| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200506.170018.550097165407520983.davem@davemloft.net> Date: Wed, 06 May 2020 17:00:18 -0700 (PDT) From: David Miller <davem@...emloft.net> To: fgont@...networks.com Cc: netdev@...r.kernel.org Subject: Re: [PATCH v3 net-next] ipv6: Implement draft-ietf-6man-rfc4941bis From: Fernando Gont <fgont@...networks.com> Date: Fri, 1 May 2020 00:51:47 -0300 > Implement the upcoming rev of RFC4941 (IPv6 temporary addresses): > https://tools.ietf.org/html/draft-ietf-6man-rfc4941bis-09 > > * Reduces the default Valid Lifetime to 2 days > The number of extra addresses employed when Valid Lifetime was > 7 days exacerbated the stress caused on network > elements/devices. Additionally, the motivation for temporary > addresses is indeed privacy and reduced exposure. With a > default Valid Lifetime of 7 days, an address that becomes > revealed by active communication is reachable and exposed for > one whole week. The only use case for a Valid Lifetime of 7 > days could be some application that is expecting to have long > lived connections. But if you want to have a long lived > connections, you shouldn't be using a temporary address in the > first place. Additionally, in the era of mobile devices, general > applications should nevertheless be prepared and robust to > address changes (e.g. nodes swap wifi <-> 4G, etc.) > > * Employs different IIDs for different prefixes > To avoid network activity correlation among addresses configured > for different prefixes > > * Uses a simpler algorithm for IID generation > No need to store "history" anywhere > > Signed-off-by: Fernando Gont <fgont@...networks.com> Applied, thanks.
Powered by blists - more mailing lists