On 15/10/2016 00:14, Eitan Adler wrote:
> On 13 October 2016 at 21:23, Fernando Gont <fg...@si6networks.com> wrote:
>> On 10/05/2016 09:09 PM, Dave Thaler wrote:
>>> The issue with IEEE MAC's is that it's sent to untrusted observers, not 
>>> that it is a stable identifier per se.
>>> It just so happens that you typically don't have a choice but to send it in 
>>> packets such that it can be observed
>>> by untrusted observers, hence the need to use randomized MACs.
>> The issue with MAC addresses is that they are constant across networks
>> when, if anything, they just need to be stable within the same subnet.
>> Besides, they have semantics (vendor ID) when in fact they need not.
>> And well, the problem is exacerbated by IPv6 SLAAC traditionally
>> generating IPv6 IIDs by embedding the underlying MAC address into them...
> Though RFC 4941 exists for this particular issue.

And RFC 7217 for enterprise-like situations, RFC 7721 for general discussion
of the topic, and draft-ietf-6man-default-iids which is currently with the IESG.


perpass mailing list

Reply via email to