Hi, Ben, Thanks so much for your feedback! Please find my comments in-line... On 04/25/2013 03:39 PM, Ben Campbell wrote: > Minor issues: > > -- section 3, third paragraph from end: > > The paragraph suggests that changing the number of network interfaces > should be rare. I think it's quite common in practice for the sorts > of hosts likely to move between subnets regularly. For example, my > Macbook Pro uses an external (Thunderbolt attached) ethernet > interface which regularly gets disconnected and reconnected. Same > might hold true for a USB attached wireless modem. And I have any > number of VPNs which may be active or not at any given time. I will tweak the text a bit -- as noted in other threads, I will replace "Interface Index" with a generic "Interface_ID", and will comment on the desired properties, and note that two possible options for it are the Interface Index and the Interface name -- with the interface name probably being more constant in the scenarios that you describe. > -- section 3, 2nd paragraph from end: > > You describe the affects of including Network_ID in some detail. It > would be helpful to note the consequences of _not_ including it. Well, should we really do it? -- after all, you MUST include it. > > Nits/editorial comments: > > -- section 1, 4th paragraph: "Therefore, it is vital..." > > That seems a bit overstated. We're not talking about breaking the > Internet here, are we? Well, that depends... there are scenarios in which privacy is really vital. > -- 1, 6th paragraph: "Also, they result in increased complexity..." > > What sort of complexity? Implementation complexity? It's a bit > confusion because the previous sentences already talk about increased > complexity of specific sorts. It would help to mention what sort of > additional complexity is referred to here. Yep, implementation complexity -- I will clarify this. > -- 1, paragraph 11: "This document does not update..." > > How is adding an alternative algorithm _not_ an update? Well, you still send an RS, receive an RA, and generate an IID. Me, I'd probably update RFC 4862, so that we make sure that folks implementing SLAAC take a look at this document, but.... > --1, paragraph 12: "... may already address" > > Is the "already addressing" part in question? Or is it a matter of > addressing it in some circumstances, but not others? If the latter, > it would help to elaborate. Not sure what you mean. The idea is that, in many scenarios, draft-ietf-stable-privacy-addresses may be good enough to address your privacy concerns. > -- 6, last paragraph: "... may mitigate..." > > Not sure? Or only under some circumstances? The idea is that the only privacy implication that this doesn't mitigate is correlation of node activities within the same network. However, that really depends on the number of active nodes within the same subnet. For example, if you have only one active node in the subnet, then no matter whether its changes its addresses, its activities can be easily correlated. > -- references: RFC1948 is obsoleted by 6528. Is there a reason to > reference the obsolete version? Yes: RFC1948 is only referenced in the Acks section, where I note that this document was inspired by Bellovin's work on RFC1948. While RFC6528 obsoletes RFC1948, the algorithm in that RFC is the same as that in RFC1948. Thanks! Best regards, -- Fernando Gont SI6 Networks e-mail: fgont@xxxxxxxxxxxxxxx PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492