Sorry, cathing up late with the thread. Thanks, Eliot. Thats good information. The MAC address based limited link-local address space is a problem for devices running a proxy. Do you have an idea about some class of devices that has the issue that you describe and that could be proxies ?
I know about these crazy LED lightbulbs that actually build a mesh network. Is that what you where alluding to ? But would those type of devices really be able to do all the security stuff of ANIM/BRSKI ? Cheers Toerless On Thu, Jul 13, 2017 at 10:58:45PM +0200, Eliot Lear wrote: > Hi Toerless, > > > On 7/6/17 9:09 AM, Toerless Eckert wrote: > > On Thu, Jul 06, 2017 at 04:34:05PM +1200, Brian E Carpenter wrote: > >> It used to be, but the recommendation today is a pseudo-random > >> value (RFC7217). In any case it's a software choice. > > brand new recommendations do not equate to be expected > > standard practice in products. Would be very good to have > > folks with practical insight into various products to > > provide more information. > On this point, I think it's quite likely that we will see a good number > of devices fielded that will do a lousy job of PRNG, and so it would be > inadvisable for them to implement RFC7217, lest they test their DAD code > in ways not really intended. I'm not thinking about iPhones here, but > energy harvesting devices like some light switches, and a bunch of, > well,... crap. > > The question is whether you should design for these devices. IMHO "no" > is a perfectly valid answer, but I'm still a bit skeptical about the > value of 7217 for these class of devices in any event. > > Eliot _______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima