Re: [dhcwg] IETF-93 Follow Up - draft-ietf-dhc-stable-privacy-addresses (Respond by Aug 11, 2015)

Christian Huitema <huitema@microsoft.com> Fri, 31 July 2015 19:34 UTC

Return-Path: <huitema@microsoft.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FDC01B34BC for <dhcwg@ietfa.amsl.com>; Fri, 31 Jul 2015 12:34:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ziI1J6jh5qy0 for <dhcwg@ietfa.amsl.com>; Fri, 31 Jul 2015 12:34:09 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0146.outbound.protection.outlook.com [65.55.169.146]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8BC91B2F42 for <dhcwg@ietf.org>; Fri, 31 Jul 2015 12:34:08 -0700 (PDT)
Received: from DM2PR0301MB0656.namprd03.prod.outlook.com (10.160.96.18) by DM2PR0301MB0751.namprd03.prod.outlook.com (10.160.97.147) with Microsoft SMTP Server (TLS) id 15.1.225.19; Fri, 31 Jul 2015 19:34:06 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com (10.160.96.17) by DM2PR0301MB0656.namprd03.prod.outlook.com (10.160.96.18) with Microsoft SMTP Server (TLS) id 15.1.225.19; Fri, 31 Jul 2015 19:34:06 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com ([10.160.96.17]) by DM2PR0301MB0655.namprd03.prod.outlook.com ([10.160.96.17]) with mapi id 15.01.0219.023; Fri, 31 Jul 2015 19:34:06 +0000
From: Christian Huitema <huitema@microsoft.com>
To: Fernando Gont <fgont@si6networks.com>, Tomek Mrugalski <tomasz.mrugalski@gmail.com>, "Bernie Volz (volz)" <volz@cisco.com>, "dhcwg@ietf.org" <dhcwg@ietf.org>
Thread-Topic: [dhcwg] IETF-93 Follow Up - draft-ietf-dhc-stable-privacy-addresses (Respond by Aug 11, 2015)
Thread-Index: AdDKIzbWOiOjvN2OTF2YqQPPD6D7kQAAxomAAFvWmwAACAoacA==
Date: Fri, 31 Jul 2015 19:34:06 +0000
Message-ID: <DM2PR0301MB0655ABDEDC12A4DD294E75C4A88A0@DM2PR0301MB0655.namprd03.prod.outlook.com>
References: <489D13FBFA9B3E41812EA89F188F018E1CB90384@xmb-rcd-x04.cisco.com> <55B91127.9020403@gmail.com> <55BB7978.3030805@si6networks.com>
In-Reply-To: <55BB7978.3030805@si6networks.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: si6networks.com; dkim=none (message not signed) header.d=none;
x-originating-ip: [2001:4898:80e8:7::5ab]
x-microsoft-exchange-diagnostics: 1; DM2PR0301MB0656; 5:px6xRZMNJehVycxOenD6f/zKXb2upGhf6/9dES2+YTxRmfgaOfeh3i4UF2Q55BywEXAOiwFNhoBXzlugp+/Ym3AvSRwSvZU1s2/5BnttRZnqw81g0DYmYnDgouUYAFhLQ+WjCyiNBRLGt7EA0gfLZA==; 24:knzx3lcYpVyv/jOBlBzUFIUEezgfM46mBu2mnBPiuUbC+qG11f9Ab7Mu4qN874lfKyaE7X4TiSR5C6fin+U+EJ93thXHhBfcAPQnBYXcdSc=; 20:9Z9aNv9pwAz5y6s2D/k802Wxdj5HbT7SbNje7lLOctAPphVgpOgMz1jN31Xwf5rcqk0fzU1Lv82HTz+nkx3XFA==
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0656; UriScan:; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0751;
dm2pr0301mb0656: X-MS-Exchange-Organization-RulesExecuted
x-microsoft-antispam-prvs: <DM2PR0301MB0656BFF943A6A0FE29D04255A88A0@DM2PR0301MB0656.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:DM2PR0301MB0656; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0656;
x-forefront-prvs: 0654257CF5
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(24454002)(377454003)(479174004)(122556002)(50986999)(40100003)(76176999)(77156002)(86362001)(10090500001)(87936001)(2656002)(46102003)(230783001)(54356999)(62966003)(102836002)(77096005)(33656002)(2950100001)(2900100001)(92566002)(99286002)(5002640100001)(5003600100002)(74316001)(2501003)(5001960100002)(5001770100001)(76576001)(189998001)(107886002)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0656; H:DM2PR0301MB0655.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jul 2015 19:34:06.1999 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0656
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0301MB0751; 2:CrOwS4xDxX8FMX56PyiQJfsF+HmdG4r/x72gd87exUpvXhiWt4lPhq2ydYDJXT5HlWgOKqaplY+5FmnXRKPGyaoZPZEhT+TcMZym6r2h5EYRjGhEx6QO2eSay0ghP40frS0tCufJSffwKnjKUXAvMq39cO8NsKhpUZyakcNrGc8=; 3:czQkCJcNUsxtnwOGFg/pk+Pj4zRvKRonUkVVEmtlI6RpW5tWGV/V55lu9llg6trlzQAUz1qR2p2hVjJY+Rsa8FkFH/Udwwo+qPYzc1SojqkhOmTcJzpuEvMF8XrFlTiL+T66mTvnBtBJQkrqIJNVDw==; 25:F5z/HnkZ2zvzK3N0lAmovkxFu3Rkdot7zLIfosebFVNC4sHHd7Ksa9GpYP3l8+tWRrPVJfs813CLXKxNdWXKub1t2iAMKNS9Tn1kW5O3JM1U9BEtZlBy8XpjPWjPTziWt2MKwuDSW5gZII5C2GEfvEpbxXHkxFa5fZni2hQc1WBgXmUlji41nlIC7tZfzz/usgrDkLwu61UiBIkw5iYfjGj3ZuVOpVMjFw8cXJxcopNsaK4gcR3b4T0fq2N5HExFzDxEElypmrMZQD7dsKq3+Q==
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0301MB0751; 20:9c6szz5poaW5yAhh231I1E3WY8PnUjZmCuKo0yyZ+qeXQeSmYKygW7jD02vX4If6ImDh6v3+gbhhcyyvKbPRv3lU7Xnyp8KlSWHgIVJtn2ySUlpzhcSsVbx/r4XS6BypLWpUaiwcjyNSvbo6k+Ut5ZGR/jfUOarKhPH0Fvz/v1kIQNEB2u/sjqsNWtWK5NAwFVq0c+yKxmmbXbYLeWK1u7M8j1zWoq3Mmq6pcAVJtHpIz42tSBqZNnvYuavlpC3tSZ3EZJE31MLAiBvA828xp68auT7ZEhpq0FrntT6qxb53S6En+rzo8YUtLpH/fllorSIFZ35LGWHpBnoQeLwV2PdWA87215YPPMm+bmt95Nwws6mrPMv1yLN+XzPzFjxnan2gOk0gLA6VbKIHJCZ2m9AOSKeVhLBiqvwHrt+MqPDiq9+mQM0f+8N9kN7fbKfEp+MkZ++I72uiL5ROI7w+FOh0OP6fxZHm41UULYo0zfums5NWGI6VD4XSh4eg8y/Y; 23:hKTLZpPO+GnEfCjWYeP5POSdlFouUWdZ8b0tGA2oLB+dNaCn65TbgjZju0jCoqiBCG/LWYqE24VxB4Fjkl2Hjt8qiCx7JpVmhDdcMr7xdShikiS1X0v3mQHWJfitQB1Ugm4lHQusj7Dh7Cadgs+fJzolFgg6hWX1o0+NURXuJO2pHE/diZIQ/r5eNp+KazYs1Zv/sx2pDo9+WppHiLnj8mgi0BkNM9ijfJ5zshUCRAHTJ55NS9JaiqT2Xx7NpN1N
DM2PR0301MB0751: X-MS-Exchange-Organization-RulesExecuted
X-OriginatorOrg: microsoft.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/4zYHTadYZDJj97KIC83yS1u6O_0>
Subject: Re: [dhcwg] IETF-93 Follow Up - draft-ietf-dhc-stable-privacy-addresses (Respond by Aug 11, 2015)
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2015 19:34:10 -0000

On Friday, July 31, 2015 6:35 AM, Fernando Gont wrote:
> 
> On 07/29/2015 07:45 PM, Tomek Mrugalski wrote:
> ...
> > But my strongest objection to it is that privacy and stable do not mix
> > well.
> 
> It all depends on what you mean by privacy. Here were *aiming* to allow to
> activity correlation within the same network. It's a goal, not a flaw. If what
> bothers you is the use of "privacy" in the title, please say so.

By definition, stable addresses allow for tracking over time, which is the antinomy of privacy.

> > The general consensus seems be that changing MAC addresses and all
> > associated identifiers over time is the way to go. That's what the
> > anonymity profile and other associated work in other WGs is proposing.
> > Had we published this draft, it would be confusing for vendors what
> > the recommendation for privacy is: randomize MAC addresses or go with
> > stable privacy addresses. Based on that I'm in favor of dropping this work.
> 
> Has anyone really assessed everything that could go wrong with randomized
> MAC addresses?  -- THink of SAVI and other first-hop-secuity mechanisms, issues
> with the ND cache, etc.

There are certainly environments where administrators will require users to give up privacy so the network can be controlled more efficiently. But it is very obvious that if you want privacy, you do not want to use stable identifiers.

That's particularly true for the identifiers used at the MAC layer of wireless networks. They can be monitored by just listening to the airwaves. Keeping them constant implies "stable tracking." But it is also true for identifiers embedded in IPv6 addresses.

-- Christian Huitema