RE: Advantages and disadvantages of using CB64 type of identifiers

["Christian Huitema" <huitema@windows.microsoft.com>]

> i don't fully understand why do you think that having an identifier in
> the address is worse than current IPv4 situation (where the id and
> locator are one, and multihomed sites have a single address) or the
> current IPv6 situation (i guess that something similar to privacy
> extensions could be achieved by periodically creating new keys hence
> new identifiers)

First, I don't believe in arguments such as "this is not worse than what
we did in the past" when it comes to security and privacy. We should be
on a path to improvement, not a soft descent into complacency. Second,
having a unique 64 bit identifier in the addresses is actually worse
than the current situation in either IPv4 or IPv6. 

In IPv4, the addresses are often dynamically affected; it is possible,
if a site manager so chooses, to give nodes a different address at each
session. Hosts using dial-up connections receive new addresses for each
connection. Hosts using broadband connections often receive new
addresses every 24 hours. When a host is multi-homed to several
networks, it will indeed receive different IPv4 addresses on each of
these networks.

The current IPv6 practice is to have the 64 bit identifier be either an
IEEE 802 identifier (default) or a random number (temporary addresses,
SEND). When a host is multi-homed through several interfaces, the
different identifiers are used on different interfaces. When a host
configures addresses from multiple prefixes on the same interface, the
802 identifier will often be the same, but the random identifiers will
be different. The current ND spec allows for using the same identifier
with different prefixes, but it certainly does not mandate it.

-- Christian Huitema