[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: I-D ACTION:draft-hinden-ipv6-global-local-addr-00.txt
- To: ipng@xxxxxxxxxxxxxxxxxxx
- Subject: Re: I-D ACTION:draft-hinden-ipv6-global-local-addr-00.txt
- From: Zefram <zefram@xxxxxxxx>
- Date: Fri, 9 May 2003 11:42:54 +0100
- Delivery-date: Fri, 09 May 2003 13:44:46 +0300
- Envelope-to: archive@lists.atm.tut.fi
- In-reply-to: <200305081934.PAA06055@ietf.org>
- References: <200305081934.PAA06055@ietf.org>
- Sender: owner-ipng@xxxxxxxxxxxxxxxxxxx
- User-agent: Mutt/1.3.28i
Overall this looks like a very good idea. I'm enormously more comfortable
about the idea of using these Globally Unique addresses than site-local
addresses. A handful of minor points:
0. The name you're using to refer to the addresses, "globally unique
IPv6 local addresses", doesn't express the essential characteristics
of these addresses. There are many types of IPv6 address that
are globally unique (most of them, in fact), and the word "local"
is too vague in this context. The interesting characteristics
of these addresses are that they're (a) provider-independent,
(b) globally scoped (globally unique), (c) not generally routable.
A better tag, therefore, might be "unroutable global IPv6 addresses".
"local", as in local routeability, is one way they can be used, but
isn't an inherent property of the address type, and so shouldn't be
mentioned in this tag at all.
1. Why reserve the all-zeroes and all-ones global IDs? The convention
in IPv6 is that we don't reserve these values in any field. If the
intent is merely to prevent these IDs being allocated in the normal
manner, it seems better to say that they must never be assigned at all,
rather than saying that they might be used in the future.
2. You propose allocation by a central registry. There is an obvious
alternative of uncoordinated random allocation by end users, which
has already been suggested on this list. Why not support both?
Some arrangement like fc00::/8 being centrally allocated and fd00::/8
being reserved for independent random allocation. It's a bit like the
UUID system, where there is a choice between putting a MAC address
in the UUID or using the space for randomness. Obviously random
allocation doesn't have a strong guarantee of uniqueness, and in
fact the birthday paradox applies, which is why central allocation is
useful, but that doesn't make independent random allocation unuseful.
3. Whether it's officially supported or not, I expect some people will
randomly allocate their own prefix, so advice on how to do it right
(use a strong entropy source, such as in the last resort tossing coins)
would be worth adding to the draft.
4. The privacy of prefix ownership looks like a good idea. Escrow of it
sounds innocuous, but I don't think you've justified the need for it.
The draft says "It is escrowed to insure there are no duplicate
allocations and in case it is needed in the future.". Duplicate
allocations, more than one prefix to one user, are not a problem:
the EUR10 fee will prevent large-scale abusive allocation, and some
organisations might have a legitimate need for more than 16 bits of
subnet ID within unroutable global address space. I suggest that all
the "in case it is needed in the future" scenarios that we want to
allow can be handled by having a cryptographically signed certificate
from the registry that allows a prefix owner to prove ownership of
their prefix, without the registry needing to keep records of who
owns which prefix. This also has the advantage that pseudonymous
allocations, and similar scenarios, aren't a problem for the registry.
-zefram
--
Andrew Main (Zefram) <zefram@fysh.org>
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to majordomo@sunroof.eng.sun.com
--------------------------------------------------------------------