[dhcwg] draft-ietf-dhc-stable-privacy-addresses discussion summary

Tomek Mrugalski <tomasz.mrugalski@gmail.com> Thu, 03 September 2015 19:09 UTC

Return-Path: <tomasz.mrugalski@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74EC01B309A for <dhcwg@ietfa.amsl.com>; Thu, 3 Sep 2015 12:09:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CM55W0fAosAd for <dhcwg@ietfa.amsl.com>; Thu, 3 Sep 2015 12:09:15 -0700 (PDT)
Received: from mail-la0-x233.google.com (mail-la0-x233.google.com [IPv6:2a00:1450:4010:c03::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66DE31B371B for <dhcwg@ietf.org>; Thu, 3 Sep 2015 12:06:35 -0700 (PDT)
Received: by lagj9 with SMTP id j9so35702208lag.2 for <dhcwg@ietf.org>; Thu, 03 Sep 2015 12:06:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:references:to:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-type:content-transfer-encoding; bh=Erv61Q+XfzXreuJWRyVTTO30Cq/EJUJVPrTU9ZzUYJg=; b=i1/25tmKDizwB7myEF+VeLJk/CGDBGhcjLW+e6wznoZ6VGocntSzMbaqT3ifQEb3mc wNrhO6wB+dq+d5UsaSIBFxZQL12rq0RousPO/BmfW7w8ARpvZYpBEOcmIg4zqTItLPhT XVhTevuPexG0pLeS5DM3qFXMqGpU8Vtj1ymMpqwlQAGjw62OrkFKJuA0ranhcCdl/1Dl BfeG/SBzZO+mthibwbA0or/yH94Xoo9wBrb24qK0gu0D/iWCQAL3QxzX8Pb2Arro1Mgw scG7FwgRQUjCwZXha5rvUzi6rxlmdgOFEHZv5A+T0ubV9Jsmhy27HKlFmfR8eQvtMXNm 625w==
X-Received: by 10.152.37.130 with SMTP id y2mr16152746laj.18.1441307193628; Thu, 03 Sep 2015 12:06:33 -0700 (PDT)
Received: from [10.0.0.100] (109107011157.gdansk.vectranet.pl. [109.107.11.157]) by smtp.googlemail.com with ESMTPSA id rc1sm1123869lac.40.2015.09.03.12.06.32 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Sep 2015 12:06:32 -0700 (PDT)
References: <55E49EEE.9070604@gmail.com>
To: dhcwg <dhcwg@ietf.org>
From: Tomek Mrugalski <tomasz.mrugalski@gmail.com>
X-Forwarded-Message-Id: <55E49EEE.9070604@gmail.com>
Message-ID: <55E89A37.4080106@gmail.com>
Date: Thu, 3 Sep 2015 21:06:31 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <55E49EEE.9070604@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/iQKRFN2iRx4zqkyijBub9X-4Byg>
Subject: [dhcwg] draft-ietf-dhc-stable-privacy-addresses discussion summary
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Sep 2015 19:09:19 -0000

During DHC meeting in Prague, we had a discussion about the next steps
for draft-ietf-dhc-stable-privacy-addresses. This discussion was brought
up, because new opinions were voiced questioning the value of this work,
in particular in the light of other developments in the privacy area. A
number of possible ways forward - continue as is (std), continue as
informational, drop the work - was discussed. The consensus in the room
was to drop the work. A follow-up discussion on the mailing list
unfolded. It's now a high time to wrap up this topic, so here it goes.
After much deliberation, DHC chairs, after consulting with the
responsible AD, determined that there was a strong consensus to stop
working on draft-ietf-dhc-stable-privacy-addresses.

This is one of the toughest decisions we had to make, so I think
explaining the reasoning that led us to that decision is in order. We
feel that this solution is strongly supported by a very small number of
very active people, but the large majority of participants is against
it. There were number of arguments raised, and we'd like to summarize
the most important ones. Links to the specific discussions are included.

1. By definition, stable addresses allow for tracking over time, which
is the antinomy of privacy. This is the biggest, fundamental objection
that cannot be solved with any amount of edits. Details:
https://mailarchive.ietf.org/arch/msg/dhcwg/4zYHTadYZDJj97KIC83yS1u6O_0

2. It was claimed that "it offers a useful way to implement DHCPv6
Failover using a calculated technique rather than state-sharing". This
argument is not valid, because of possible Declines. Details:
https://mailarchive.ietf.org/arch/msg/dhcwg/wfpCAY_yZ_AdVbLnzKUIbU-MkbI

3. An issue was raised that the proposal implicitly assumes that
Declines will never happen. Addressing this would require updating
"stable" to "probabilistically stable". Details:
https://mailarchive.ietf.org/arch/msg/dhcwg/T800BcOIagprjjfxVLuLUSh8iUA

4. Given the recent focus on privacy in IETF, publishing this draft
would send a confusing message to implementors, especially in the
context of anonymity-profile work and related drafts that recommend
different approach to solving privacy issues. Details:
https://mailarchive.ietf.org/arch/msg/dhcwg/U1T77_xagStBpFoMyQJ3CJb2BhU

Several other smaller issues were raised, but they were not factored
into the assessment of the WG's willingness to continue the work.

The document will be marked dead and WG time will not be spent on it.
There are several other efforts aimed at improving privacy within DHCP
and we encourage WG participants to actively contribute to those drafts.
If you have questions about this decision, please contact the chairs or
the shepherding AD off-list.

Because of the increased concerns for privacy, we will look at the
3315bis work (draft-ietf-dhc-rfc3315bis) to see what we might want to
add about guidelines for server implementers in terms of address
generation techniques to assure privacy. We already have a ticket
related to privacy issues,
http://trac.tools.ietf.org/group/dhcpv6bis/ticket/145.

Bernie & Tomek
DHC co-chairs