Re: [PATCH] IPv6: Privacy Extensions for Stateless Address

(no name) ((no email))
Thu, 31 Oct 2002 16:32:09 +0900 (JST)


In article <Pine.LNX.4.44.0210310908090.19356-100000@netcore.fi> (at Thu, 31 Oct 2002 09:25:01 +0200 (EET)), Pekka Savola <pekkas@netcore.fi> says:

> I belive privacy extensions can be harmful for especially long-lived
> applications and lead to a false sense of security: they should not be
> enabled (by any definition of enabled) by default.

Temporary addresses are generated (on most links) but not used by default
(latter is done by source address selection) by my patch.
Set sysctl net.ipv6.conf.ethXX.use_tempaddr > 1 to use it by default.

(I have per-application setsockopt interface but it is not included
because patch for source address selection is not accepted at this moment.)

-- 
Hideaki YOSHIFUJI @ USAGI Project <yoshfuji@linux-ipv6.org>
GPG FP: 9022 65EB 1ECF 3AD1 0BDF  80D8 4807 F894 E062 0EEA
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/