Re: [PATCH] IPv6: Privacy Extensions for Stateless Address

Pekka Savola (pekkas@netcore.fi)
Thu, 31 Oct 2002 09:43:40 +0200 (EET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ville Herva: "Re: What's left over."
Previous message: Alexander Viro: "Re: What's left over."
In reply to: (no name): "Re: [PATCH] IPv6: Privacy Extensions for Stateless Address"

On Thu, 31 Oct 2002, YOSHIFUJI Hideaki / [iso-2022-jp] 吉藤英明 wrote:
> In article <Pine.LNX.4.44.0210310908090.19356-100000@netcore.fi> (at Thu, 31 Oct 2002 09:25:01 +0200 (EET)), Pekka Savola <pekkas@netcore.fi> says:
>
> > I belive privacy extensions can be harmful for especially long-lived
> > applications and lead to a false sense of security: they should not be
> > enabled (by any definition of enabled) by default.
>
> Temporary addresses are generated (on most links) but not used by default
> (latter is done by source address selection) by my patch.
> Set sysctl net.ipv6.conf.ethXX.use_tempaddr > 1 to use it by default.
>
> (I have per-application setsockopt interface but it is not included
> because patch for source address selection is not accepted at this moment.)

Generating and re-generating new temporary addresses seems to be a useless
work and just new addresses unless they're being used at least by some
applications.

-- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Ville Herva: "Re: What's left over."
Previous message: Alexander Viro: "Re: What's left over."
In reply to: (no name): "Re: [PATCH] IPv6: Privacy Extensions for Stateless Address"