The second issue is surrounding IPv6 privacy addresses (RFC4941). Section 3.1 of RFC4941 states: "this document assumes that when a node initiates outgoing communication, temporary addresses can be given preference over public addresses when the device is configured to do so. [ADDR_SELECT] mandates implementations to provide a mechanism, which allows an application to configure its preference for temporary addresses over public addresses. It also allows for an implementation to prefer temporary addresses by default, so that the connections initiated by the node can use temporary addresses without requiring application-specific enablement."
This suggests there should be a mechanism for a host to choose whether to use temporary or public addresses. RFC3484 talks about preferring temporary or public addresses in Rule 7. In practice, implementations seem to prefer privacy addresses (to initiate connections) when they are enabled. At the moment, RFC3484-bis says nothing different or new for privacy addresses. Should there be a configuration switch for privacy extensions somewhere, and if so how is this controlled - locally or via a policy distribution mechanism? In IETF80, the suggestion to 'tell' a host whether it should use privacy addresses by using an RA flag was not well received. There was at least one comment at IETF80 that the privilege to carry the traffic and the privilege to turn on/off the privacy extension should be different. Comments please. Tim
-------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
