Privacy Extensions for Stateless Address Autoconfiguration in IPv6
RFC 4941
Document | Type |
RFC - Draft Standard
(September 2007; Errata)
Obsoletes RFC 3041
|
|
---|---|---|---|
Authors | Thomas Narten , Richard Draves , Suresh Krishnan | ||
Last updated | 2020-01-21 | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized with errata bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4941 (Draft Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Jari Arkko | ||
Send notices to | (None) |
Network Working Group T. Narten Request for Comments: 4941 IBM Corporation Obsoletes: 3041 R. Draves Category: Standards Track Microsoft Research S. Krishnan Ericsson Research September 2007 Privacy Extensions for Stateless Address Autoconfiguration in IPv6 Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract Nodes use IPv6 stateless address autoconfiguration to generate addresses using a combination of locally available information and information advertised by routers. Addresses are formed by combining network prefixes with an interface identifier. On an interface that contains an embedded IEEE Identifier, the interface identifier is typically derived from it. On other interface types, the interface identifier is generated through other means, for example, via random number generation. This document describes an extension to IPv6 stateless address autoconfiguration for interfaces whose interface identifier is derived from an IEEE identifier. Use of the extension causes nodes to generate global scope addresses from interface identifiers that change over time, even in cases where the interface contains an embedded IEEE identifier. Changing the interface identifier (and the global scope addresses generated from it) over time makes it more difficult for eavesdroppers and other information collectors to identify when different addresses used in different transactions actually correspond to the same node. Narten, et al. Standards Track [Page 1] RFC 4941 Privacy Extensions to Autoconf September 2007 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Conventions Used in This Document . . . . . . . . . . . . 4 1.2. Problem Statement . . . . . . . . . . . . . . . . . . . . 4 2. Background . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1. Extended Use of the Same Identifier . . . . . . . . . . . 5 2.2. Address Usage in IPv4 Today . . . . . . . . . . . . . . . 6 2.3. The Concern with IPv6 Addresses . . . . . . . . . . . . . 7 2.4. Possible Approaches . . . . . . . . . . . . . . . . . . . 8 3. Protocol Description . . . . . . . . . . . . . . . . . . . . . 9 3.1. Assumptions . . . . . . . . . . . . . . . . . . . . . . . 10 3.2. Generation of Randomized Interface Identifiers . . . . . . 10 3.2.1. When Stable Storage Is Present . . . . . . . . . . . . 11 3.2.2. In The Absence of Stable Storage . . . . . . . . . . . 12 3.2.3. Alternate Approaches . . . . . . . . . . . . . . . . . 12 3.3. Generating Temporary Addresses . . . . . . . . . . . . . . 13 3.4. Expiration of Temporary Addresses . . . . . . . . . . . . 14 3.5. Regeneration of Randomized Interface Identifiers . . . . . 15 3.6. Deployment Considerations . . . . . . . . . . . . . . . . 16 4. Implications of Changing Interface Identifiers . . . . . . . . 17 5. Defined Constants . . . . . . . . . . . . . . . . . . . . . . 18 6. Future Work . . . . . . . . . . . . . . . . . . . . . . . . . 18 7. Security Considerations . . . . . . . . . . . . . . . . . . . 19 8. Significant Changes from RFC 3041 . . . . . . . . . . . . . . 19 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 20 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 20 10.1. Normative References . . . . . . . . . . . . . . . . . . . 20 10.2. Informative References . . . . . . . . . . . . . . . . . . 20 Narten, et al. Standards Track [Page 2] RFC 4941 Privacy Extensions to Autoconf September 2007 1. Introduction Stateless address autoconfiguration [ADDRCONF] defines how an IPv6 node generates addresses without the need for a Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server. Some types of network interfaces come with an embedded IEEE Identifier (i.e., a link-layer MAC address), and in those cases, stateless address autoconfiguration uses the IEEE identifier to generate a 64-bit interface identifier [ADDRARCH]. By design, the interface identifier is likely to be globally unique when generated in this fashion. TheShow full document text