draft-ietf-6man-rfc4291bis-06: RFC4941 and comment on stable addresses

Fernando Gont <fgont@si6networks.com> Sat, 21 January 2017 14:58 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id DF842129AD1 for <ipv6@ietfa.amsl.com>; Sat, 21 Jan 2017 06:58:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id dvBUx2pMO-v0 for <ipv6@ietfa.amsl.com>; Sat, 21 Jan 2017 06:58:46 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 542F2129A97 for <6man@ietf.org>; Sat, 21 Jan 2017 06:58:45 -0800 (PST)
Received: from [] (142-135-17-190.fibertel.com.ar []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id BE1E282B45; Sat, 21 Jan 2017 15:58:41 +0100 (CET)
To: "6man@ietf.org" <6man@ietf.org>
From: Fernando Gont <fgont@si6networks.com>
Subject: draft-ietf-6man-rfc4291bis-06: RFC4941 and comment on stable addresses
X-Enigmail-Draft-Status: N1110
Message-ID: <2a65f642-e339-8bb1-229a-be589d818635@si6networks.com>
Date: Sat, 21 Jan 2017 11:54:25 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/YLTWqsQr-HEjzDjvQ9N203V81uI>
Cc: draft-ietf-6man-rfc4291bis@tools.ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Jan 2017 14:58:48 -0000


Just happened to take a look at the I-D and have two comments:

1) The doc says:
"  The details of forming interface identifiers are defined in other
   specifications, such as "Privacy Extensions for Stateless Address
   Autoconfiguration in IPv6" [RFC4941] or "A Method for Generating
   Semantically Opaque Interface Identifiers with IPv6 Stateless Address
   Autoconfiguration (SLAAC)"[RFC7217]. "

While the text is not really incorrect, this one being a bis document to
move rfc4291 to full std, referencing RFC4941 as is has two problems:

  1) It would change the current operating model, where nodes employ
     stable addresses -- in which temp addresses are *additional*
     (to stable addresses) and an optional feature

  2) Referenced "as is", it would seem that RFC4941 is an alternative
     to stable addresses, but as already discussed on this list, RFC4941
     is specified such that temporary addresses are generated in
     addition to the stable ones.

Side comment:

The Security Considerations states:
"  One area relavant to IPv6 addressing is privacy.  IPv6 addresses can
   be created using interface identifiers constructed with unique stable
   tokens.  The addresses created in this manner can be used to track
   the movement of devices across the Internet."

Based on the terminology in RFC7721, it is *constant* tokens (not
stable) that would allow traking across the Internet.


Best regards,
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492