Re: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard

Brian Haberman <brian@innovationslab.net> Tue, 16 February 2016 12:29 UTC

Return-Path: <brian@innovationslab.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 224381B3503; Tue, 16 Feb 2016 04:29:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UQRgznjaMPu6; Tue, 16 Feb 2016 04:29:32 -0800 (PST)
Received: from uillean.fuaim.com (uillean.fuaim.com [206.197.161.140]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6FB91B3587; Tue, 16 Feb 2016 04:29:21 -0800 (PST)
Received: from clairseach.fuaim.com (clairseach-high.fuaim.com [206.197.161.158]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by uillean.fuaim.com (Postfix) with ESMTP id 858DF880E6; Tue, 16 Feb 2016 04:29:21 -0800 (PST)
Received: from clemson.local (unknown [76.21.129.88]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by clairseach.fuaim.com (Postfix) with ESMTP id 9C1E5328081A; Tue, 16 Feb 2016 04:29:20 -0800 (PST)
Subject: Re: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard
To: Christian Huitema <huitema@huitema.net>, 'Lorenzo Colitti' <lorenzo@google.com>, 'IETF Discussion' <ietf@ietf.org>
References: <20160201142413.30288.23248.idtracker@ietfa.amsl.com> <CAKD1Yr11tEDEPXkUWj4g_-wL=AgYRu7LYrOkgobEMtwOW4CpEA@mail.gmail.com> <003001d1687a$926ab2e0$b74018a0$@huitema.net>
From: Brian Haberman <brian@innovationslab.net>
Message-ID: <56C3161F.3070301@innovationslab.net>
Date: Tue, 16 Feb 2016 07:29:19 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <003001d1687a$926ab2e0$b74018a0$@huitema.net>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="9Oqtq3oE4GsVB19rgH23Jr5M2BBDHnN9Q"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/LdviEcAKDj8AD--zOMr_P3lLk_E>
Cc: dhc-chairs@ietf.org, iesg@ietf.org, draft-ietf-dhc-anonymity-profile@ietf.org, dhcwg@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2016 12:29:33 -0000


On 2/16/16 12:26 AM, Christian Huitema wrote:
> On Monday, February 15, 2016 6:53 PM, Lorenzo Colitti wrote:
>>
>> It's true that this profile mitigates the amount of information that can be collected. 
>> But in IPv6 we have other configuration methods - such as SLAAC - that broadcast 
>> way less information than stateless DHCPv6, which in turn broadcasts less information 
>> than stateless DHCPv6.
>>
>> This document should recognize that at least on IPv6-only networks, it is an option 
>> not to use DHCP at all, and that option has substantial privacy benefits that are in 
>> many cases above what this profile can provide.
> 
> Well, section 4 of draft-ietf-dhc-anonymity-profile-07 says:
> 
>    The choice between the stateful and stateless scenarios depends on
>    flag and prefix options published by the "Router Advertisement"
>    messages of local routers, as specified in [RFC4861].  When these
>    options enable stateless address configuration hosts using the
>    anonymity profile SHOULD choose it over stateful address
>    configuration, because stateless configuration requires fewer	
>    information disclosures than stateful configuration.
> 
> That seems pretty close from what you want, at least as far as "stateful DHCPv6" is concerned.

I would agree that the above text covers what I interpret as Lorenzo's
concern.

Regards,
Brian