Proposal: Enable IPv6 Privacy Extensions (RFCs 3041/4941) by
default
Randy Bush
randy at psg.com
Tue Jun 10 07:45:31 UTC 2008
> To address those privacy concerns RFC 3041 was written, and eventually
> obsoleted by RFC 4941. ftp://ftp.rfc-editor.org/in-notes/rfc4941.txt
> Our IPv6 implementation comes with the code to enable this feature,
> but by default it is turned off. My proposal is to enable it by
> default, and give the user a knob in rc.conf to turn it off.
the only drawback is that forward and reverse dns would not be easily
filled. but anyone who relies on a mac address for dns hacking is
asking for trouble; use dhcpv6 or hard code the host's ip address in
/etc/rc.conf.
so i have no problem with the change. thanks for asking.
randy
More information about the freebsd-net
mailing list