-----Original Message-----
From: Rémi Després [mailto:remi(_dot_)despres(_at_)free(_dot_)fr]
Sent: Monday, February 18, 2008 11:28 AM
To: Dan Wing
Cc: ietf(_at_)ietf(_dot_)org
Subject: Re: IPv6 NAT?
Dan Wing wrote :
""If a client host takes a new randomly chosen
"privacy IID" for each of its outgoing
connections: (1) its
address and
its chosen port will keep their E2E
significance; (2) no one will know
where it is in its site; (3) any attempt to
call such an address will
fail; (4) the host will easily clean up its
state when it knows a
connection is finished, or when it resets, or
when its power is turned
off; (5) no stateful logic is needed in any
intermediate box; (6)
intermediate boxes are not concerned with
protocols used (UDP, TCP,
SCTP...).""
Sounds like RFC4941.
Basically, it extends use of Privacy IIDs of RFC4941.
I do not believe today's application developers are comfortable
with determining if and when their application needs to perform
the functions of RFC4941.
It would not be an application concern.
If users want this kind of strong privacy,
Typically, users don't know or care; more often it is the network
administrator that cares.
they activate this
"extended privacy option" in their hosts.
Then the stack below applications applies the "one new
address for each outgoing connection" rule.
Addresses and ports keep their E2E significance for ALL applications.
Thanks for the educating me on where this feature would be implemented. I
have long assumed that v6 privacy is something the application would need to
be involved with.
Is this functionality already available in Vista and Leopard?
-d
On the opposite, if NATs MAY be present between the two ends,
applications are concerned.
Some of them may have to work differently depending on
whether there is a NAT or not, and depending on which ALG
functions it performs.
That is precisely what can be avoided thanks to IPv6 (and
IMHO SHOULD be avoided).
RD
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
http://www.ietf.org/mailman/listinfo/ietf