Skip to main content

Human-safe IPv6: Cryptographic transformation of hostnames as a base for secure and manageable addressing

Document Type Expired Internet-Draft (individual)
Authors Andrew Yourtchenko , Salman Asadullah , Mircea Pisica
Last updated 2012-09-06 (Latest revision 2012-03-05)
Stream (None)
Intended RFC status (None)
Expired & archived
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Although the IPv6 address space within a single /64 subnet is very large, the typical distribution of the addresses in this space is very non-uniform. This non-uniformity, together with the dictionary- based DNS brute-force enumeration, allows practical remote mapping of the IPv6 addresses in these subnets. This document proposes a technique which can be used to decrease the exposure of the server subnets to trivial scanning. As a side effect, the proposed technique allows to drastically simplify the address management.


Andrew Yourtchenko
Salman Asadullah
Mircea Pisica

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)