Moreover, RFC1888 never moved beyond "experimental" status. Look at its heading, where it says "Obsoleted by: 4048 Category: Experimental", and its preface which explicitly states that "This memo does not specify an Internet standard of any kind."
> their approach still spends 7 bits on the prefix.
The Yggdrasil people are very clear that this is a research project. Not to be used in production, to be used at your own risk etc etc etc.
In that light I find it unfair to claim it spends addressspace. Which, I might add, is pretty darn huge and we are not going to run out of addresses any time soon. If ever.
Maybe pedantic, but needed to point out that the 7 in `0200/7` of the usage is the opposite of being spent. The 7 first bits are the mask you need to apply to indicate that it is INSIDE the yggdrasil address-space. Which means that they only 'spend' 1 bit from from the first byte. Not 7.
> the cryptographic (in)security of Yggdrasil addresses.
Fair enough, I didn't catch that one.
The addresses generated has changed already from 0.3 to 0.4 (which is the series we see today), I expect that something will change again in future to make brute forcing harder.
Notice that in all cases the same IPv6 range was used, reusing the same space as upgrades change the individuals' IP address.
Ideally the project would use link-local addresses, but to quote Arceliar [1] (one of the devs):
> there's no standard way to specify these interfaces across platforms / number these interfaces intelligently. if there was, we could have set aside a specific interface number for ygg, and then just used link-local addresses, which is technically more correct than using a global address that isn't actually global
