IETF Logo Mail Archive

Re: [Captive-portals] [Int-area] [EXTERNAL] Re: [homenet] Evaluate impact of MAC address randomization to IP applications

Christian Huitema <huitema@huitema.net> Tue, 29 September 2020 16:23 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88D223A0F25 for <captive-portals@ietfa.amsl.com>; Tue, 29 Sep 2020 09:23:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.112
X-Spam-Level:
X-Spam-Status: No, score=-2.112 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.213, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GHWwBYfL--RP for <captive-portals@ietfa.amsl.com>; Tue, 29 Sep 2020 09:23:14 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABE223A0F71 for <captive-portals@ietf.org>; Tue, 29 Sep 2020 09:22:47 -0700 (PDT)
Received: from xse475.mail2web.com ([66.113.197.221] helo=xse.mail2web.com) by mx165.antispamcloud.com with esmtp (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1kNIOo-0013WU-J6 for captive-portals@ietf.org; Tue, 29 Sep 2020 18:22:43 +0200
Received: from xsmtp21.mail2web.com (unknown [10.100.68.60]) by xse.mail2web.com (Postfix) with ESMTPS id 4C14Rj4cf9z13HM for <captive-portals@ietf.org>; Tue, 29 Sep 2020 09:22:41 -0700 (PDT)
Received: from [10.5.2.49] (helo=xmail11.myhosting.com) by xsmtp21.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1kNIOn-0008OV-HP for captive-portals@ietf.org; Tue, 29 Sep 2020 09:22:41 -0700
Received: (qmail 16658 invoked from network); 29 Sep 2020 16:22:41 -0000
Received: from unknown (HELO [192.168.1.107]) (Authenticated-user:_huitema@huitema.net@[172.58.43.238]) (envelope-sender <huitema@huitema.net>) by xmail11.myhosting.com (qmail-ldap-1.03) with ESMTPA for <int-area@ietf.org>; 29 Sep 2020 16:22:41 -0000
To: Martin Thomson <mt@lowentropy.net>, "Lee, Yiu" <Yiu_Lee@comcast.com>, "captive-portals@ietf.org" <captive-portals@ietf.org>, "homenet@ietf.org" <homenet@ietf.org>, "int-area@ietf.org" <int-area@ietf.org>
References: <20200922201317.097C3389D4@tuna.sandelman.ca> <15660.1600807202@localhost> <902400f2-9172-9581-25ab-59ad08e67bee@cs.tcd.ie> <D81695FF-973F-472D-BC0A-9B0F57278B21@comcast.com> <ca575a6b-987e-d998-2713-91e45190f5ea@cs.tcd.ie> <0A436777-D9CE-4A4C-BE45-C8C2CAB9FBF6@comcast.com> <29901277-6da1-46fc-b244-ca289005841d@www.fastmail.com>
From: Christian Huitema <huitema@huitema.net>
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= mDMEXtavGxYJKwYBBAHaRw8BAQdA1ou9A5MHTP9N3jfsWzlDZ+jPnQkusmc7sfLmWVz1Rmu0 J0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PoiWBBMWCAA+FiEEw3G4 Nwi4QEpAAXUUELAmqKBYtJQFAl7WrxsCGwMFCQlmAYAFCwkIBwIGFQoJCAsCBBYCAwECHgEC F4AACgkQELAmqKBYtJQbMwD/ebj/qnSbthC/5kD5DxZ/Ip0CGJw5QBz/+fJp3R8iAlsBAMjK r2tmyWyJz0CUkVG24WaR5EAJDvgwDv8h22U6QVkAuDgEXtavGxIKKwYBBAGXVQEFAQEHQJoM 6MUAIqpoqdCIiACiEynZf7nlJg2Eu0pXIhbUGONdAwEIB4h+BBgWCAAmFiEEw3G4Nwi4QEpA AXUUELAmqKBYtJQFAl7WrxsCGwwFCQlmAYAACgkQELAmqKBYtJRm2wD7BzeK5gEXSmBcBf0j BYdSaJcXNzx4yPLbP4GnUMAyl2cBAJzcsR4RkwO4dCRqM9CHpVJCwHtbUDJaa55//E0kp+gH
Message-ID: <af0451b1-8eae-4714-849f-d6e384dda075@huitema.net>
Date: Tue, 29 Sep 2020 09:22:41 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <29901277-6da1-46fc-b244-ca289005841d@www.fastmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
X-Originating-IP: 66.113.197.221
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 66.113.197.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=66.113.197.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.15)
X-Recommended-Action: accept
X-Filter-ID: Mvzo4OR0dZXEDF/gcnlw0Z1apovzGPsYhEeBL1aoZmqpSDasLI4SayDByyq9LIhVUZbR67CQ7/vm /hHDJU4RXkTNWdUk1Ol2OGx3IfrIJKywOmJyM1qr8uRnWBrbSAGD9NKqG/fmMP3yul5JhQOTK5aP BLMYd83MuhpCxTgKDz2nRezsSD9ggzIP81d/9RL0WmuNA8WTybi1JN85FSnfKfyrBBzCRb2oe4JC Nd2sOpeuAZSFpNKmPIWDmHyh6XPSp/2ojwWjHVrnU9l5N3uchZFVgpT1b21uZVckGp0ccOZsRgF0 wcvPx91nK3EE+9D+MzCOHPDavhUA6yQVlDyA0a5g95eyZBAGnSXepG9WpP+KeHGV1+GDbwcApRSC c9xvb9lLcno8+LMWQktE6OGVK1Cyj1RWE2fDFBwInXy3MWouNMfKNR0BJhgbBK7NDOmpQy17Ychx ni5a2VYVYiL6p0zFIS4eFFedtqTPxkQeRTOiomu5RawBHfscrcVNTNDmdXkcCRtBI89Ppivzm8CF 7foTcdRszDvfFFq71TR2vNS105zjbKsiPvrvVDH+VNpRclzFnL9mZb0jWXJhjtxPMCM76Y/SM8ga XNdGScJz4OUkZ/wD/TMMbgsGnEqUZSxCg7JpaBcrZVJBXyfQcHd7JadzQjz8ZFYlmRUNjM3bJBuD i1jwT58ciSMJFr3BrJRHtY/s/Uvv+FwuDLtpbo7237gbhIjFDhSjHjVkMDx/0PtgzpOKSmxt687c vHBXDigVPtzFNRLPZVWSDSo9y1Ikw7s02hkni945serl5nRV5ZFcFmoTrH8nT7kwnmD3gB+aNw6F lXH8EHjWuL0nDe5B5iG7X+t1TW39Ja77LGPpOwCUooiGwt/Lp2rwHpWEXc4SKIPTat9+SubgT5Jg 3eSXT/Oi6HTmY+/cXUo8ym6keVx5NKotYZMP4QxilpD1WJVxdwYWcRoGRTsLxqa8TRmmuv9qwM7R XpJS8RjTdyh2j5DIweuSooT6tSPU1x5zpUpIPziDkWQ5faPk5nJXHz00MDRj9D8HLKHAKpPGP8EP nuB53cHIFHavQpo3FUDrLYIQ
X-Report-Abuse-To: spam@quarantine11.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/ZfPUElPQEUUPPoPmUOOZdkPLvdQ>
Subject: Re: [Captive-portals] [Int-area] [EXTERNAL] Re: [homenet] Evaluate impact of MAC address randomization to IP applications
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Sep 2020 16:23:17 -0000

On 9/22/2020 5:52 PM, Martin Thomson wrote:

> There's an additional consideration that might be worth pulling out here.  And it's not an impact on network operations, it's a potential for applications that interact with these network services to undo the work of lower parts of their stack.
>
> For instance, if your device connects to the same network and the same captive portal it might open a web browser to connect to that portal.  If the web browser presents the cookies it received from the portal last time they talked, it undoes the work of the OS.
>
> Now, some implementations use these nasty browser-like things with aggressive sandboxing that don't save cookies.  That comes with other costs, but it addresses the problem up until the point that the network connection is restored and then who knows what happens once the pseudo-browser is no longer involved.
>
> Maybe that is out of scope for your draft, but it shouldn't be out of scope for a group that attempts to look more closely at providing advice for dealing with these features.
>
> (Does this thread really need to be cross-posted so widely?  Can we decide on a single venue?)


Martin is making an important point here. There are a number of privacy
enhancing technologies deployed at different layers: MAC address
randomization at L2, Privacy addresses at L3, various forms of
encryption and compartments at L4 and above. Each of these technologies
is useful by itself, but they can easily be defeated by deployment
mistakes. For example:

1) Using the same IP address with different MAC addresses negates a lot
of the benefits of randomized MAC addresses,

2) Using a private IP address provides some privacy to client
connections. However, if the same address is also used for a publicly
accessible server, a lot of the privacy benefits disappear.

3) Using a private IP address without also using a randomized MAC
address is not going to provide privacy against local observers.

4) Web cookies and other forms of web tracking are widely used to enable
surveillance. Randomizing the MAC address and the IP address without
also doing something about web tracking is not going to provide much gains.

Defining that "something about web tracking" is challenging, given
requirements for users to identify themselves to social media sites and
other services. My personal choice would be some form of compartments,
each with their own IP address and MAC address, but opinions will
probably vary. That would be a great topic for a BOF.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email