Re: Mac OS X 10.7, still no DHCPv6

[Joe Abley <jabley () hopcount ca>]

On 2011-02-28, at 09:53, Brian Johnson wrote:

> Can someone explain what exactly the security threat is?

The threat model relates to the ability for a third party to be able to identify what subnets a single device has moved 
between, which is possible with MAC-embedded IPv6 addresses but not possible with addresses without embedded local 
identifiers. It's analogous to someone tracking credit card use and being able to infer from the vendor crumbs where an 
individual has been.

I don't think this has ever been cited as a global, general threat that must be eliminated (just as people are 
generally happy to use the same credit card as they move around the planet and don't generally stress about the 
implications). However, I think it's reasonable that it's a concern for some. There is no global, fixed value of 
"acceptable" when it comes to privacy.


Joe