[ipv6hackers] Security/Privacy Improvements to stable SLAAC addresses
Torbjörn Eklöv
torbjorn.eklov at interlan.se
Fri Jun 30 22:06:13 CEST 2017
You have to register to techtarget to read them so please continue other way.
/tobbe
> 29 juni 2017 kl. 06:53 skrev Fernando Gont <fgont at si6networks.com>:
>
> Folks,
>
> It looks like somehow I forgot to send a heads-up to this list regarding
> the following:
>
> Earlier this year RFC8064 as published, recommending use of RFC7217 fr
> the generation of stable addresses with SLAAC, and recommending
> *against* the generation of stable addresses by embedding MAC addresses
> in the Interface-ID
>
> At the time of this writing, at least two OSes already ship with RFC7217
> enabled by default:
>
> * Fedora
> * Mac OS
>
> I've written two articles on this topic for TechTarget, which provide
> both background/context info on the topic, and also discuss practical
> considerations.
>
> * Part #1:
> <http://searchsecurity.techtarget.com/tip/IPv6-update-A-look-at-the-security-and-privacy-improvements>
>
> * Part #2:
> <http://searchsecurity.techtarget.com/tip/How-to-use-an-interface-identifier-to-check-for-IPv6-network-updates>
>
> Thanks!
>
> Best regards,
> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont at si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> https://lists.si6networks.com/mailman/listinfo/ipv6hackers
Torbjörn Eklöv | Interlan Gefle AB
Norra Kungsgatan 5, 803 20 Gävle
Växel: 026-18 50 00 | Direkt: 070-683 51 75
http://www.dnssecandipv6.se <http://www.dnssecandipv6.se/>
"Ever since I can remember I always wanted to use IPv6.
To me that was better than being president of the United States.
To use IPv6 was to own the world."
More information about the Ipv6hackers
mailing list