Re: 3484bis and privacy addresses

JINMEI Tatuya / 神明達哉 <jinmei@isc.org> Tue, 03 April 2012 17:44 UTC

Return-Path: <jinmei@isc.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5739921F8608 for <ipv6@ietfa.amsl.com>; Tue, 3 Apr 2012 10:44:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.601
X-Spam-Level:
X-Spam-Status: No, score=0.601 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AmmQm5HEV8yz for <ipv6@ietfa.amsl.com>; Tue, 3 Apr 2012 10:44:46 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) by ietfa.amsl.com (Postfix) with ESMTP id D461E21F8606 for <ipv6@ietf.org>; Tue, 3 Apr 2012 10:44:46 -0700 (PDT)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mail.isc.org", Issuer "RapidSSL CA" (not verified)) by mx.pao1.isc.org (Postfix) with ESMTPS id 14D69C9428; Tue, 3 Apr 2012 17:44:37 +0000 (UTC) (envelope-from jinmei@isc.org)
Received: from jmb.jinmei.org (99-105-57-202.lightspeed.sntcca.sbcglobal.net [99.105.57.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id 95EBA216C31; Tue, 3 Apr 2012 17:44:36 +0000 (UTC) (envelope-from jinmei@isc.org)
Date: Tue, 03 Apr 2012 10:44:35 -0700
Message-ID: <m2wr5wu2v0.wl%jinmei@isc.org>
From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isc.org>
To: Dave Thaler <dthaler@microsoft.com>
Subject: Re: 3484bis and privacy addresses
In-Reply-To: <9B57C850BB53634CACEC56EF4853FF653B4F1217@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com>
References: <4F716D5C.40402@innovationslab.net> <4F71F217.7000209@globis.net> <9B57C850BB53634CACEC56EF4853FF653B4F1217@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com>
User-Agent: Wanderlust/2.14.0 (Africa) Emacs/22.1 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset=US-ASCII
Cc: Ray Hunter <Ray.Hunter@globis.net>, Brian Haberman <brian@innovationslab.net>, "ipv6@ietf.org" <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 17:44:47 -0000

At Mon, 2 Apr 2012 23:43:57 +0000,
Dave Thaler <dthaler@microsoft.com> wrote:

> I prefer B, and this is what most existing implementations of RFC 3484 seem to already do (i.e., they follow the MAY not the SHOULD) whenever privacy addresses are enabled.  I have yet to hear of an implementation of RFC 3484 that actually follows the SHOULD (A) rather than the MAY (B), but maybe someone on this list knows of one.

When we first implemented RFC3484 for BSD variants at the KAME project
we followed the SHOULD and preferred public (non temporary) addresses
by default.  From a quick look it doesn't change, e.g., in the most
recent version of FreeBSD:
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/in6_src.c?rev=1.87;content-type=text%2Fx-cvsweb-markup
		 /*
		 * Rule 7: Prefer public addresses.
		 * We allow users to reverse the logic by configuring
		 * a sysctl variable, so that privacy conscious users can
		 * always prefer temporary addresses.
		 */

---
JINMEI, Tatuya
Internet Systems Consortium, Inc.