Re: [dhcwg] IETF-93 Follow Up - draft-ietf-dhc-stable-privacy-addresses (Respond by Aug 11, 2015)

[Fernando Gont <fgont@si6networks.com>]

Tomek,

On 07/29/2015 07:45 PM, Tomek Mrugalski wrote:
> 
> With my co-chair hat off, I think this draft could have been useful
> couple years ago. It defines an allocation strategy that could be
> beneficial in certain cases. Some modern DHCP servers allow multiple
> allocation strategies and this could have been one of them. The text
> suggested that the algorithm specified is the only right way to do it.
> It is not.

Could you please point what's the offending text? -- i.e., the text that
claims that this is the only way to generate IIDs with DHCPv6?



> But my strongest objection to it is that privacy and stable do not mix
> well.

It all depends on what you mean by privacy. Here were *aiming* to allow
to activity correlation within the same network. It's a goal, not a
flaw. If what bothers you is the use of "privacy" in the title, please
say so.



> The general consensus seems be that changing MAC addresses and all
> associated identifiers over time is the way to go. That's what the
> anonymity profile and other associated work in other WGs is proposing.
> Had we published this draft, it would be confusing for vendors what the
> recommendation for privacy is: randomize MAC addresses or go with stable
> privacy addresses. Based on that I'm in favor of dropping this work.

Has anyone really assessed everything that could go wrong with
randomized MAC addresses?  -- THink of SAVI and other first-hop-secuity
mechanisms, issues with the ND cache, etc.

IMO, while probably desirable, I'd flag MAC address randomization as
"experimental" rather than "the way to go".

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492