Hi, Brian, On 15/03/2011 07:16 p.m., Brian E Carpenter wrote: >>> I agree. I sort of accept that an ISP can know my addresses in use, in >>> part because they gave them to me. However, for an ISP to not let me >>> choose if I want to use privacy addresses on the Internet would >>> be completely unacceptable. >> >> Why would you find it acceptable to have the ISP assign you the complete >> address e.g. with DHCP, then? > > In the context of a user requiring privacy protection, it isn't acceptable.
Then what's all this controversy with draft-gont-6man-managing-privacy-extensions? :-) -- That aside, there have been quite a few publications asessing the real "privacy" provided with the so-called privacy-extensions.... > As far as I know, what the ISP will assign is a prefix; the individual > host addresses are locally assigned by the CPE. Yep, sorry. I meant "CPE", not "ISP". > Thus, in an Internet cafe, a user using privacy addresses can be traced > to the cafe but no further, even if the cafe is also using DHCP to > assign addresses. If your threat model is that the CPE is maliciously recommending hosts not to use privacy addresses, the CPE might as well claim that DHCP is needed, and assign to each host an IPv6 address that is based on the EUI-64 of that host... P.S.: Bottom-line is: This is about improving the manageability of the address generation policy. Thus, even if different systems have different defaults, a router can provide advice such that they all employ the same address generation policy (whether EUI-64, privacy addresses, or whatever). Thanks, -- Fernando Gont e-mail: ferna...@gont.com.ar || fg...@acm.org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------