Archives for category: privacy

To SLAAC or not to SLAAC – what will it be? I might vote for SLAAC, slightly modified and used with IPv6 First Hop Security (FHS) with built-in monitoring.

Looking for a perfect solution for local IPv6 addressing which is stable, secure and private enough as well as easy to monitor? Read the rest of this entry »

No need to sacrifice a great protocol due to some privacy issues, better improve it!

IPv6 hosts can use IPv6 Stateless Address Autoconfiguration (SLAAC) to label themselves with one or more IPv6 addresses. These are composed of a network prefix advertised by a local router, and some kind of interface identifier. There are many security and privacy implications if such an identifier is globally unique — addresses with embedded hardware address being a perfect example. On the other hand these kind of addresses are stable, allowing for a higher degree of network control and manageability.
Users privacy can be significantly improved if the interface identifier is random and changes frequently. Such mechanisms, like Privacy Extensions for SLAAC (RFC 4941), can bring a nightmare to many network administrators.

DHCPv6 to the rescue!
Read the rest of this entry »