As I wrote in the draft, the time frame for the lifetime of the IP address should be left up to the use choose based on network policy, but with the caveat that it should not be so long as to let it be tracked by an attacker. I explained that as long as the session is valid (layer 5), the node can use its old IP address but cannot start any new session with the old, expired IP address. One might want to change that sentence to read - the old IP address can continue being used as long as the transport layer connection is valid, but a new connection cannot be started using its old IP address. Does this alleviate your concerns? Thanks for your comments, Hosnieh
> > I've had a very brief look, because there was one specific thing I was looking > for, and it doesn't seem to be there. > > Addresses/IIDs have to last at least as long as the transport layer/application > connections are using them, unless the transport layer/application connection > takes ownership of dealing with addresses that might "change underneath > them". In general, larger preferred and valid lifetimes (e.g, measured in hours > or greater) and fairly stable identifiers are intended to avoid transport layer > protocols/applications having to deal with them changing. > > Rather than trying to shorten the lifetimes and lowering the stability of > addresses to the point where they may disrupt the applications using them, > perhaps creating per-application or transport layer connection addresses may > be a better idea, as discussed in: > > "Transient Addressing for Related Processes: Improved Firewalling by Using > IPV6 and Multiple Addresses per Host" > https://www.cs.columbia.edu/~smb/papers/tarp.pdf > > > > Regards, > Mark. > > > > ----- Original Message ----- > > From: Hosnieh Rafiee <[email protected]> > > To: [email protected] > > Cc: > > Sent: Sunday, 5 May 2013 5:17 AM > > Subject: solution to RFC 4941 I-D action : > > draft-rafiee-6man-ra-privacy.txt - > > > > Has anybody had a chance to look at this draft > > (http://tools.ietf.org/html/draft-rafiee-6man-ra-privacy )? Any comments? > > The aim of this draft is to adapt the current RFC to the latest > > European law > > http://europa.eu/rapid/press-release_IP-12-46_en.htm?locale=en and to > > accommodate the needs of customers with relation to the new law for a > > long term period. The purpose is to allow users to choose their means to the > privacy and anonymity within a network as well as across networks. > > > > There is still an option of merging this draft with other drafts, that > > address the issue of allowing users to set the lifetime of the IP > > address during the installation or an option to set it by the users, > > if people on the mailing list thinks it would be useful. > > Share your technical ideas. > > > > Thanks, > > Best, > > Hosnieh > > > > > > > > -------------------------------------------------------------------- > > IETF IPv6 working group mailing list > > [email protected] > > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > > -------------------------------------------------------------------- > > -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
