On 04/19/2012 10:34 AM, Eliot Lear wrote: >> It's not an argument against RFc4941, but rather an argument that even >> with RFC4941, you still need to do something about the IEEE-based IIDs. >> At the Paris IETF, some folks argued that if you have RFC 4941 in place, >> you don't need draft-gont-6man-stable-privacy-addresses. Section 7 of >> draft-gont-6man-stable-privacy-addresses (which should be an Appendix, >> rather than a section in the main body of the document) illustrates that >> that's not the case: even if you're employing RFC4941, you're still >> subject to host-scanning attacks and host tracking. > > Well, host scanning at least. Host tracking depends on the implementation.
Not sure what you mean. If you don't do draft-gont-6man-stable-privacy-addresses, you do either IEEE-derived IIDs, or the randomized-but-stable-across-networks Windows IIDs. -- And as long as you have stable-across-networks IIDs, you can be tracked. >> How do you arrive to the conclusion that people might want to use this >> instead of CGAs?? >> >> As noted in the I-D tihs mechanism is meant to be a replacement for IIDs >> based on IEEE identifiers. This is orthogonal to RFC4941 and orthogonal >> to CGAs. > > I know what you mean. That matters less than how other people make use > of the work. We can't produce specs for people that cannot read and understand specs. draft-gont-6man-stable-privacy-addresses solves a real and existing problem. To me, "people using draft-gont-6man-stable-privacy-addresses instead of CGAs" makes as much sense as "people using draft-gont-6man-stable-privacy-addresses instead of TCP" -- I don't even know how that might happen, and I've not heard your reasoning of why that might happen. Cheers, -- Fernando Gont SI6 Networks e-mail: [email protected] PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
