On 12/03/2011 09:44 p.m., Christian Huitema wrote: >> It doesn't. The I-D aims at allowing routers specify which policy >> they want hosts to employ when generating their IPv6 addresses. > > Uh? I definitely don't want to give the router at Starbucks the means > to specify the privacy configuration of my laptop.
Override the advice provided by the router at Starbucks, and you're done (e.g., I guess this could even be automatically done by the OS depending on how you tag the network you're connecting to (e.g., Public, Home, whatever)). > If we want policy options to be applied safely, they have to be > propagated by trusted mechanism, where the host can verify the > authority of the policy source. Anything else is abuse waiting to > happen. The threat model for this case is no different to that for ND in general... Thanks, -- Fernando Gont e-mail: ferna...@gont.com.ar || fg...@acm.org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------