> Considering the current level of IPv6 deployment, we have got so many > specs... > BTW,how to add some salt to make CGA randomized as privacy address? Since > public key has > to be kown to receiver.
The CGA identifiers result from the hash of a modifier, a subnet prefix, a collision count and certificate. A simple way to get privacy properties is to pick a new key. Failing that, the 128 bit modifier can be set to any random value, as long as the hash properties are respected. Granted, the number of valid values depends on the sec field, but for low values of sec, one can just pick a modifier seed at random, then search for the value that provides the right hash. CGA nodes only have to disclose their public key if they want to prove their identity. But as I observed previously, we have more than enough specs around already... -- Christian Huitema -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
