On 4/20/2017 9:15 AM, Pascal Thubert (pthubert) wrote: > > What about : > > > > « > > This implies that a 6LR or 6LBR which is intended to support N > hosts MUST have space to register at least on the order of 10N IPv6 > addresses. > > « > > -> > > « > > This implies that the capabilities of 6LR and 6LBRs in terms of > number of registrations must be clearly announced in the router > documentation, and that a network administrator should deploy adapted > 6LR/6LBRs to support the number and type of devices in his network, > based on the number of IPv6 addresses that those devices require. > > « > > > > Works ? >
I don't have a strong opinion on this wording, but I have a recommendation for the authors of the draft. This discussion outlined a couple of concerns about potential abuses. For example, I noted the following: 1) Registration procedure could be used to deny access, by abusing the administrative rejection option. 2) Nodes registering a large number of IID could overwhelm the registration system. I would also add a generic concern about unique identifiers and privacy. This is an obvious concern in mobility scenarios, but even for static networks it also is a concern if the option can be observed outside the network. I understand that the encrypted link provides some mitigation, but having provisions to vary the IID over time would be even better. It might be a good idea to document these issues in the security considerations. -- Christian Huitema
_______________________________________________ 6lo mailing list 6lo@ietf.org https://www.ietf.org/mailman/listinfo/6lo