IETF Logo Mail Archive

Re: Disabling temporary addresses by default?

Tim Chown <Tim.Chown@jisc.ac.uk> Wed, 29 January 2020 10:08 UTC

Return-Path: <tim.chown@jisc.ac.uk>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6269E120821 for <ipv6@ietfa.amsl.com>; Wed, 29 Jan 2020 02:08:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jisc.ac.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GO69C_G1qv6D for <ipv6@ietfa.amsl.com>; Wed, 29 Jan 2020 02:08:10 -0800 (PST)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [207.82.80.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 222BD120130 for <ipv6@ietf.org>; Wed, 29 Jan 2020 02:08:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc.ac.uk; s=mimecast20170213; t=1580292488; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=N63Zvh04PMPd0uWOkvzdEddcriAHxhoWXR3Px5mptHo=; b=Z1A6i8U2qt1+Y39gaDfgO7Dk9gpeRHWGAstEwAdo/GGBXjNj5xquRVUc3BugnQLAbctqNP 5VOFOYqeEL6u47xVCi6G8NqabKnjeW26oJjVTVGuZ8oa2bb+PxxUmqMfPF+0AGf5bvnTL/ DVLNIzlTBsLwl63aazulusmdHsjdPuY=
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05lp2109.outbound.protection.outlook.com [104.47.18.109]) (Using TLS) by relay.mimecast.com with ESMTP id uk-mta-38-bEbMNRm_PMKO0VBeVHsAXg-1; Wed, 29 Jan 2020 10:08:04 +0000
Received: from AM5PR0701MB2849.eurprd07.prod.outlook.com (10.168.153.149) by AM5PR0701MB2466.eurprd07.prod.outlook.com (10.169.153.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.14; Wed, 29 Jan 2020 10:08:03 +0000
Received: from AM5PR0701MB2849.eurprd07.prod.outlook.com ([fe80::1446:7407:4077:14a4]) by AM5PR0701MB2849.eurprd07.prod.outlook.com ([fe80::1446:7407:4077:14a4%9]) with mapi id 15.20.2686.025; Wed, 29 Jan 2020 10:08:03 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: "otroan@employees.org" <otroan@employees.org>
CC: Lorenzo Colitti <lorenzo@google.com>, 6man WG <ipv6@ietf.org>
Subject: Re: Disabling temporary addresses by default?
Thread-Topic: Disabling temporary addresses by default?
Thread-Index: AQHV1oMVhiSoAQPp5U+BAt5Lex9KYqgBavQA
Date: Wed, 29 Jan 2020 10:08:02 +0000
Message-ID: <A9182ABC-9E5D-4F7F-808E-ED461367D1F8@jisc.ac.uk>
References: <03C832CE-7282-4320-BF1B-4CB7167FE6BE@employees.org> <DE7B0688-230F-4A5C-8E24-9EAED9FD9FEB@puck.nether.net> <AFEBAD7D-DF24-4924-8B9A-60DF22BA1953@consulintel.es> <c42affce-fbd3-23ec-c9ff-4f05cdf38630@si6networks.com> <41173152-A8E8-4241-9DE7-376AA7AFB813@consulintel.es> <c4166907-b6c9-a4ef-fd59-cf539bbe0405@si6networks.com> <43D76C96-C16B-4BEB-B9B8-C68D53BCE63F@fugue.com> <fb5b8377-892d-2777-ef9b-4f9ddefa6c93@si6networks.com> <CAKD1Yr034_tu7ZoJ1FCfDYhNSN6igm-ZQyR4u3U+UDMr=huGOw@mail.gmail.com> <1af0b06d-f9d7-5ea1-27f3-b417eb9148fa@si6networks.com> <7606A049-318D-4526-917D-F2A801BF7050@cisco.com> <CAKD1Yr1d9kORFdoOJr22J_UDJ9hLPr6AQLyWuh7=bAQKa+aXGw@mail.gmail.com> <MN2PR11MB356588FC3E8A6410B725D159D80A0@MN2PR11MB3565.namprd11.prod.outlook.com> <CAKD1Yr35meRGh_POo_2jrHA_oazO1xUOG5G_rx43xNLFYHQsMQ@mail.gmail.com> <MN2PR11MB356526F01CAE1CADEF8E4472D80A0@MN2PR11MB3565.namprd11.prod.outlook.com> <CAKD1Yr0-rmyzz3y1d+pCpA0+tGuhSdjojaJovXUzVuyx6UdeLA@mail.gmail.com> <98179a48-8d86-4673-6c82-fc0022988862@foobar.org> <F84FEFAF-1F78-47D4-B3E0-981DCFD0CB58@employees.org> <CAKD1Yr11_SSUkCBuQ3-h+eRg0LPZQdhe+h7f0YZy9TiyRWj6mw@mail.gmail.com> <30A6C187-EB5F-427A-BAC6-BB847A288F7B@employees.org>
In-Reply-To: <30A6C187-EB5F-427A-BAC6-BB847A288F7B@employees.org>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.40.2.2.4)
x-originating-ip: [2001:a88:d510:1101:e1d2:4e81:9137:e0d]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e41f43c4-d3eb-4bb0-511a-08d7a4a320ae
x-ms-traffictypediagnostic: AM5PR0701MB2466:
x-microsoft-antispam-prvs: <AM5PR0701MB2466928253C8219ECE92DF31D6050@AM5PR0701MB2466.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 02973C87BC
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(366004)(396003)(346002)(376002)(39850400004)(199004)(189003)(6512007)(33656002)(91956017)(2906002)(66946007)(36756003)(76116006)(4326008)(86362001)(6486002)(786003)(478600001)(2616005)(5660300002)(6916009)(316002)(53546011)(6506007)(66556008)(66476007)(66446008)(64756008)(71200400001)(8936002)(54906003)(186003)(81166006)(81156014)(8676002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM5PR0701MB2466; H:AM5PR0701MB2849.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IYswIoi9/XxZ8Fe98FkfK8BkrmFF1ygeMgMT2MaOf9QcVbShFt+1IVmjSCIPQKItZ5JGWcBreunsn2qdhRxR+/cDbTsDQ24fvZ1pRuNI2QxYRv5T1X9Wj1v1PlNH8NfvwZtVjMolEXFFWs0OkpzlmZjifaScx/jJ6JhZJwDGQsN0opbjL2T/kj4ezI54jWMG2Seu+nikdWX2gnZoLlhJYM5bHeq5I5+L+3vCyNH5O+KXaQQWaho1VY0hp4+NK7PXKhubv8OH7QFhJ5IkAa7gczZWu/5grnwViSXBe0y0h5d4CEmlMh5XUwXuVZndNWv3D6Y0vNL01fsQNvcXDBF1sLZLG0cG9ceNNOr/NdFNCAZyFrXnXV4H61USuQ3hx1lFLwDF73B+Jw0AWEhqfyFTTO1hWnIVtCv7GG5m41Gj2iPsFBWy+eKCXloO6wfWd/mDKTEkt50rmuJXVJQsd0z3fkB8V9OpCQ6PcmQPtZkknCXG4f6vyewcWu8v+dXKhFbKYlBgTeKro3QkgVDlEx9ltw==
x-ms-exchange-antispam-messagedata: NYrL9lZ+ujeqp5UTw6TWM6tOkmji2DW13LESPG/9UX9SX8tGUigOWgy1Vxm8DfsXTwNyHwb7FRqLXIjulxqg4qpyMfEmWxHI+Clazp+Bd3ictiHcc5IbvS4c5s9pv5nwfsXpSVxbP9DeDP0B3rbY6GwrvRDgXGvG3FanZSFz00l+89076etL2Dn5jlMlkNHqMkDYDqDMXXnIufpf+edNHw==
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: e41f43c4-d3eb-4bb0-511a-08d7a4a320ae
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jan 2020 10:08:02.9734 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: XHJfIYIwR9icUrSwcCk2p/JGG3+0C08xwq0JTuKzS+UjqQUtjnWQSeyT++1EGaYTY04RQwl0l0e8MakeYIO8Fw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0701MB2466
X-MC-Unique: bEbMNRm_PMKO0VBeVHsAXg-1
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: jisc.ac.uk
Content-Type: multipart/alternative; boundary="_000_A9182ABC9E5D4F7F808EED461367D1F8jiscacuk_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/7QO8AG3SiQOC_mzqwddsonNR8uE>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jan 2020 10:08:12 -0000

On 29 Jan 2020, at 09:04, otroan@employees.org<mailto:otroan@employees.org> wrote:

<snip>

The current (draft standard) text in 4941 is:
  "Consequently, the use of temporary addresses SHOULD be disabled by
  default in order to minimize potential disruptions.  Individual
  applications, which have specific knowledge about the normal duration
  of connections, MAY override this as appropriate."

I would like to understand the rationale for removing that text.
Note, 4941bis in it's current form does not have an opinion regarding a default.

Well, in practice some OSes do not follow that SHOULD, but the use or non use is typically governed by the scenario; there is no one-size-fits-all default here, e.g., data centre servers vs users in coffee shops.

RFC 6724 says nothing about the default, being just about address selection not generation, but that "For source address selection, temporary addresses [RFC4941<https://tools.ietf.org/html/rfc4941>] are preferred over public addresses."

RFC 8504 also says nothing about the default, but does say that "devices implementing this specification MUST provide a way for the end user to explicitly enable or disable the use of such temporary addresses.”

So together in principle any user can enable privacy addresses and in doing so they will be preferred over non-temporary addresses.

Tim

v2.23.0 | Report a Bug | By Email