[LACNIC/Seguridad] Fwd: Deprecating EUI-64 Based IPv6 Addresses (Fwd: New Version Notification for draft-gont-6man-deprecate-eui64-based-addresses-00.txt)

Arturo Servin arturo.servin en gmail.com
Jue Oct 24 22:05:12 BRST 2013


Ya lo lei, aun no estoy muy de acuerdo en obsoleter totalmente la
generación de IDs de interfaz sin usar la MAC address, sobre todo porque
aun no tenemos una forma probada de hacerlo de otra forma.

Si bien no veo ninguna utilidad de la generacion por MAC, no se si sea
factible de que el draft diga "MUST NOT" como se ha discutido en 6man. Creo
que es más realista un documento intermedio que diga "SHOULD NOT" o "SHOULD
use another mean".

Slds
as


On Thu, Oct 24, 2013 at 4:00 PM, Fernando Gont <fgont en si6networks.com>wrote:

> Estimados,
>
> FYI (ver debajo)
>
> Como dice la canción:
>
>  "If the evil spirit armed the tiger with claws, Bramhan provided
>   wings for the dove"
>
> Saludos,
> Fernando
>
>
>
>
> -------- Original Message --------
> Subject: Deprecating EUI-64 Based IPv6 Addresses (Fwd: New Version
> Notification for draft-gont-6man-deprecate-eui64-based-addresses-00.txt)
> Date: Thu, 24 Oct 2013 14:50:22 -0300
> From: Fernando Gont <fernando en gont.com.ar>
> To: 6man en ietf.org <6man en ietf.org>
> CC: draft-gont-6man-deprecate-eui64-based-addresses en tools.ietf.org
>
> Folks,
>
> We have posted a new I-D entitled "Deprecating EUI-64 Based IPv6
> Addresses"
> (
> http://www.ietf.org/internet-drafts/draft-gont-6man-deprecate-eui64-based-addresses-00.txt
> ).
>
> It's a spin-off of the work we've been doing on IPv6 addressing
> secuity/privacy considerations
> (draft-ietf-6man-ipv6-address-generation-privacy and
> draft-ietf-6man-stable-privacy-addresses), and the idea had already been
> discussed among several folks mstly off-list and at IETF meeting corridors.
>
> Any comments will be appreciated.
>
> Thanks!
>
> Best regards,
> Fernando
>
>
>
>
> -------- Original Message --------
> Subject: New Version Notification for
> draft-gont-6man-deprecate-eui64-based-addresses-00.txt
> Date: Mon, 21 Oct 2013 15:43:46 -0700
> From: internet-drafts en ietf.org
> To: Fernando Gont <fgont en si6networks.com>, Will Liu
> <liushucheng en huawei.com>, Alissa Cooper <acooper en cdt.org>, Dave Thaler
> <dthaler en microsoft.com>
>
>
> A new version of I-D,
> draft-gont-6man-deprecate-eui64-based-addresses-00.txt
> has been successfully submitted by Fernando Gont and posted to the
> IETF repository.
>
> Filename:        draft-gont-6man-deprecate-eui64-based-addresses
> Revision:        00
> Title:           Deprecating EUI-64 Based IPv6 Addresses
> Creation date:   2013-10-22
> Group:           Individual Submission
> Number of pages: 6
> URL:
>
> http://www.ietf.org/internet-drafts/draft-gont-6man-deprecate-eui64-based-addresses-00.txt
> Status:
>
> http://datatracker.ietf.org/doc/draft-gont-6man-deprecate-eui64-based-addresses
> Htmlized:
>
> http://tools.ietf.org/html/draft-gont-6man-deprecate-eui64-based-addresses-00
>
>
> Abstract:
>    Stateless Address Autoconfiguration (SLAAC) for IPv6 typically
>    results in hosts configuring one or more stable addresses composed of
>    a network prefix advertised by a local router, and an Interface
>    Identifier that typically embeds a hardware address (e.g., an IEEE
>    LAN MAC address).  The security and privacy implications of embedding
>    hardware addresses in the Interface Identifier have been known and
>    understood for some time now, and some popular IPv6 implementations
>    have already deviated from such scheme to mitigate these issues.
>    This document deprecates the use of hardware addresses in IPv6
>    Interface Identifiers, and recommends the use of an alternative
>    scheme ([I-D.ietf-6man-stable-privacy-addresses]) for the generation
>    of IPv6 stable addresses.
>
>
>
>
>
> Please note that it may take a couple of minutes from the time of
> submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> The IETF Secretariat
>
>
>
>
>
> --
> Fernando Gont
> e-mail: fernando en gont.com.ar || fgont en si6networks.com
> PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
>
>
>
>
> --
> Fernando Gont
> e-mail: fernando en gont.com.ar || fgont en si6networks.com
> PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
>
>
>
>
>
> _______________________________________________
> Seguridad mailing list
> Seguridad en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/seguridad
>
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/seguridad/attachments/20131024/e5976f0d/attachment.html>


Más información sobre la lista de distribución Seguridad