Who wanna bet that P1 will only give you a /128?
If only they will give out a /56 at least...

By default, Windows 7/Vista use stateless autoconfig with extra temporary IPv6 address that will change periodically. With this, other people cannot derive your MAC address from their analytics data. No need to educate mere mortals that use Windows because they are protected by default. For Linux users, let just assume that they should know what they are doing if they use that OS.

What everyone should be afraid of is RIR policy that make ISPs that assign prefixes larger than /64 to their customers to also SWIP that customer information (usually billing address at the minimum) into the ISP's net-block WHOIS data.

As I prefer to use vanity IPv6 address with fancy reverse DNS entries (maybe wkkay can made it to be shown next to the pale blue IPv6 text?), this mean I have to disable the privacy extension (via netsh), disable router solicitation, set up other stateful config in my wireless adapter to 1, then set up a static IPv6 address and add a route to the wireless adapter. See how much work I have to do just to let other people data mining me? My postal address has already been published anyway for the /48 I used here...

Microsoft truly make using IPv6 by other means that isn't SLAAC to be difficult to the end user.

As for other people on the network that has default Windows installation, all I have to do is to advertise a prefix with radvd and everything will work just fine with them. They probably doesn't even know their connection is IPv6-enabled.

You have no idea how it works. You can assign a static IPv6 there (complete with gateways, DNS and stuff) but Windows will simply ignore it if it sees RA being sent on the network. Windows will grab an IPv6 from the router (two if privacy extension is enabled) and will use it by default. Router solicitation need to be disabled on the network interface, that's for sure.

Need to screw around with netsh just to get static IPv6 to be used, or if you want to use stateful autoconfig.

This is where Linux really shines, if I tell it to use a static IPv6 address, it will use it. Not with Windows.

If you turn on the M and O flags in RA, you can indeed use static IPv6 /128 address. But if the RA also advertise a prefix, Windows will also grab another /128 from the prefix. And if privacy extension isn't disabled (they are on by default), another randomized address will be leased from the router and Windows will use that one as the default IPv6 address seen by the world. The other two can only be used by programs that can manually bind to IPv6 addresses like Azureus and KVIRC.

So at the minimum, the privacy extension should be disabled if SLAAC isn't used.

1. This has always happened (even with dynamic IPv4), only that with IPv6, the info is public. If the RIRs doesn't have the SWIP requirement for allocations bigger than /64 (for ARIN this applies whether it was allocation portable or direct allocation), the FBI or whatever can still get the info with a warrant/subpoena.

2. The privacy extension is well-known in a RFC. And there are no proof that the Microsoft's implementation of RFC3041 is flawed in any sense of that it is not random enough. If there is any problem, those people at DefCon community (or others) would have find out about it already. Oh BTW, Microsoft did wrote that RFC too, so it can be assumed that their implementation is decent. Anyway, the ISP knows that which /64 or /48 belong to whom, so whether you use a randomized IPv6 ala RFC3014 or a MAC-derived IPv6 address from the allocated prefix, nothing different really happens. A warrant/subpena will reveal that you own the prefix, regardless whether you use a fixed address or not.

3. Then that would be a stupid trojan. Privacy extension is only used in stateless autoconfig, not in stateful autoconfig or static addressing. What use that trojan do in a network that employs the latter two's configuration?