> For the record, this document doesn't address my feedback. > > Most of the I-D is about how to generate a random number. > > If you need a PRNG, just require implementations to implement one. Your > workaround is to get into the same level of complexity to produce a PRNG that > wil be employed just by the stack -- if you're ging to implement one, make it > available to all apps/functions (rather than reinvent the wheel at every module > that needs a PRNG).
JFYI: if you check the algorithm, when stable storage is in use, they also need to implement a PRNG in addition to use a stack. I have already discussed about the complexity in my last email. obtaining timestamp from the system, generating a random number using timestamp as a seed and call it modifier or whatever and then applying SHA256 on (timestamp, prefix, modifier) is not complex. For using a default value in history, the system need to generate random number anyway. While after that it needs stack in RFC 4941, but with my update it only needs that PRNG. Second, I did not say that the implementation cannot use the stable storage. This way is only "RECOMMENDED" but no force to implement this and the implementers can keep their first approach. But, what is clear here is the probability of an attacker to find the history value in order to guess the next IID of the node is more than using my approach which is completely random. This is because I do not need to keep any value anywhere in the node and modifier every time can be new value. > There's still lots of text that could/should be removed throughout the document > -- for instance, you need to get deep into the Abstract to see what the > document is trying to solve (I bet you might even get a id-nits warning as a > result of the large Abstract?). No, I didn't. It passed without any problem! My abstract is explaining what I plan to address in the whole document. There is no problem to shorten it as well. > I won't comment further, but just wanted to note that my comments have not > been addressed, since you've stated that they have. You usually do not apply the comments that you are not convinced about and have already explained your reason as to why you are not agree. This is the same case for your comments on PRNG. To be more clear, here is your comments which I applied: http://www.ietf.org/mail-archive/web/ipv6/current/msg18732.html Thanks, Hosnieh -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
