RFC 3041 Considered Harmful

Document Type Expired Internet-Draft (individual)
Authors Francis Dupont  , Pekka Savola 
Last updated 2004-06-25
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The purpose of the privacy extensions for stateless address autoconfiguration [1] is to change the interface identifier (and the global-scope addresses generated from it) over time in order to make it more difficult for eavesdroppers and other information collectors to identify when different addresses used in different transactions actually correspond to the same node. Current Distributed Denial of Service (DDoS) [2] attacks employ forged source addresses which can also be in the same prefixes than the real addresses of the compromised nodes used for attacks. Indeed, network ingress filtering defeats DDoS using 'random' forged source addresses.


Francis Dupont (Francis.Dupont@enst-bretagne.fr)
Pekka Savola (psavola@funet.fi)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)