Re: [93attendees] Network experiment during the meeting

Jared Mauch <> Tue, 14 July 2015 14:34 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A214A1ACDFF for <>; Tue, 14 Jul 2015 07:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.788
X-Spam-Status: No, score=0.788 tagged_above=-999 required=5 tests=[BAYES_50=0.8, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Cx6H_vTI7Cl8 for <>; Tue, 14 Jul 2015 07:34:34 -0700 (PDT)
Received: from ( [IPv6:2001:418:3f4::5]) by (Postfix) with ESMTP id CF7D11ACDEF for <>; Tue, 14 Jul 2015 07:34:34 -0700 (PDT)
Received: by (Postfix, from userid 162) id 7B4D45408DE; Tue, 14 Jul 2015 10:34:34 -0400 (EDT)
Date: Tue, 14 Jul 2015 10:34:34 -0400
From: Jared Mauch <>
To: Rolf Winter <>
Message-ID: <>
References: <> <> <> <> <55A5182E.9000504@Opus1.COM> <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <>
Cc: Joel M Snyder <Joel.Snyder@Opus1.COM>,,
Subject: Re: [93attendees] Network experiment during the meeting
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list of IETF 93 attendees that have opted in on this list. " <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 14 Jul 2015 14:34:37 -0000

On Tue, Jul 14, 2015 at 04:27:51PM +0200, Rolf Winter wrote:
> Hi,
> I am not a lawyer so anything I say is solely based on common sense, which
> probably means that legally speaking I am wrong. Just for the folks that
> have not read the description of our experiment, we solely talk about
> broadcast data.
> I have actually talked to our lawyer here, and her spontaneous suggestion
> was to ask whether one of the participants/sponsors from the Czech Republic
> could ask their lawyers/data protection officers if such an experiment would
> be OK under Czech Republic law? I found that a smashing idea. Anybody on
> this list who could help out?

	I find this study interesting because it's about data that people are
sharing by default settings of their software and acceptance of EULA.

	Attending a RIPE/NANOG/IETF meeting is interesting seeing all the
messages and disclosures from hosts that are broadcast.

	The same is true of CDP/LLDP and other protocols that operate
within this space.

	If you haven't looked at the data your laptop leaks from running iTunes,
mDNS/Bonjour, etc you may want to investigate it before joining an
untrusted network.

	The apple messages app and itunes share a lot of data, plus even
in just DHCP you see plenty of details.  Example from my home:

	  Client-Ethernet-Address c8:0a:a9:2d:c9:25
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message Option 53, length 1: Discover
	    MSZ Option 57, length 2: 576
	    Vendor-Class Option 60, length 21: "Broadcom:LB4M:"

	  Client-Ethernet-Address 5c:f9:38:da:d8:79
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message Option 53, length 1: Request
	    Parameter-Request Option 55, length 6: 
	      Subnet-Mask, Default-Gateway, Domain-Name-Server, Domain-Name
	      Option 119, Option 252
	    MSZ Option 57, length 2: 1500
	    Client-ID Option 61, length 7: ether 5c:f9:38:da:d8:79
	    Requested-IP Option 50, length 4:
	    Lease-Time Option 51, length 4: 7776000
	    Hostname Option 12, length 15: "FamilyRAppleTV2"

	Take a look if you haven't studied this traffic.  Keep in mind what
this may do to the basic-1mbs rates supported on 802.11 radios and
how a large broadcast domain with lots of fe80:: traffic for NDP
will cause RF congestion due to speed changes.

	- Jared

Jared Mauch  | pgp key available via finger from
clue++;      |  My statements are only mine.