If i may summarize this thread as a method to conclude it. 1. Some people like GUA the most.
2. Smart network operators understand the facts and make decisions based on facts (ULA exist, and it meets a need in some scenarios. NAT and lack of addresses are not reasons to use ULA). 3. Most FUD around ULA comes from an over-reaction to ipv4 NAT sins, misunderstandings about how security policy works in the real world , and deficiencies in mathmatical education. CB On Jul 19, 2012 5:48 AM, "Mark Andrews" <[email protected]> wrote: > > In message < > caaawwbxh1ws_9ax4fwgrqmsbjmkgj0nwhri9en53htl36vh...@mail.gmail.com> > , Jimmy Hess writes: > > On 7/18/12, Karl Auer <[email protected]> wrote: > > > I don't understand the professed need for provable randomness. Without > a > > > number *space* to provide context, randomness is inherently > > > non-provable. The whole point of the randomness of those 40 bits of ULA > > > infix is that any number is as likely as any other number. Someone, > > > > When numbers are selected by choosing a random value; certain ratios > > of bits set to "1" are more likely to occur than other ratios of bits > > set to "1". > > > > A random generator that is operating correctly, is much more likely to > > emit a number with 50% of the bits set to 1, than it is to emit a > > number with 0% of the bits set to 1, given a sufficient number of > > bits. If the ratio is inconsistent by a sufficient margin, and your > > sample of the bits is large enough in number, you can show with high > > confidence that the number is not random; a 1 in 10 billion chance > > of the number being randomly generated, would be pretty convincing, > > for example. > > Actually you can't. > > fdaa:aaaa:aaaa has 20/20 0/1 bits but is entirely non random. > fdf0:f0f0:f0f0 has 20/20 0/1 bits but is entirely non random. > > The ratio of the number of bits doesn't tell you anything about whether > the number was random or not. > > > Removing the temptation by excluding the small number of choices with > > 90% - 95% of the bits set to 1 may eliminate future problems caused > > by an early "accident"/"error" in assigning the initial ULA, > > compared to the minor inconvenience of needing to run the ULA > > generator one more time to get an actual usable range. > > > > > somewhere, is eventually going to get 10:0000:0000, someone else will > > > eventually get 20:0000:0000 and so on. And they are just as likely to > > > get them now as in ten years time. > > > > That is extremely improbable. > > If you generate a million ULA IDs a day, every day, it is expected to > > be over 1000 years before you generate one of those two. > > improbable != impossible > > > -- > > -JH > > > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: [email protected] > >
