCoA for a LCoA (when
decapsulating).  However, it is very much likely that the two
addresses will only differ in the /64 prefix.

Suffices it for an attacker that wants to find the correlation
LCoA-RCoA to visit the MAP domain once and learn that domain's
prefixes that are part of all of that domain's LCoA's.

What one really obtains with HMIP is that one gets assigned two
addresses and is free to inform its CN about one of those addresses.
Nothing about a location being assigned to an address, let alone the
question of hiding that location.

Another location privacy drawback in hmipv6 is that it is the
network that decides whether an MN can use that location privacy or
not.  That should supposedly be entirely an MN choice.

My two cents worth; (two because I'm getting the ipng mails twice :-)

Alex
GBU

--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------

Reply via email to