> On 21 Mar 2016, at 13:05, Thomas Haller <thal...@redhat.com> wrote: > > On Mon, 2016-03-21 at 08:43 -0400, Stuart D. Gathman wrote: >> On Mon, 21 Mar 2016, Xen wrote: >> >>> First of all, a random non-reusable address is clearly a bag of >>> nonsense, as >>> you indicate. That's no sane method of doing anything. Think of a >>> programming stack, queue or list. You want the queue, stack or list >>> to >>> remain in an elegant state, for instance that indices keep starting >>> at 0 and >>> that the first element is at index 0. You don't want a runaway >>> system where >>> the indices become higher and higher constantly but you expect not >>> to run >>> into trouble because you have reserved 64-bit for them. >>> >>> Maybe I'm assuming, perhaps. Then enlighten me. >> The privacy feature is optional. When used, it is used only for >> outgoing connections from the device. There is still a fixed IP6 >> that >> can be given out to things that need to connect to it. It is >> generally >> a good idea not to use SLAAC if privacy is a concern, as that exposes >> your MAC and can be tracked across multiple locations (e.g. if coffee >> shops all had IP6 but no DHCP6, then your device would be recognized >> at each coffee shop). > > Note that there are also private stable addresses: > https://tools.ietf.org/html/rfc7217 > https://blogs.gnome.org/lkundrak/2015/12/03/networkmanager-and-privacy-in-the-ipv6-internet/ >
There are further complications arising from ISP disconnection or prefix renumbering. Homenet rfcs discuss the use of ULAs (similar in concept to rfc 1918 addresses) to handle the startup situation of building a house before its connected to an ISP, but providing multiple /48 subnets that can be routed between so that the installed hosts can communicate. I’d not expected prefixes to change often, but discussion with ISPs that are rolling out IPv6 show that this will be standard practice. Homenet covers this too, including automated dns updates. An open issue to me is how the OS apis would need to be changed to work with varying source routeing (each host will have several IPv6 addresses, with varying latency, bandwidth and monetary costs. I think that the use of per host certficates will also need some work to avoid spoofing in the face of multiple IP addresses, while not making it too hard for a consumer to replace a host (e.g. a room thermometer, or the mote monitoring a tyre on her car). The current state of homenet has no security model, and the general experience of the development of security models in the computer industry has not been good. tc
_______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
