On Sep 4, 2013, at 4:43 AM, S.P.Zeidler <[email protected]> wrote: > Hi, > > Thus wrote Jens Link ([email protected]): > >> I think vendors should put some sensible defaults in place, e.g. no >> SLAAC, no privacy extensions, no temporary addresses on severs. > > I don't think this is really something the OS should do. > If a program requests a specific address when building a socket, and that > address is configured at all, it gets it on every OS I'm aware of. > > In an IPv6 world, network services (aka, smtp, http, dns, .. servers) > should -always- be bound (and bindable) to specific addresses both for > incoming and outgoing connections.
Some more precision around that statement would be useful, perhaps an Internet Draft to provide guidance to developers for when to choose a privacy address or the primary address. Choosing DNS from your list as one example, using privacy addresses would for a query would add more bits of randomness, which DNS has been struggling to add since the Kaminsky attack (randomized source port, draft-vixie-dnsext-dns0x20, and other approaches). So, I don't know a good default to recommend with DNS, as it doesn't suffer the RDNS matching problem of SMTP. SMTP, we should more carefully distinguish between SMTP submission (port 587, RFC4409) and the function of an SMTP relay; we should allow a subscriber's PC to submit mail to their MTA using an IPv6 privacy address, but perhaps we do want to continue the overloading of RDNS for MTA-to-MTA SMTP traffic (port 25). I don't know if there is a way we can generalize how applications work, or just enumerate all the IETF applications and lots of 'common' applications -- but some guidance to implementors for if their application should use privacy addresses may well be useful. Such guidance is related to, but not the same, as the referral problem that IETF tried to tackle with a BoF and a few Internet Drafts, http://tools.ietf.org/html/draft-carpenter-referral-ps; referring a client to a host's primary address is easiest (just put the permanent address in the DNS with an AAAA record), but there are many cases where a server doesn't want to use its permanent address -- when waiting for an incoming connection for a WebRTC call, for example. I believe the recommendation might possibly be as simple as 'use privacy address when privacy could be important', and 'use permanent address when the server is a publicly-accessible server (e.g., the server has a DNS AAAA record in the public DNS)'. -d > It's not funny if your smtp server > tries to deliver through the firewall with its http server address, which > is then Not Allowed (tm) :) > > regards, > spz > -- > [email protected] (S.P.Zeidler)
