[ipv6hackers] NetworkManager and privacy in the IPv6 internet

Matej Gregr igregr at fit.vutbr.cz
Fri Dec 4 16:24:15 CET 2015

On 12/04/2015 04:12 AM, Fernando Gont wrote:
> Hi, Folks,
> FYI:
> <https://blogs.gnome.org/lkundrak/2015/12/03/networkmanager-and-privacy-in-the-ipv6-internet/>
> In a little while Fedora will be shipping with RFC7217 on by default.
> That's really good news!
> Thanks,

  dhcpcd [1] supports RFC 7217 as well and it works well.

Btw, I am still quite confused with the whole idea of RFC 7217 if we
have RFC 4941. You argue in your RFC that:

"from a network-management point of view, they tend to increase the
complexity of event logging, troubleshooting, enforcement of access
controls, and quality of service, etc."

I agree with that, however, RFC 7217 also says that temporary addresses
are useful in some cases, e.g., correlation of activity of a host within
the same network. Furthermore, RFC 7217 says that it is not meant as an
alternative for these temporary addresses and that it is orthogonal to
the RFC 4941.

So if there is a demand for untraceability and anonymity on network
layer, we should end up with RFC 7217 together with temporary addresses,
as it is "the best solution".

However, if an OS implements RFC 7217 and creates a temporary address as
well, the whole idea of a stable identifier is useless. According
address selection, temporary addresses will be used for communication
and we are at the beginning. Or I am missing something?


[1] http://roy.marples.name/projects/dhcpcd/

More information about the Ipv6hackers mailing list