Re: [v6ops] Interesting problems with using IPv6
Owen DeLong <owen@delong.com> Sat, 13 September 2014 03:25 UTC
Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1198A1A02D1 for <v6ops@ietfa.amsl.com>; Fri, 12 Sep 2014 20:25:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.643
X-Spam-Level:
X-Spam-Status: No, score=-2.643 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, DKIM_SIGNED=0.1, RP_MATCHES_RCVD=-1.652, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GAtbHXZgHvBU for <v6ops@ietfa.amsl.com>; Fri, 12 Sep 2014 20:25:14 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id AE2091A02BC for <v6ops@ietf.org>; Fri, 12 Sep 2014 20:25:14 -0700 (PDT)
Received: from [10.5.16.184] ([209.63.144.18]) (authenticated bits=0) by owen.delong.com (8.14.2/8.14.2) with ESMTP id s8D3O6gH000684 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 12 Sep 2014 20:24:07 -0700
X-DKIM: Sendmail DKIM Filter v2.8.3 owen.delong.com s8D3O6gH000684
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=delong.com; s=mail; t=1410578647; bh=NRjro0OsnAAy9WwsLPBqXSU9X1w=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc: Content-Transfer-Encoding:Message-Id:References:To; b=f54w6ougQCyrx4bTnGmRSFEm9xyCbIrXr8DTz77aU+1R/JPrlks2qEdZGKNKai+p2 GkhJZ/NiiAPOT4nmnmpxJqYSUyXyP/j1ibcthu8zgVfy+50TPZ+2/p/8VhCs7g4sII KgaQ1LFQoCTifiNAhgGpcvpeaHzet+/X9OUownSY=
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <5413A448.2030104@gont.com.ar>
Date: Fri, 12 Sep 2014 20:23:39 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <0E61F8D0-22C6-4E37-93E2-9D9B13254055@delong.com>
References: <1410082125488.85722@surrey.ac.uk> <540CB702.3000605@gmail.com> <20140908183339.GB98785@ricotta.doit.wisc.edu> <540E26D9.3070907@gmail.com> <1410227735.13436.YahooMailNeo@web162204.mail.bf1.yahoo.com> <540ECB9E.9000102@foobar.org> <CAKD1Yr1_sCLHv=D3MeCe47Fa0dxXTXH5B+=wOKpvmEDFkJFiZw@mail.gmail.com> <75B6FA9F576969419E42BECB86CB1B89155AF364@xmb-rcd-x06.cisco.com> <20140909142226.GP15839@angus.ind.WPI.EDU> <101C89B1-019B-4E51-B869-FABC534E6D3D@delong.com> <5413A448.2030104@gont.com.ar>
To: Fernando Gont <fernando@gont.com.ar>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/oMKIyMA8wsiLnzPuhNEQKijr3bI
Cc: v6ops@ietf.org
Subject: Re: [v6ops] Interesting problems with using IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Sep 2014 03:25:16 -0000
On Sep 12, 2014, at 6:56 PM, Fernando Gont <fernando@gont.com.ar> wrote: > On 09/12/2014 07:33 PM, Owen DeLong wrote: >> A potential improvement could be if privacy addressing created a >> persistent random lower 24 bits and only rehashed the upper 40 bits >> of the suffix with each address rotation. In that way, you’d only >> have ~2 ND multicast groups per host. > > That would break the sole purpose of privacy addresses. If the lower > 24-bits are kept the same, an attacker can correlate the activities of a > node along time. The purpose of privacy addresses is broken by so many things as to render them an absurd waste in general. We’ve had this argument before. We’ve agreed to disagree before. I suppose another viable solution would be to require all privacy addresses to use a common lower 24 bit string. In this way, you’d still have anonymity within the subnet which is all you really get from privacy addresses to begin with. Owen
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Mark ZZZ Smith
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Fernando Gont
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Philip Homburg
- Re: [v6ops] Interesting problems with using IPv6 Nick Hilliard
- Re: [v6ops] Interesting problems with using IPv6 Tore Anderson
- Re: [v6ops] Interesting problems with using IPv6 Nick Hilliard
- Re: [v6ops] Interesting problems with using IPv6 Lorenzo Colitti
- Re: [v6ops] Interesting problems with using IPv6 Hemant Singh (shemant)
- Re: [v6ops] Interesting problems with using IPv6 Chuck Anderson
- Re: [v6ops] Interesting problems with using IPv6 Fernando Gont
- Re: [v6ops] Interesting problems with using IPv6 Hemant Singh (shemant)
- Re: [v6ops] Interesting problems with using IPv6 Andrew 👽 Yourtchenko
- Re: [v6ops] Interesting problems with using IPv6 Hemant Singh (shemant)
- Re: [v6ops] Interesting problems with using IPv6 Andrew 👽 Yourtchenko
- Re: [v6ops] Interesting problems with using IPv6 Brian Haberman
- Re: [v6ops] Interesting problems with using IPv6 神明達哉
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Fernando Gont
- Re: [v6ops] Interesting problems with using IPv6 Fernando Gont
- Re: [v6ops] Interesting problems with using IPv6 Fernando Gont
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Fernando Gont
- Re: [v6ops] Interesting problems with using IPv6 Andrew 👽 Yourtchenko
- Re: [v6ops] Interesting problems with using IPv6 Brian Haberman
- Re: [v6ops] Interesting problems with using IPv6 Brian Haberman
- Re: [v6ops] Interesting problems with using IPv6 Brian Haberman
- Re: [v6ops] Interesting problems with using IPv6 Andrew 👽 Yourtchenko
- Re: [v6ops] Interesting problems with using IPv6 Fernando Gont
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 joel jaeggli
- Re: [v6ops] Interesting problems with using IPv6 Brian Haberman
- Re: [v6ops] Interesting problems with using IPv6 Ray Hunter
- Re: [v6ops] Interesting problems with using IPv6 Erik Nordmark
- Re: [v6ops] Interesting problems with using IPv6 Owen DeLong
- Re: [v6ops] Interesting problems with using IPv6 Chuck Anderson
- Re: [v6ops] Interesting problems with using IPv6 Fernando Gont
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Owen DeLong
- Re: [v6ops] Interesting problems with using IPv6 Owen DeLong
- Re: [v6ops] Interesting problems with using IPv6 Sander Steffann
- Re: [v6ops] Interesting problems with using IPv6 Bernie Volz (volz)
- Re: [v6ops] Interesting problems with using IPv6 Sander Steffann
- Re: [v6ops] Interesting problems with using IPv6 Owen DeLong
- Re: [v6ops] Interesting problems with using IPv6 Owen DeLong
- Re: [v6ops] Interesting problems with using IPv6 Mark ZZZ Smith
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Mikael Abrahamsson
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Erik Nordmark
- Re: [v6ops] Interesting problems with using IPv6 Nick Hilliard
- Re: [v6ops] Interesting problems with using IPv6 Brian E Carpenter
- Re: [v6ops] Interesting problems with using IPv6 Mikael Abrahamsson