[LACNIC/Seguridad] Fwd: Re: IPv6 Stable Private Addresses RFC 7217

Fernando Gont fernando en gont.com.ar
Mar Jul 1 20:30:58 BRT 2014


Esto se importó para DHCP...

-------- Original Message --------
Subject: Re: IPv6 Stable Private Addresses RFC 7217
Date: Sat, 14 Jun 2014 22:03:02 +0100
From: Roy Marples <roy en marples.name>
To: tech-net en netbsd.org, spz en netbsd.org
CC: tech-net-owner en netbsd.org

On 04/06/2014 10:36, Roy Marples wrote:
> The next dhcpcd release will have support for IPv6 Stable Private
> Addresses, RFC 7217.
> http://wiki.netbsd.org/projects/project/ipv6-stable-privacy-addresses/
> http://tools.ietf.org/html/rfc7217
> In summary, this is designed as a replacement interface identifier for
> the normal hardware derived one when using SLAAC.
> By storing a persistent secret key and combing this with stable
> network information such as prefix, ssid (if available), hardware
> address and a dad_counter we can then take an interface identifier
> from a hash of the above information combined.
> The most basic goal is that the host is no longer track-able across
> different networks based on their global address, but the address
> remains stable on each network.

This has now been imported into -current.
Let me know how it works for you!



Fernando Gont
e-mail: fernando en gont.com.ar || fgont en si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

Más información sobre la lista de distribución Seguridad