RE: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard

"Christian Huitema" <huitema@huitema.net> Tue, 16 February 2016 05:26 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07ECF1A1DBD for <ietf@ietfa.amsl.com>; Mon, 15 Feb 2016 21:26:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.525
X-Spam-Level:
X-Spam-Status: No, score=-1.525 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_XBL=0.375] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o6ZyrxmF3cFN for <ietf@ietfa.amsl.com>; Mon, 15 Feb 2016 21:26:13 -0800 (PST)
Received: from xsmtp03.mail2web.com (xsmtp03.mail2web.com [168.144.250.223]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C21991ACF54 for <ietf@ietf.org>; Mon, 15 Feb 2016 21:26:11 -0800 (PST)
Received: from [10.5.2.31] (helo=xmail09.myhosting.com) by xsmtp03.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1aVY9J-0005x0-L9 for ietf@ietf.org; Tue, 16 Feb 2016 00:26:10 -0500
Received: (qmail 13933 invoked from network); 16 Feb 2016 05:26:08 -0000
Received: from unknown (HELO huitema1) (Authenticated-user:_huitema@huitema.net@[24.16.156.113]) (envelope-sender <huitema@huitema.net>) by xmail09.myhosting.com (qmail-ldap-1.03) with ESMTPA for <dhc-chairs@ietf.org>; 16 Feb 2016 05:26:07 -0000
From: "Christian Huitema" <huitema@huitema.net>
To: "'Lorenzo Colitti'" <lorenzo@google.com>, "'IETF Discussion'" <ietf@ietf.org>
References: <20160201142413.30288.23248.idtracker@ietfa.amsl.com> <CAKD1Yr11tEDEPXkUWj4g_-wL=AgYRu7LYrOkgobEMtwOW4CpEA@mail.gmail.com>
In-Reply-To: <CAKD1Yr11tEDEPXkUWj4g_-wL=AgYRu7LYrOkgobEMtwOW4CpEA@mail.gmail.com>
Date: Mon, 15 Feb 2016 21:26:16 -0800
Message-ID: <003001d1687a$926ab2e0$b74018a0$@huitema.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQJtbhbfm6E5go4z/5mQ+0EwmlPxoQJwz8dcneKO0vA=
Content-Language: en-us
Subject: RE: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/92p8iJTlbfNtwKOCOEgxVoIcGc8>
Cc: dhc-chairs@ietf.org, iesg@ietf.org, draft-ietf-dhc-anonymity-profile@ietf.org, dhcwg@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2016 05:26:14 -0000

On Monday, February 15, 2016 6:53 PM, Lorenzo Colitti wrote:
>
> It's true that this profile mitigates the amount of information that can be collected. 
> But in IPv6 we have other configuration methods - such as SLAAC - that broadcast 
> way less information than stateless DHCPv6, which in turn broadcasts less information 
> than stateless DHCPv6.
>
> This document should recognize that at least on IPv6-only networks, it is an option 
> not to use DHCP at all, and that option has substantial privacy benefits that are in 
> many cases above what this profile can provide.

Well, section 4 of draft-ietf-dhc-anonymity-profile-07 says:

   The choice between the stateful and stateless scenarios depends on
   flag and prefix options published by the "Router Advertisement"
   messages of local routers, as specified in [RFC4861].  When these
   options enable stateless address configuration hosts using the
   anonymity profile SHOULD choose it over stateful address
   configuration, because stateless configuration requires fewer	
   information disclosures than stateful configuration.

That seems pretty close from what you want, at least as far as "stateful DHCPv6" is concerned.

-- Christian Huitema