RE: Gen-ART LC review: draft-ietf-dhc-dhcpv6-privacy-03
"Bernie Volz (volz)" <volz@cisco.com> Mon, 15 February 2016 21:37 UTC
Return-Path: <volz@cisco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F4271ACDC0; Mon, 15 Feb 2016 13:37:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.507
X-Spam-Level:
X-Spam-Status: No, score=-14.507 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.006, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id utnsW-9Y5ESe; Mon, 15 Feb 2016 13:37:04 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9C0B1A8A11; Mon, 15 Feb 2016 13:37:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4176; q=dns/txt; s=iport; t=1455572223; x=1456781823; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=MFF5iZm8BBKuo1/0fOwLfRT7oMpNXb59o4aThW3JTCo=; b=fMwDe7HU7TQCPxlsKABYKzpJ7drjbbFEsUvBaLICJOz1DvVdlFVQfW5j T+trDz5WWjdt7G51jehjAaFAr8SH7H0bhecH3FDpGihv1w4abOlgLFC68 yOKhQXiErIrnYW0O0xgS7VdddUGgZeZNtoWqP8S6JWlZNhPMlN09XwvWJ M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ACAgCNRMJW/4MNJK1egzqBPwa6FgENgWeGDQIcgRw4FAEBAQEBAQGBCoRBAQEBBCMRUQQCAQgOAwQBAQMCIwMCAgIfERQBCAgCBAESCId9AxKoTYoDDYRWAQEBAQEBAQEBAQEBAQEBAQEBAQEBFXuIUHuCN4FjgxiBOgWWeQGLYYFsgWOEQ4hVhn6HPwEeAQFCg2Nqh1N8AQEB
X-IronPort-AV: E=Sophos;i="5.22,452,1449532800"; d="scan'208";a="76362276"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 15 Feb 2016 21:37:02 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by alln-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id u1FLb2sQ021426 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 15 Feb 2016 21:37:02 GMT
Received: from xch-aln-003.cisco.com (173.36.7.13) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Mon, 15 Feb 2016 15:37:02 -0600
Received: from xch-aln-003.cisco.com ([173.36.7.13]) by XCH-ALN-003.cisco.com ([173.36.7.13]) with mapi id 15.00.1104.009; Mon, 15 Feb 2016 15:37:01 -0600
From: "Bernie Volz (volz)" <volz@cisco.com>
To: Robert Sparks <rjsparks@nostrum.com>, Tomek Mrugalski <tomasz.mrugalski@gmail.com>, General Area Review Team <gen-art@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "dhcwg@ietf.org" <dhcwg@ietf.org>, "draft-ietf-dhc-dhcpv6-privacy.all@ietf.org" <draft-ietf-dhc-dhcpv6-privacy.all@ietf.org>
Subject: RE: Gen-ART LC review: draft-ietf-dhc-dhcpv6-privacy-03
Thread-Topic: Gen-ART LC review: draft-ietf-dhc-dhcpv6-privacy-03
Thread-Index: AQHRaDHdLqFZqGv4dUC+QRkipz148J8uACIA//+gK0A=
Date: Mon, 15 Feb 2016 21:37:01 +0000
Message-ID: <3990c04ce860428ab90d0142102b7bfc@XCH-ALN-003.cisco.com>
References: <56B0DBA3.2050406@nostrum.com> <56C238F8.4040400@gmail.com> <56C23FE6.5000207@nostrum.com>
In-Reply-To: <56C23FE6.5000207@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.98.1.200]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/Cd4r9VWyD6f1MHD9jQ2amhk-DKg>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Feb 2016 21:37:05 -0000
Perhaps we should get away from whether something is easy or difficult to implement or whether the algorithm may be more (or less) efficient. I think the point of this material is to ENCOURAGE random assignment rather than sequential to improve privacy- so keep it at that. Let implementers worry about how efficient an algorithm is? - Bernie -----Original Message----- From: Robert Sparks [mailto:rjsparks@nostrum.com] Sent: Monday, February 15, 2016 4:15 PM To: Tomek Mrugalski <tomasz.mrugalski@gmail.com>; General Area Review Team <gen-art@ietf.org>; ietf@ietf.org; dhcwg@ietf.org; draft-ietf-dhc-dhcpv6-privacy.all@ietf.org Subject: Re: Gen-ART LC review: draft-ietf-dhc-dhcpv6-privacy-03 Hi Tomek - Thanks for these edits. My points are all addressed, though I wish to push a little more on changing the focus of the following in the document: On 2/15/16 2:45 PM, Tomek Mrugalski wrote: <snip/> > >> In section 4.3, the paragraph on Random allocation comments on the >> poor performance of a specific simplistic implementation of random >> selection. More efficient algorithms exist. But the discussion is >> mostly irrelevant to the document. Please simplify this paragraph to >> focus on the benefits of random allocation. > I somewhat disagree. First, there are more efficient algorithms known, > but they are not always used. This document is a analysis, so we tried > to provide an analysis of what's actually happening in actual > implementations. In an ideal world where privacy is the top priority > every implementation would use truly random allocation using hardware > entropy generators. Sadly, the reality of DHCP servers market is that > performance matters a lot. Lowered performance is a price for better > privacy. This fact directly affects DHCP server implementors, which > are the target audience for this document. These are my arguments why > the discussion about performance penalty is there and should stay in my opinion. Then I suggest this variation: "In deployed systems, address allocation strategies such as choosing the next sequentially available address are chosen over strategies such as pseudo-random allocation across the available address pool because the latter are more difficult to implement efficiently." To be very clear (and I do _not_ want to put this discussion in the document), an implementation could keep a structure (probably a linked-list) of blocks of unallocated addresses, and very efficiently select an address pseudo-randomly from the addresses in that structure, modifying the structure to make the next selection just as efficient (similarly modifying the structure when addresses are returned to the pool). This would not have the performance degradation that the simple strategy you currently discuss has. While they're entertaining, I think discussing _either_ way of approaching such a random selection algorithm distracts the reader from the point of understanding the privacy implications. > > <snip/> RjS
- Gen-ART LC review: draft-ietf-dhc-dhcpv6-privacy-… Robert Sparks
- Re: Gen-ART LC review: draft-ietf-dhc-dhcpv6-priv… Robert Sparks
- RE: Gen-ART LC review: draft-ietf-dhc-dhcpv6-priv… Bernie Volz (volz)
- Re: Gen-ART LC review: draft-ietf-dhc-dhcpv6-priv… Robert Sparks
- Re: [Gen-art] Gen-ART LC review: draft-ietf-dhc-d… Fernando Gont
- Re: Gen-ART LC review: draft-ietf-dhc-dhcpv6-priv… Tomek Mrugalski
- Re: Gen-ART LC review: draft-ietf-dhc-dhcpv6-priv… Tomek Mrugalski
- RE: [Gen-art] Gen-ART LC review: draft-ietf-dhc-d… Bernie Volz (volz)
- Gen-Art review: draft-ietf-dhc-dhcpv6-privacy-04 Robert Sparks
- Re: [dhcwg] Gen-Art review: draft-ietf-dhc-dhcpv6… Jari Arkko