Re: [PATCH] IPv6: Privacy Extensions for Stateless Address Autoconfiguration in IPv6
From: Pekka Savola (pekkas@netcore.fi)
Date: Thu Oct 31 2002 - 02:43:40 EST
On Thu, 31 Oct 2002, YOSHIFUJI Hideaki / [iso-2022-jp] �$B5HF#1QL@�(B wrote:
> In article <Pine.LNX.4.44.0210310908090.19356-100000@netcore.fi> (at Thu, 31 Oct 2002 09:25:01 +0200 (EET)), Pekka Savola <pekkas@netcore.fi> says:
>
> > I belive privacy extensions can be harmful for especially long-lived
> > applications and lead to a false sense of security: they should not be
> > enabled (by any definition of enabled) by default.
>
> Temporary addresses are generated (on most links) but not used by default
> (latter is done by source address selection) by my patch.
> Set sysctl net.ipv6.conf.ethXX.use_tempaddr > 1 to use it by default.
>
> (I have per-application setsockopt interface but it is not included
> because patch for source address selection is not accepted at this moment.)
Generating and re-generating new temporary addresses seems to be a useless
work and just new addresses unless they're being used at least by some
applications.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29
: Thu Oct 31 2002 - 22:00:52 EST