Controlled by software = not constant. It is also not likely to be something that is knowable on a piece of electronic gear that is not a PC, nor will it be something that can be printed on the outside of the device, like most today.
-Randy ----- Original Message ----- > Yes, DUID and IAID should be persistent on systems. If they are not > then they are not following the RFC. > > Note that bad practices, though, can remove that persistence (e.g. > deleting the DUID, or replicating the DUID on other systems). > > On Mon, Jan 23, 2012 at 5:56 PM, Karl Auer <ka...@biplane.com.au> > wrote: > > On Mon, 2012-01-23 at 17:26 -0500, Randy Carpenter wrote: > >> One major issue is that there is no way to associate a user's MAC > >> (for > >> IPv4) with their DUID. I haven't been able to find a way to > >> account > >> for this without making the user authenticate once for IPv4, and > >> then > >> again for IPv6. This is cumbersome to the user. Also, in the past > >> there have been various reason why we want to pre-authenticate a > >> client's MAC address (mostly for game consoles, and such, which > >> have > >> the MAC written on the outside of the machine). How can this be > >> done > >> with IPv6, which the DUID is not constant? > > > > Perhaps I misunderstand you (or the RFCs) but it seems to me that > > the > > DUID *is* constant. Reading section 9 of RFC 3315, it's pretty > > clear > > that a DUID is generated once, according to simple rules, and does > > not > > change once it has been generated. Barring intervention, of course. > > > > The problem is how to either find out ahead of time what DUID a > > client > > has OR how to impose a specific DUID on a client as part of > > provisioning > > it. Neither of those issues looks particularly intractable, > > especially > > if vendors start shipping with pre-configured DUIDs that are > > written on > > the boxes. > > > > What do you mean by "authenticate"? Do you mean something like > > 802.1x? > > > > Regards, K. > > > > -- > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Karl Auer (ka...@biplane.com.au) > > http://www.biplane.com.au/kauer > > > > GPG fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017 > > Old fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687 > > > > -- > Ray Soucy > > Epic Communications Specialist > > Phone: +1 (207) 561-3526 > > Networkmaine, a Unit of the University of Maine System > http://www.networkmaine.net/ > > >