Re: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard

[Lorenzo Colitti <lorenzo@google.com>]

 On Fri, Feb 12, 2016 at 11:15 PM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> > Yes. Also, we can add text explaining that once these problems are better
> > understood and the IETF agrees on the proper way to handle anonymous
> prefix
> > delegation, clients MAY use the agreed upon solution. Which is kind of
> > redundant, but if you guys prefer it that way, why not.
>
> To be clear, I don't have a strong opinion on this; it simply seemed like
> something the IPv6 community should be aware of before it ends up in an
> RFC.
> I also noticed this morning that it might impact
> draft-ietf-v6ops-host-addr-availability.
>

+1 to the other comments here.

I see no reason why prefix delegation should be worse for anonymity than
address assignment. In fact, using prefix delegation instead of address
assignments provides benefits for anonymity against off-link attackers,
because delegating a prefix to a client allows that client to use many
different addresses (potentially, even a different address for every remote
host it connects to, or a different address for every new TCP connection).

As Brian says, there are many other reasons why a network would want to
provide a dedicated prefix to the host;
see draft-ietf-v6ops-host-addr-availability .

I would instead say something like:

====
The anonymity properties of DHCPv6 Prefix Delegation, which use IA_PD
identity associations, are similar to those of of DHCPv6 address assignment
using IA_NA identity associations.

Because current host OS implementations do not typically request prefixes,
clients that wish to use DHCPv6 PD - just like clients that wish to use any
DHCP or DHCPv6 option that is not currently widely used - should recognize
that doing so will serve as a form of fingerprinting unless or until client
use of DHCPv6 PD becomes more widespread.
====