Hi Pekka, I am proposing the following changes to resolve the issues that you raised.
* I have made all the changes we both agreed on. * I have added the following problem statement "Addresses generated using Stateless address autoconfiguration [ADDRCONF]contain an embedded 64-bit interface identifier, which remains constant over time. Anytime a fixed identifier is used in multiple contexts, it becomes possible to correlate seemingly unrelated activity using this identifier. The correlation can be performed by o An attacker who is in the path between the node in question and the peer(s) it is communicating to, and can view the IPv6 addresses present in the datagrams. o An attacker who can access the communication logs of the peers with which the node has communicated. Since the identifier is embedded within the IPv6 address, which is a fundamental requirement of communication, it cannot be easily hidden. This document proposes a solution to this issue by generating interface identifiers which vary over time." * I have added the following text to the background section 2.1 "Although it might appear that changing an address regularly in such environments would be desirable to lessen privacy concerns, it should be noted that the network prefix portion of an address also serves as a constant identifier. All nodes at (say) a home, would have the same network prefix, which identifies the topological location of those nodes. This has implications for privacy, though not at the same granularity as the concern that this document addresses. Specifically, all nodes within a home could be grouped together for the purposes of collecting information. If the network contains a very small number of nodes, say just one, changing just the interface identifier will not enhance privacy at all, since the prefix serves as a constant identifier." * Added an informative reference to the dnsop issues draft. * I hope the problem statement above justifies the use of privacy addresses for ULAs * Added the following text specifying the conditions for DHCPv6 to be used for privacy "One way to avoid some of the problems discussed above is to use DHCPv6 [DHCPV6] for obtaining addresses. The DHCPv6 server could be configured to hand out addresses that change over time. But DHCPv6 will solve the privacy issue only if it frequently handed out constantly changing addresses to the nodes. Since this does not happen automatically, and is difficult to configure manually, DHCPv6 is not really suited for solving the privacy issues addressed by this document." * Removed the text about processing router advertisements and added a normative reference to rfc2462bis * Removed the v6 specific text in "Address Usage in IPv4 today" Let me know if these changes address your concerns. Thanks Suresh -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------