> -----Original Message----- > From: Rémi Després [mailto:remi.despres@xxxxxxx] > Sent: Monday, February 18, 2008 11:28 AM > To: Dan Wing > Cc: ietf@xxxxxxxx > Subject: Re: IPv6 NAT? > > Dan Wing wrote : > > > ""If a client host takes a new randomly chosen > "privacy IID" for each of its outgoing > connections: (1) its > address and > its chosen port will keep their E2E > significance; (2) no one will know > where it is in its site; (3) any attempt to > call such an address will > fail; (4) the host will easily clean up its > state when it knows a > connection is finished, or when it resets, or > when its power is turned > off; (5) no stateful logic is needed in any > intermediate box; (6) > intermediate boxes are not concerned with > protocols used (UDP, TCP, > SCTP...)."" > > > > Sounds like RFC4941. > > > Basically, it extends use of Privacy IIDs of RFC4941. > > > I do not believe today's application developers are comfortable > with determining if and when their application needs to perform > the functions of RFC4941. > > > > It would not be an application concern. > If users want this kind of strong privacy, Typically, users don't know or care; more often it is the network administrator that cares. > they activate this > "extended privacy option" in their hosts. > Then the stack below applications applies the "one new > address for each outgoing connection" rule. > Addresses and ports keep their E2E significance for ALL applications. Thanks for the educating me on where this feature would be implemented. I have long assumed that v6 privacy is something the application would need to be involved with. Is this functionality already available in Vista and Leopard? -d > On the opposite, if NATs MAY be present between the two ends, > applications are concerned. > Some of them may have to work differently depending on > whether there is a NAT or not, and depending on which ALG > functions it performs. > That is precisely what can be avoided thanks to IPv6 (and > IMHO SHOULD be avoided). > > RD > > _______________________________________________ Ietf@xxxxxxxx http://www.ietf.org/mailman/listinfo/ietf