Recommendation on Stable IPv6 Interface Identifiers
draft-ietf-6man-default-iids-15
The information below is for an old version of the document |
Document |
Type |
|
Active Internet-Draft (6man WG)
|
|
Authors |
|
Fernando Gont
,
Alissa Cooper
,
Dave Thaler
,
Will LIU
|
|
Last updated |
|
2016-09-14
(latest revision 2016-08-20)
|
|
Stream |
|
Internet Engineering Task Force (IETF)
|
|
Formats |
|
pdf
htmlized (tools)
htmlized
bibtex
|
|
Reviews |
|
|
Stream |
WG state
|
|
WG Consensus: Waiting for Write-Up
|
|
Document shepherd |
|
Bob Hinden
|
IESG |
IESG state |
|
I-D Exists
|
|
Consensus Boilerplate |
|
Unknown
|
|
Telechat date |
|
|
|
Responsible AD |
|
(None)
|
|
Send notices to |
|
"Robert M. Hinden" <bob.hinden@gmail.com>
|
IPv6 maintenance Working Group (6man) F. Gont
Internet-Draft SI6 Networks / UTN-FRH
Updates: 2464, 2467, 2470, 2491, 2492, A. Cooper
2497, 2590, 3146, 3572, 4291, Cisco
4338, 4391, 5072, 5121 (if D. Thaler
approved) Microsoft
Intended status: Standards Track W. Liu
Expires: February 21, 2017 Huawei Technologies
August 20, 2016
Recommendation on Stable IPv6 Interface Identifiers
draft-ietf-6man-default-iids-15
Abstract
This document changes the recommended default IID generation scheme
for cases where SLAAC is used to generate a stable IPv6 address. It
recommends using the mechanism specified in RFC7217 in such cases,
and recommends against embedding stable link-layer addresses in IPv6
Interface Identifiers. It formally updates RFC2464, RFC2467,
RFC2470, RFC2491, RFC2492, RFC2497, RFC2590, RFC3146, RFC3572,
RFC4291, RFC4338, RFC4391, RFC5072, and RFC5121. This document does
not change any existing recommendations concerning the use of
temporary addresses as specified in RFC 4941.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 21, 2017.
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
Gont, et al. Expires February 21, 2017 [Page 1]
Internet-Draft Default Interface-IDs August 2016
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Generation of IPv6 Interface Identifiers with SLAAC . . . . . 4
4. Future Work . . . . . . . . . . . . . . . . . . . . . . . . . 4
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
6. Security Considerations . . . . . . . . . . . . . . . . . . . 5
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction
[RFC4862] specifies Stateless Address Autoconfiguration (SLAAC) for
IPv6 [RFC2460], which typically results in hosts configuring one or
more "stable" addresses composed of a network prefix advertised by a
local router, and an Interface Identifier (IID) [RFC4291] that
typically embeds a stable link-layer address (e.g., an IEEE LAN MAC
address).
In some network technologies and adaptation layers, the use of an IID
based on a link-layer address may offer some advantages. For
example, the IP-over-IEEE802.15.4 standard in [RFC6775] allows for
compression of IPv6 addresses when the IID is based on the underlying
link-layer address.
The security and privacy implications of embedding a stable link-
layer address in an IPv6 IID have been known for some time now, and
are discussed in great detail in [RFC7721]. They include:
o Network activity correlation
o Location tracking
o Address scanning
o Device-specific vulnerability exploitation
Gont, et al. Expires February 21, 2017 [Page 2]
Internet-Draft Default Interface-IDs August 2016
More generally, the reuse of identifiers that have their own
semantics or properties across different contexts or scopes can be
detrimental for security and privacy
[I-D.gont-predictable-numeric-ids]. In the case of traditional
Show full document text