Re: Comments on draft-nordmark-multi6-threats-01

[Iljitsch van Beijnum <iljitsch@muada.com>]

On 10-jun-04, at 20:30, Erik Nordmark wrote:

> > (a possibility could be to include the current level of privacy 
> > support
> > in IPv6, just as the other current state of the art are presented.)

> Good point.
> I guess we can start with IPv4 where in some cases (dialup being the
> prime example) the IPv4 addresses change over time.

But sometimes it stays the same for very long periods of time.

> In IPv6 the temporary addresses RFC provide a way to make it
> harder to correlate packets from the same machine over time.

Which can also be quite problematic in certain situations (DoS, for 
instance). The original intention of RFC 3041 was to make sure that 
when a host moves from one prefix to another, its correspondents can't 
track it by the interface identifier that stays the same. Being able to 
hide within a subnet prefix that doesn't change is an extra feature. 
Not being able to support this feature doesn't automatically disqualify 
a multihoming solution, IMO.

> So I think the "do no harm" criteria means that the introduction
> of multihoming support should still provide the same ability as we
> have in IPv6 with temporary addresses.

We can't let ourselves be constrained by arbitrary features of the 
current architecture. If the features are important, sure, we must 
support them. But having to do so just because it can be done today 
makes has the potential to disqualify very useful multihoming solutions 
without good reason.