Re: [dhcwg] IETF-93 Follow Up - draft-ietf-dhc-stable-privacy-addresses (Respond by Aug 11, 2015)

Fernando Gont <fgont@si6networks.com> Fri, 31 July 2015 14:02 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 768281A8865 for <dhcwg@ietfa.amsl.com>; Fri, 31 Jul 2015 07:02:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id klZQyNxJ6evu for <dhcwg@ietfa.amsl.com>; Fri, 31 Jul 2015 07:02:42 -0700 (PDT)
Received: from web01.jbserver.net (web01.jbserver.net [IPv6:2a00:8240:6:a::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5B021A8899 for <dhcwg@ietf.org>; Fri, 31 Jul 2015 07:02:41 -0700 (PDT)
Received: from [84.47.113.16] (helo=[192.168.0.6]) by web01.jbserver.net with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.85) (envelope-from <fgont@si6networks.com>) id 1ZLAtR-0000qi-Fl; Fri, 31 Jul 2015 16:02:37 +0200
Message-ID: <55BB7FF9.1060600@si6networks.com>
Date: Fri, 31 Jul 2015 16:02:33 +0200
From: Fernando Gont <fgont@si6networks.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
MIME-Version: 1.0
To: "Bernie Volz (volz)" <volz@cisco.com>, "dhcwg@ietf.org" <dhcwg@ietf.org>
References: <489D13FBFA9B3E41812EA89F188F018E1CB90384@xmb-rcd-x04.cisco.com>
In-Reply-To: <489D13FBFA9B3E41812EA89F188F018E1CB90384@xmb-rcd-x04.cisco.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/lnKT1Xqo5OIoCK9oGougXllMT6A>
Subject: Re: [dhcwg] IETF-93 Follow Up - draft-ietf-dhc-stable-privacy-addresses (Respond by Aug 11, 2015)
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2015 14:02:43 -0000

Folks,

On 07/29/2015 07:25 PM, Bernie Volz (volz) wrote:
> 
> The WG chairs are required to confirm any consensus obtained from a
> session on the WG mailing list and that is the purpose of this email.
> 
> Thus, if you do NOT agree with the intended action to mark the document
> as “dead”, please indicate so and specify why you feel this document is
> needed and whether to continue as Standards Track or Informational.
> Please respond on or before August 11^th , 2015.

I must say, as I previously noted off-list, that I'm kind of puzzled
regarding they way we are proceeding with this document.

My concern is that rather than trying to get more folks to review and
collaborate, the first option seems to have been to try to drop the
document.


FWIW, this document became a wg item a while ago. Then eventually:

* Lorenzo raised concerns about technical aspects of the document (which
were addressed and/or clarified)

* A few folks noted their skepticism regarding the value of this
document. I've noted a few times that the value is:

    1) It is a calculated technique for DHCPv6 failover (as pointed
       in RFC7031, but never specified elsewhere).

    2) Also useful in the case of CPEs that cannot maintain a lease
       database.

    3) At the same time, it specifies an algorithm for randomizing
       the IIDs.

       Steps 2-5 in Section 4 of draft-ietf-dhc-stable-privacy-
       addresses need to be performed no matter what the source of
       the random IID is (whether the hash that we employ in our
       document, or simply "random()").

       I wouldn't be surprised at all if implementations fail to
       perform some or all of steps 2-5 above if we simply provide a
       vague "just set the IID to a random value if you want to avoid
       privacy issues".

And I haven't seen anyone contending these points (other than making
rather vague comments regarding the value that this document may bring).


* My understanding before the meeting was that the main concern was that
there wasn't many people involved in discussing/progressing the I-D. So
I'd have rather seen a call for participation than a call for dropping
the I-D.

* Besides, having this document been adopted as a wg item last year, I'd
say that the onus of providing reasons regarding what to do with this
document should be on the folks arguing to drop it, rather than on folks
that may want to keep this document alive.

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492