Re: Status of Privacy Extensions for Stateless Address Autoconfiguration in IPv6
Fernando Gont <fernando@gont.com.ar> Thu, 02 April 2020 13:47 UTC
Return-Path: <fernando@gont.com.ar>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B8D83A129C for <ipv6@ietfa.amsl.com>; Thu, 2 Apr 2020 06:47:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q5RCDzagB4qv for <ipv6@ietfa.amsl.com>; Thu, 2 Apr 2020 06:47:43 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 391A23A129A for <ipv6@ietf.org>; Thu, 2 Apr 2020 06:47:43 -0700 (PDT)
Received: from [192.168.0.10] (unknown [181.45.84.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id A31E883B44; Thu, 2 Apr 2020 15:47:38 +0200 (CEST)
Subject: Re: Status of Privacy Extensions for Stateless Address Autoconfiguration in IPv6
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Cc: ipv6@ietf.org
References: <02C1F5E2-2CA6-4555-8623-D11E82A0B4E7@gmail.com> <b36015ea-6de5-f562-1328-0a047b1ad6ee@gmail.com> <2931a700-51e9-88bf-a3a6-113b3bdeaaa4@gmail.com> <007cd7e4-6a37-604b-2c25-940cfb2f0e79@si6networks.com> <aec5b715-8690-1922-8ec1-90b9de5a53a7@gmail.com> <0c6cd194-82d3-9b46-62a6-5aed9ee17715@gmail.com> <898c6a5b-2bf5-3bc0-f716-41f6e0ac60d9@gont.com.ar> <3e77d493-4d87-1d70-b69b-5f78c7424690@gmail.com> <5b01eaea-ff09-a771-f4ae-8ffcc5d18b07@gont.com.ar> <69c9b8b8-f945-aafd-4da0-899c1d49e7f3@gmail.com>
From: Fernando Gont <fernando@gont.com.ar>
Message-ID: <f50bd922-447c-ce50-c0a5-7a8fedbd8475@gont.com.ar>
Date: Thu, 02 Apr 2020 10:47:25 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <69c9b8b8-f945-aafd-4da0-899c1d49e7f3@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Jn8q9doMnyaOeRt5l4mngN-gvkg>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Apr 2020 13:47:45 -0000
On 2/4/20 10:32, Alexandre Petrescu wrote: > > Le 02/04/2020 à 15:16, Fernando Gont a écrit : >> Alexandre, >> >> On 2/4/20 09:54, Alexandre Petrescu wrote: >>> Le 02/04/2020 à 14:39, Fernando Gont a écrit : >>>> On 2/4/20 09:25, Alexandre Petrescu wrote: >>>>> would it it be possible to specify this: >>>>>> However, the method discussed in >>>>>> this document could be employed for generating Interface >>>>>> IDs >>>>>> of any arbitrary length, albeit at the expense of reduced >>>>>> entropy (when employing Interface IDs smaller than 64 >>>>>> bits) or enhanced entropy (when IID len longer than 64) >>>>> >>>>> (note 'IID longer than 64') >>>> >>>> Not sure what you mean. >>>> 1) That's of course implied >>>> 2) 2**64 is enough entropy for this kind of thing. Why would anyone >>>> do that?? >>>> >>>> I miss the point you are trying to make... >>> >>> At some point you say less than 64 entropy might not be enough, and >>> that a limit is not clear. >> >> Nope neither me nor the document says that. The document says the >> obvious: the algorithm does not have any inherent requirement >> regarding the IID length. Of course, if you change the IID length, you >> change the entropy (the search space). (e.g., if you reduced the IID >> length, the entropy would be reduced). >> >> >>> But similarly, more than 64 entropy might be more than enough - you >>> just dont say it. >> >> Let me put it bluntly: even 32 bits would be more than enough for this. > > Yes, write that down. I agree with you. I do not know why not writing > it down. Because this is not a document to discuss IID lengths. The current specs mandate /64. If that's changed, such document should do the appropriate analysis. There's no reason for this document to do that. >>> You say 'it is implied', but there is silence, actually. >>> >>> There is nothing in I-D RFC4941bis, nor in RFC7421, that talks about >>> IID length longer than 64. >> >> 1) The current architecture doesn't have such a thing > > All IPv6-over-foo docs request it, and the IPv6 Addr Arch requests it. Exactly. There's no point in getting into a discussion about something that's not even allowed in the current specs. [...] >> 2) I personally don't think anybody would even think about IIDs longer >> than 64 bits. 64-bit IIDs already waste a big part of the address space. > > ?? No, I dont think so. > > I personally think IIDs longer than 64bit are absolutely necessary in > some contexts. A SLAAC where a router that advertises a /56 in an RA, > might need the Host to form a 72bit IID. Write a draft, and propose that change. Until that, this document need to stick to existing specs. Thanks, -- Fernando Gont e-mail: fernando@gont.com.ar || fgont@si6networks.com PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
- Status of Privacy Extensions for Stateless Addres… Bob Hinden
- Re: Status of Privacy Extensions for Stateless Ad… Brian E Carpenter
- Re: Status of Privacy Extensions for Stateless Ad… Alexandre Petrescu
- Re: Status of Privacy Extensions for Stateless Ad… Fernando Gont
- Re: Status of Privacy Extensions for Stateless Ad… Alexandre Petrescu
- Re: Status of Privacy Extensions for Stateless Ad… Alexandre Petrescu
- Re: Status of Privacy Extensions for Stateless Ad… Alexandre Petrescu
- Re: Status of Privacy Extensions for Stateless Ad… Fernando Gont
- Re: Status of Privacy Extensions for Stateless Ad… Fernando Gont
- Re: Status of Privacy Extensions for Stateless Ad… Alexandre Petrescu
- Re: Status of Privacy Extensions for Stateless Ad… Alexandre Petrescu
- Re: Status of Privacy Extensions for Stateless Ad… Fernando Gont
- Re: Status of Privacy Extensions for Stateless Ad… Alexandre Petrescu
- Re: Status of Privacy Extensions for Stateless Ad… Fernando Gont
- Re: Status of Privacy Extensions for Stateless Ad… Alexandre Petrescu