Temporary Address Extensions for Stateless Address Autoconfiguration in IPv6
RFC 8981

Document Type RFC - Proposed Standard (February 2021; No errata)
Obsoletes RFC 4941
Authors Fernando Gont  , Suresh Krishnan  , Thomas Narten  , Richard Draves 
Last updated 2021-02-28
Replaces draft-fgont-6man-rfc4941bis
Stream Internet Engineering Task Force (IETF)
Formats plain text html xml pdf htmlized (tools) htmlized bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Ole Trøan
Shepherd write-up Show (last changed 2020-06-04)
IESG IESG state RFC 8981 (Proposed Standard)
Action Holders
(None)
Consensus Boilerplate Yes
Telechat date
Responsible AD Erik Kline
Send notices to otroan@employees.org
IANA IANA review state Version Changed - Review Needed
IANA action state No IANA Actions


Internet Engineering Task Force (IETF)                           F. Gont
Request for Comments: 8981                                  SI6 Networks
Obsoletes: 4941                                              S. Krishnan
Category: Standards Track                                         Kaloom
ISSN: 2070-1721                                                T. Narten
                                                                        
                                                               R. Draves
                                                      Microsoft Research
                                                           February 2021

Temporary Address Extensions for Stateless Address Autoconfiguration in
                                  IPv6

Abstract

   This document describes an extension to IPv6 Stateless Address
   Autoconfiguration that causes hosts to generate temporary addresses
   with randomized interface identifiers for each prefix advertised with
   autoconfiguration enabled.  Changing addresses over time limits the
   window of time during which eavesdroppers and other information
   collectors may trivially perform address-based network-activity
   correlation when the same address is employed for multiple
   transactions by the same host.  Additionally, it reduces the window
   of exposure of a host as being accessible via an address that becomes
   revealed as a result of active communication.  This document
   obsoletes RFC 4941.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8981.

Copyright Notice

   Copyright (c) 2021 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction
     1.1.  Terminology
     1.2.  Problem Statement
   2.  Background
     2.1.  Extended Use of the Same Identifier
     2.2.  Possible Approaches
   3.  Protocol Description
     3.1.  Design Guidelines
     3.2.  Assumptions
     3.3.  Generation of Randomized IIDs
       3.3.1.  Simple Randomized IIDs
       3.3.2.  Generation of IIDs with Pseudorandom Functions
     3.4.  Generating Temporary Addresses
     3.5.  Expiration of Temporary Addresses
     3.6.  Regeneration of Temporary Addresses
     3.7.  Implementation Considerations
     3.8.  Defined Protocol Parameters and Configuration Variables
   4.  Implications of Changing IIDs
   5.  Significant Changes from RFC 4941
   6.  Future Work
   7.  IANA Considerations
   8.  Security Considerations
   9.  References
     9.1.  Normative References
     9.2.  Informative References
   Acknowledgments
   Authors' Addresses

1.  Introduction

   [RFC4862] specifies Stateless Address Autoconfiguration (SLAAC) for
   IPv6, which typically results in hosts configuring one or more
   "stable" IPv6 addresses composed of a network prefix advertised by a
   local router and a locally generated interface identifier (IID).  The
   security and privacy implications of such addresses have been
   discussed in detail in [RFC7721], [RFC7217], and [RFC7707].  This
   document specifies an extension to SLAAC for generating temporary
   addresses that can help mitigate some of the aforementioned issues.
   This document is a revision of RFC 4941 and formally obsoletes it.
   Section 5 describes the changes from [RFC4941].

   The default address selection for IPv6 has been specified in
   [RFC6724].  In some cases, the determination as to whether to use
   stable versus temporary addresses can only be made by an application.
   For example, some applications may always want to use temporary
   addresses, while others may want to use them only in some
   circumstances or not at all.  An Application Programming Interface
   (API) such as that specified in [RFC5014] can enable individual
   applications to indicate a preference for the use of temporary
   addresses.

   Section 2 provides background information.  Section 3 describes a
Show full document text