Skip to main content

RFC 3041 Considered Harmful

Document Type Expired Internet-Draft (individual)
Authors Dr. Francis Dupont , Pekka Savola
Last updated 2004-06-25
Stream (None)
Intended RFC status (None)
Expired & archived
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The purpose of the privacy extensions for stateless address autoconfiguration [1] is to change the interface identifier (and the global-scope addresses generated from it) over time in order to make it more difficult for eavesdroppers and other information collectors to identify when different addresses used in different transactions actually correspond to the same node. Current Distributed Denial of Service (DDoS) [2] attacks employ forged source addresses which can also be in the same prefixes than the real addresses of the compromised nodes used for attacks. Indeed, network ingress filtering defeats DDoS using 'random' forged source addresses.


Dr. Francis Dupont
Pekka Savola

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)