Hello,

the RFC 7217 specifies an algorithm for generating an IPv6 host address
that stays stable in a particular network but changes when the machine
enters another network to prevent tracking [1]. It works by hashing a
tuple of various parameters one of which is "secret_key" -- a secret
value specific to a particular machine.

[1] https://tools.ietf.org/html/rfc7217#section-5

This sounds a bit like machine-id, unfortunately given it's world
readable and available via DBus (and possibly on a network?) it doesn'tseem to 
be secret enough.

I'm wondering if it would make sense to reuse some of the tooling?
Would it make sense to extend systemd-machine-id-setup(1) to generate
one more identifier or maybe add another tool to set up the secret id?

Thoughts?

Thanks,
Lubo
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Reply via email to