[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on draft-ietf-ipv6-privacy-addrs-v2-00.txt



Pekka Savola wrote:
...
* I hope the problem statement above justifies the use of privacy
addresses for ULAs


I'm not so sure: so, you'd assume that the evil enterprise administrator would be eavesdropping and correlating enterprise's internal traffic, or the enterprise's internal web servers would be correlating the behaviour?

As far as I can see, it's exactly the opposite -- privacy extensions should not be enabled by default for ULAs.


Certainly not by default; the default IID for ULAs is whatever it is for any other native IPv6 address. Actually, it will be a matter of corporate IT policy what IIDs are used within an enterprise network. As draft-vandevelde-v6ops-nap-00.txt discusses, privacy addresses will be useful in enterprise networks for use with global prefixes, but there is no obvious need to use them with ULA prefixes.

But I don't find anything in draft-ietf-ipv6-privacy-addrs-v2-00
that makes privacy addresses a default, unless the implementer
happens to make that a configuration choice, which isn't the
IETF's decision.

    Brian


-------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@xxxxxxxx Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------