[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 64-bit identifiers
I was attempting to only referr to the short lived identity properties of such
identifiers for the purposes of multihoming over the lifetime of a connection.
The privacy debate, while important, should not necessarily be relevant to the
discussion I was attempting to promote.
Peter
On Thu, 9 Aug 2001, Bob Hinden wrote:
> Ran,
>
> >The existence of the Privacy Address Configuration specification
> >for IPv6 means that the low-order 64-bits CAN NOT uniquely identify
> >a host. Prior to then, using the low-order 64-bits (as proposed
> >by original 8+8/GSE) might have worked. That approach cannot work
> >given the current state of specs. Note well that the "privacy
> >extension" spec (sic) is being widely implemented and deployed in
> >end-systems (e.g. Windows XP).
>
> IPv6 nodes can have long lived 64 bit interface identifiers (usually
> created from hardware tokens) and temporary interface identifiers per
> RFC3041. Most implementations will support both types as they serve
> different purposes. There is a bit in the interface identifier that
> indicates whether it is a global or local identifier. As you point out the
> global identifiers could be used with an 8+8/GSE type scheme, while the
> temporary addresses would be harder to use.
>
> >Now one could postulate a different identifer that could be used
> >in things like Protocol Control Blocks to bind session state
> >and identity (in lieu of using IP addresses as at present). There
> >would need to be some ability to map to/from that identifier to
> >other kinds of identifiers (perhaps IP Addresses, FQDNs) for
> >this to be deployable, as near as I can tell. There is some work
> >within the IRTF NSRG examining the possibility of adding such
> >identifiers to the Internet Architecture, but that's research
> >not engineering for now.
>
> Based on our experience with global IPv6 interface identifiers, I suspect
> that any new scheme using global identifiers will have to deal with privacy
> issues to allow for anonymous communication.
>
> Bob
>
>
>
>
--
Peter R. Tattam peter@trumpet.com
Managing Director, Trumpet Software International Pty Ltd
Hobart, Australia, Ph. +61-3-6245-0220, Fax +61-3-62450210