IETF Logo Mail Archive

Re: "RFC4941bis" and draft-gont-6man-non-stable-iids

Tim Chown <Tim.Chown@jisc.ac.uk> Wed, 19 July 2017 10:58 UTC

Return-Path: <tim.chown@jisc.ac.uk>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A13D812EA7C for <ipv6@ietfa.amsl.com>; Wed, 19 Jul 2017 03:58:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.32
X-Spam-Level:
X-Spam-Status: No, score=-4.32 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jisc.ac.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D8mSHJHOI814 for <ipv6@ietfa.amsl.com>; Wed, 19 Jul 2017 03:58:38 -0700 (PDT)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [146.101.78.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C42B12714F for <6man@ietf.org>; Wed, 19 Jul 2017 03:58:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc.ac.uk; s=mimecast20170213; t=1500461916; h=from:subject:date:message-id:to:cc:mime-version:content-type:content-transfer-encoding:in-reply-to:references; bh=mlylVVopCP0UQEC/4tvoDOaOIChu6KKo7ZHH4wPix8o=; b=gZRuLMZC7cEeRii4GGuq1dpm7zL868IMVYpo3gUJP78yOQCU920+I/wxhTOfj/96z467njzyLz7fzE9vB0QrGHbi2XPjUvkZj0PhAX54SWMQkwBEe7xfW2kNzif+rVYqPP5RsDZRPePyxVa+FtvmBtoWk5RAw1XOsZ43reziKVA=
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01lp0175.outbound.protection.outlook.com [213.199.154.175]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-59-BzsnIaosOPSPuT4hNvFM5w-1; Wed, 19 Jul 2017 11:58:34 +0100
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com (10.163.188.14) by AM3PR07MB451.eurprd07.prod.outlook.com (10.242.113.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1282.4; Wed, 19 Jul 2017 10:58:33 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::b8a2:fb24:484f:ba3]) by AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::b8a2:fb24:484f:ba3%13]) with mapi id 15.01.1282.011; Wed, 19 Jul 2017 10:58:33 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: Fernando Gont <fgont@si6networks.com>
CC: "6man@ietf.org" <6man@ietf.org>
Subject: Re: "RFC4941bis" and draft-gont-6man-non-stable-iids
Thread-Topic: "RFC4941bis" and draft-gont-6man-non-stable-iids
Thread-Index: AQHS/9WLcUlWmq4/K0ml7V6v7zatO6Ja/D+A
Date: Wed, 19 Jul 2017 10:58:33 +0000
Message-ID: <51F41F55-27B2-43BC-9199-FBE59B98BCFB@jisc.ac.uk>
References: <4d1ef3d1-1c21-ec76-7c1b-7bb0f5eaa805@si6networks.com>
In-Reply-To: <4d1ef3d1-1c21-ec76-7c1b-7bb0f5eaa805@si6networks.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3273)
x-originating-ip: [2001:67c:370:128:f4f2:7c6d:6820:d763]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM3PR07MB451; 20:xfCZHiRVmXEGtGGovUhOfFOimNHZ8WUQKm6Z1eSwY8WAlk2VJtSCgKaFEyJElmO/6spZ7fgNPH+UydWIBT5322yF7yOAoW9Dbsj/jkUQXSF+WfQ/uBCfqUvJKi0cUBliqSUgbaf3vRYICAn39uY8J9fKP2YB8APJIlpzXbZadjo=
x-ms-office365-filtering-correlation-id: 0309803b-9094-4a33-912d-08d4ce951962
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:AM3PR07MB451;
x-ms-traffictypediagnostic: AM3PR07MB451:
x-exchange-antispam-report-test: UriScan:(236129657087228)(192374486261705)(167848164394848)(247924648384137);
x-microsoft-antispam-prvs: <AM3PR07MB45164C8664CDA550CFD0B4AD6A60@AM3PR07MB451.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(5005006)(8121501046)(2017060910075)(10201501046)(100000703101)(100105400095)(93006095)(93001095)(3002001)(6041248)(20161123562025)(20161123558100)(20161123555025)(201703131423075)(201702281529075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123564025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM3PR07MB451; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM3PR07MB451;
x-forefront-prvs: 0373D94D15
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39450400003)(39410400002)(39400400002)(39840400002)(24454002)(14454004)(110136004)(38730400002)(2950100002)(42882006)(6512007)(6916009)(229853002)(2900100001)(102836003)(305945005)(5250100002)(53546010)(561944003)(53936002)(189998001)(6116002)(4326008)(33656002)(6486002)(6436002)(36756003)(76176999)(6506006)(50986999)(25786009)(99286003)(57306001)(6246003)(5660300001)(83716003)(50226002)(72206003)(8936002)(230783001)(74482002)(82746002)(86362001)(478600001)(2906002)(7736002)(81166006)(3660700001)(3280700002)(8676002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM3PR07MB451; H:AM3PR07MB1140.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-ID: <6029B4A12F75234D8F1B80E28964E7CF@eurprd07.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jul 2017 10:58:33.6861 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR07MB451
X-MC-Unique: BzsnIaosOPSPuT4hNvFM5w-1
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/k387FrXulQRdr2tDA1crn39eMmA>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 10:58:40 -0000

> On 18 Jul 2017, at 15:52, Fernando Gont <fgont@si6networks.com> wrote:
> 
> Folks,
> 
> Among the list of RFCs to be progressed to full std is/was RFC4941
> ("Privacy Extensions for Stateless Address Autoconfiguration in IPv6").
> 
> As it stands, RFC4941 has a number of issues:
> 
> * Using the same IID for multiple prefixes
> * Not changing the IID upon "security events" (including e.g., change in
> the underlying MAC address)
> * Using MD5 as opposed to something better
> * Requiring the use of temporary addresses along stable addresses
> (preventing use of temporary-only, for nodes that feel like)
> * Not treating IIDs as opaque values (see RFC7136)  when generating the
> randomized IIDs (see step 3 in section 3.2.1 of RFC4941)
> * Mandating one specific algorithm, when the same goals/properties can
> be achieved with multiple algorithms (see section 4 of
> draft-gont-6man-non-stable-iids-01)
> 
> 
> Based on the above, I personally don't think that it would make sense to
> progress RFC4941 to Internet Standard, but rather think that we should
> work on  a replacement of it -- our proposal being
> draft-gont-6man-non-stable-iids-01.
> 
> Thoughts?

Certainly any update on 4941 needs to be done in the light of a few deficiencies that have emerged over the years, and the publication of RFC7217.

I think it’s still possible to do a -bis off 4941.

Tim

v2.23.0 | Report a Bug | By Email