I'll try to re-state one of my questions more simply, based on the -09: How is the attack explained in C.4 mitigated by the mechanism specified in draft-ietf-6man-stable-privacy-addresses-09?
One more comment below: On May 31, 2013, at 8:23 PM, Fernando Gont <[email protected]> wrote: >> Another point for clarification: >> >> On the other hand, in scenarios in which "temporary addresses" are >> employed together with stable addresses such as those based on IEEE >> identifiers, implementation of the mechanism described in this >> document would mitigate address-scanning attacks and also mitigate >> some vectors for correlating host activities that are not mitigated >> by the use of temporary addresses. >> >> Which correlation attack vectors do random-per-network addresses >> mitigate that temporary addresses do not? > > See appendix B of drat-ietf-6man-stable-privacy-addresses. > I see the above-quoted text has been updated to the following: In scenarios in which "temporary addresses" are employed, implementation of the mechanism described in this document (in replacement of stable addresses based on e.g. IEEE identifiers) would mitigate address- scanning attacks and also mitigate the remaining vectors for correlating host activities based on the node's IPv6 addresses. What "the remaining vectors for correlating host activities based on the node's IPv6 addresses" actually means is "the remaining vectors for correlating host activities across networks based on the node's stable IPv6 address," correct? Thanks, Alissa -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
