Dear all, I have considered your comments and updated our draft rfc accordingly. Feel free to add further comments.
Thank you, Hosnieh Filename: draft-rafiee-6man-ssas Revision: 01 Title: A Simple Secure Addressing Generation Scheme for IPv6 AutoConfiguration (SSAS) Creation date: 2013-01-21 WG ID: Individual Submission Number of pages: 15 URL: http://www.ietf.org/internet-drafts/draft-rafiee-6man-ssas-01.txt Status: http://datatracker.ietf.org/doc/draft-rafiee-6man-ssas Htmlized: http://tools.ietf.org/html/draft-rafiee-6man-ssas-01 Diff: http://www.ietf.org/rfcdiff?url2=draft-rafiee-6man-ssas-01 Abstract: The default method for IPv6 address generation uses a organitionally unique identifier assigned by the IEEE Standards Association and the extension identifier by the hardware manufacturer [1] (section 2.5.1 RFC-4291) [RFC4291]. This means that a node will always have the same Interface ID (IID) whenever it connects to a new network. Because the node's IP address does not change, the node is vulnerable to privacy related attacks. To address this issue, there are currently two mechanisms in use to randomize the IID, Cryptographically Generated Addresses (CGA) [RFC3972] and Privacy Extension [RFC4941]. The problem with the former approach is the computational cost involved for the IID generation and verification. The problem with the latter approach is that it lacks security and offers only partial protection to the node against privacy related attacks. This document offers a new algorithm for use in the generation of the IID while, at the same time, securing the node against some types of attack, like IP spoofing. These attacks are prevented by the addition of a signature to the messages sent over the network and by directly using a public key in the IP address. The IETF Secretariat -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------