RFC Errata

Errata Search

Source of RFC  
Summary Table Full Records

RFC 4941, "Privacy Extensions for Stateless Address Autoconfiguration in IPv6", September 2007

Note: This RFC has been obsoleted by RFC 8981

Source of RFC: ipv6 (int)

Errata ID: 4594
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Johanna Ullrich
Date Reported: 2016-01-14
Rejected by: Brian Haberman
Date Rejected: 2016-01-15

Section 3.2 says:


The algorithm for interface identifier generation is flawed: An adversary is able to infer a client's history value from a sequence of observed addresses and is able to infer all future interface identifiers of this certain client annihilating the extension's intended purpose of privacy protection.

For a detailed explanation on the algorithm's drawbacks, please see my paper:
The issue raised goes beyond a fix via the errata system. This should be raised in the appropriate working group within the IETF.

Report New Errata

Advanced Search