Re: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard

Lorenzo Colitti <lorenzo@google.com> Sat, 13 February 2016 07:37 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F9B41B2DF2 for <ietf@ietfa.amsl.com>; Fri, 12 Feb 2016 23:37:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ekMKaI1szub for <ietf@ietfa.amsl.com>; Fri, 12 Feb 2016 23:37:34 -0800 (PST)
Received: from mail-yw0-x234.google.com (mail-yw0-x234.google.com [IPv6:2607:f8b0:4002:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C23391B2DED for <ietf@ietf.org>; Fri, 12 Feb 2016 23:37:33 -0800 (PST)
Received: by mail-yw0-x234.google.com with SMTP id u200so81798932ywf.0 for <ietf@ietf.org>; Fri, 12 Feb 2016 23:37:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=WUcUeZgYrLHOEojfvz1nO1TkhU41qVvD4Gno95djcpc=; b=kcmivCmQcdKM/x3gE8pPS+J68HtY8kuhCRWePqmu/TIZFFkFyZ2KJ8bYRBo+BEXSMt hNwA+SJ0RqGWkTw7Lnq6LcdY5fYfyZGM+RaTdVA3Ad55sCsXwe86+EoxXG+PHsobD+5R EonvQNJcHeGUdxjPL0G06s3nfTHDNDn5G4ztuiLiTcI5iplSEdVg3YykkBnO4SF66Vxm dF7fqXku0RRQVixGEkXEyUROXDmcNQgCbME+k4nu+QH4L60f4lLhWB5/6SYvEIP6waHP 2ONPoOpGM9ebLSYfZIAYXEoJNT6EwP6dFmL09u4DUvG0EhHba15RHiaHMZy7D2D9hblM JYAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=WUcUeZgYrLHOEojfvz1nO1TkhU41qVvD4Gno95djcpc=; b=AFpkbEsMdZtFabxC9iDs8HYiQKTnGMPn/8LDyadgE4joiPh3rQiW3Z01DgxqftpoDx hEwpKY7RmuBav2ZrKbcRFHghblD2aRG0tPDk+Fpjzfzh++1OevltTVbm+7en34m1VWrB 4zodslMVyz7xfWx8cSdXrZRdElLvWqUGlNi5pQE71HYdCnR8iAaOK2ochUjHnhH/OKZF AqoM1QPl9jWp4WNAvXD8PWiJrxZjPqQn6kEYMp/9psjOwc1Bn8C46/BSrhmY/qAAK8i5 Tj2LGYuiLLMcBKCzIRD6xQmCyT5k56TWwnSZmIPwljNQhCUxniN88JF8DKC8ftPHMdPa GK0A==
X-Gm-Message-State: AG10YORvPTvVMrckHJqg3D23ipxLTWdVVPNAsXF3BgnqaEcuL5f9In0pj+LWBx/d+DMy0jghV5ZtcV06WmV7zgW5
X-Received: by 10.129.96.213 with SMTP id u204mr3318549ywb.307.1455349052885; Fri, 12 Feb 2016 23:37:32 -0800 (PST)
MIME-Version: 1.0
Received: by 10.37.13.204 with HTTP; Fri, 12 Feb 2016 23:37:13 -0800 (PST)
In-Reply-To: <56BE598F.1010906@gmail.com>
References: <20160201142413.30288.23248.idtracker@ietfa.amsl.com> <CAJE_bqc8asj-i4FkzT2Oc-=atZasAr1cCDUpdNaJ_wOwkRcm1A@mail.gmail.com> <2134F8430051B64F815C691A62D983183396786F@XCH-BLV-105.nw.nos.boeing.com> <0ee601d165e1$f7e59400$e7b0bc00$@huitema.net> <56BE598F.1010906@gmail.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Sat, 13 Feb 2016 08:37:13 +0100
Message-ID: <CAKD1Yr2yE8219QsVT7mLKUh49xj+cy3BZpvgrxuXJv4HzmARvw@mail.gmail.com>
Subject: Re: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Content-Type: multipart/alternative; boundary=001a114926e852cb5d052ba1db4b
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/5mGN6IyS4IjuPTYjqB4sOOCLMVQ>
Cc: IETF Discussion <ietf@ietf.org>, dhc-chairs@ietf.org, =?UTF-8?B?56We5piO6YGU5ZOJ?= <jinmei@wide.ad.jp>, Christian Huitema <huitema@huitema.net>, draft-ietf-dhc-anonymity-profile@ietf.org, "dhcwg@ietf.org" <dhcwg@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Feb 2016 07:37:35 -0000

 On Fri, Feb 12, 2016 at 11:15 PM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> > Yes. Also, we can add text explaining that once these problems are better
> > understood and the IETF agrees on the proper way to handle anonymous
> prefix
> > delegation, clients MAY use the agreed upon solution. Which is kind of
> > redundant, but if you guys prefer it that way, why not.
>
> To be clear, I don't have a strong opinion on this; it simply seemed like
> something the IPv6 community should be aware of before it ends up in an
> RFC.
> I also noticed this morning that it might impact
> draft-ietf-v6ops-host-addr-availability.
>

+1 to the other comments here.

I see no reason why prefix delegation should be worse for anonymity than
address assignment. In fact, using prefix delegation instead of address
assignments provides benefits for anonymity against off-link attackers,
because delegating a prefix to a client allows that client to use many
different addresses (potentially, even a different address for every remote
host it connects to, or a different address for every new TCP connection).

As Brian says, there are many other reasons why a network would want to
provide a dedicated prefix to the host;
see draft-ietf-v6ops-host-addr-availability .

I would instead say something like:

====
The anonymity properties of DHCPv6 Prefix Delegation, which use IA_PD
identity associations, are similar to those of of DHCPv6 address assignment
using IA_NA identity associations.

Because current host OS implementations do not typically request prefixes,
clients that wish to use DHCPv6 PD - just like clients that wish to use any
DHCP or DHCPv6 option that is not currently widely used - should recognize
that doing so will serve as a form of fingerprinting unless or until client
use of DHCPv6 PD becomes more widespread.
====