On Tuesday 17 January 2006 07:21, Ray Lai wrote: > On Tue, Jan 17, 2006 at 01:11:29AM -0600, Travers Buda wrote: > > Ipv6 allows for stateless configuration of a interface. The IEEE > > (aka MAC or hardware address) is generally used to generate > > tentative addresses which commonly end up being the assigned > > address provided stateful addressing does not exist on the network > > (such as DHCP.) This is the case in OpenBSD's import of KAME. > > > > Since the same method to generate an IP is used over an over (the > > host has an unchanging, persistant address,) the traffic generated > > and recieved by hosts would be open to many forms of analysis not > > necessairly confined to the computing world. For example, when some > > is at home, at work; what they access could be more easily tied to > > them (and the hardware they use,) decreasing anonymity. > > > > The problem and solution are outlined in RFC 3041. > > http://www.ietf.org/rfc/rfc3041.txt > > > > The solution is to use random data to generate ipv6 stateless > > addresses. > > > > Trying to be productive and not an asshole, > > Is there a question? > > If you wish to generate random ipv6 stateless addresses, > ``jot -rs: -w%.2x 6 0 255'' and ifconfig(8) work. > > -Ray-
I'm suggesting it as the default behavior. Ya' know, secure by default. Travers Buda
