IETF Logo Mail Archive

Re: privacy in ipv6 ?

joel jaeggli <joelja@bogus.com> Tue, 16 August 2016 15:59 UTC

Return-Path: <joelja@bogus.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 488DF12D8AC for <ietf@ietfa.amsl.com>; Tue, 16 Aug 2016 08:59:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.147
X-Spam-Level:
X-Spam-Status: No, score=-8.147 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.247] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VI6Ih4bc_orI for <ietf@ietfa.amsl.com>; Tue, 16 Aug 2016 08:59:23 -0700 (PDT)
Received: from nagasaki.bogus.com (nagasaki.bogus.com [IPv6:2001:418:1::81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC1D712D8A3 for <ietf@ietf.org>; Tue, 16 Aug 2016 08:59:23 -0700 (PDT)
Received: from mbp.local ([IPv6:2601:647:4201:9e61:18:1f25:f650:4111]) (authenticated bits=0) by nagasaki.bogus.com (8.15.2/8.15.2) with ESMTPSA id u7GFxMYs069591 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 16 Aug 2016 15:59:22 GMT (envelope-from joelja@bogus.com)
X-Authentication-Warning: nagasaki.bogus.com: Host [IPv6:2601:647:4201:9e61:18:1f25:f650:4111] claimed to be mbp.local
Subject: Re: privacy in ipv6 ?
To: Gigablast <gigablast@mail.com>, ietf@ietf.org
References: <RT-Ticket-133239@www.ietf.org/rt> <5787D61E.8080000@mail.com> <rt-4.0.8-10907-1470931216-1570.133239-6-0@www.ietf.org/rt> <57B245C9.2070309@mail.com>
From: joel jaeggli <joelja@bogus.com>
Message-ID: <42a2d1e0-1b25-2e23-c609-b91050649789@bogus.com>
Date: Tue, 16 Aug 2016 08:59:22 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Thunderbird/47.0
MIME-Version: 1.0
In-Reply-To: <57B245C9.2070309@mail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/dAwxBNeL8aroplrE9OxqBYztG5c>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Aug 2016 15:59:26 -0000

The source address is a locator used to address the ip packets the
server returns to the initiator. Short of encapsulation such that you
have an unmolested inner ip header the recipient is in need of the
source address. the same applies to ipv4 of course so there's nothing
special about that. reading between the lines I think you're assuming
some kind of reversable path transformation but forward and reverse
paths cannot in general be assumed to be symmetric especially if you
change it mid-flight.

You might explore onion routing, as employed by tor or as a more general
topic https://en.wikipedia.org/wiki/Onion_routing as that methodology
specifies the path to be taken to exit as well as an encapsulating
layers to be stripped off at each hop.

joel

On 8/15/16 3:44 PM, Gigablast wrote:
> hi,
>
> would it be possible to insert some kind of 'privacy' flag into each
> data packet in IPv6
> so that the originating IP address would be scrambled at each router hop?
> (kinda like how NAT works, but on internet backbone routers)
>
> websites and other services that would be afraid of 'attacks' could
> opt out
> and just drop such packets.
>
> just wondering if something like this is already in production or if it
> would be something interesting, because a lot of people are more and more
> concerned with privacy and do not want to be traced by their
> IP address. furthermore, this might help bolster net neutrality.
>
> i run a small search engine and can't compete with google/bing because
> a small handfull of providers (cloudflare, etc.) are blocking my
> legitimate crawler from
> millions of the top websites.
>
>
> matt
>

v2.15.0 | Report a Bug | By Email