> Blue sky: Could the SP allow privacy addresses, at least for global use, and > log its own mappings between privacy > addressses and MACs or other persistent identifiers? Then it can always > trace back to determine who did what if necessary.
That's more or less what Windows does by default. The persistent address is not derived from the MAC, but from a hash of the prefix and the MAC id. Like a privacy address, it does not expose the MAC. Unlike a privacy address, its lifetime is as long as the routers will allow. This means nodes have a stable address in the corporate network, and can be easily traced within that network. But they get different addresses when they move around, and cannot be easily traced by third parties. -- Christian Huitema -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------