In your previous mail you wrote: > > => this point is supposed to be solved by RFC 3484 and related APIs but: > > - the private/public address switch (rule 7) is not in the policy table > > - related APIs assume that every applications were changed in order to > > use them (so they are nearly useless). There is a proposed socket API for this which I think is more useful.
=> this API assumes that every applications are changed in order to use it. IMHO something in the context of applications should be more useful (in the context == in environment variables, for instance). My main concern with applications and privacy addresses are applications that get all addresses on an interface and then pass one or more of those at the application layer to someone else (e.g. referrals). How does it know which to pass. When an application gets a list of all addresses on an interface, how does it determine which are privacy addresses and which are not. => I believe that low end mechanisms can give this information (i.e., it can be in given flags when addresses are dumped). I also believe it would be useful to have a way the kernel can tell an app that the addresses on an interface has changed. This would be useful for privacy addresses and also for renumbering. E.g. something like the netlink socket stuff which some systems use to tell applications of routing changes. => PF_ROUTE has this. BTW I believe it is better to have a more abstract view: managing addresses at this level is very (too?) painful... Regards [EMAIL PROTECTED] -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
