IETF Logo Mail Archive

Re: [Int-area] IPv4 address sharing abuse [was RE: draft-boucadair-intarea-nat-reveal-analysis]

<mohamed.boucadair@orange-ftgroup.com> Fri, 09 September 2011 05:39 UTC

Return-Path: <mohamed.boucadair@orange-ftgroup.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 169F721F8B18 for <int-area@ietfa.amsl.com>; Thu, 8 Sep 2011 22:39:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.174
X-Spam-Level:
X-Spam-Status: No, score=-3.174 tagged_above=-999 required=5 tests=[AWL=0.074, BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_LOW=-1, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2vAGe6kgEJ7q for <int-area@ietfa.amsl.com>; Thu, 8 Sep 2011 22:39:11 -0700 (PDT)
Received: from relais-inet.francetelecom.com (relais-ias91.francetelecom.com [193.251.215.91]) by ietfa.amsl.com (Postfix) with ESMTP id 3981C21F8A7A for <int-area@ietf.org>; Thu, 8 Sep 2011 22:39:11 -0700 (PDT)
Received: from omfedm08.si.francetelecom.fr (unknown [xx.xx.xx.4]) by omfedm11.si.francetelecom.fr (ESMTP service) with ESMTP id 70DD33B45A7; Fri, 9 Sep 2011 07:41:04 +0200 (CEST)
Received: from PUEXCH81.nanterre.francetelecom.fr (unknown [10.101.44.34]) by omfedm08.si.francetelecom.fr (ESMTP service) with ESMTP id 581F1238087; Fri, 9 Sep 2011 07:41:04 +0200 (CEST)
Received: from PUEXCB1B.nanterre.francetelecom.fr ([10.101.44.7]) by PUEXCH81.nanterre.francetelecom.fr ([10.101.44.34]) with mapi; Fri, 9 Sep 2011 07:41:03 +0200
From: mohamed.boucadair@orange-ftgroup.com
To: SM <sm@resistor.net>, Francis Dupont <Francis.Dupont@fdupont.fr>
Date: Fri, 09 Sep 2011 07:41:02 +0200
Thread-Topic: [Int-area] IPv4 address sharing abuse [was RE: draft-boucadair-intarea-nat-reveal-analysis]
Thread-Index: AcxuV+cakz2Xx8LsSlOev/9Q7aGGvwAWi4EA
Message-ID: <94C682931C08B048B7A8645303FDC9F351674478BB@PUEXCB1B.nanterre.francetelecom.fr>
References: <Your message of Tue, 06 Sep 2011 16:37:19 PDT. <06f201cc6ced$f0d14fc0$d273ef40$@com> <201109081729.p88HTVnc092622@givry.fdupont.fr> <6.2.5.6.2.20110908113731.0a218a98@resistor.net>
In-Reply-To: <6.2.5.6.2.20110908113731.0a218a98@resistor.net>
Accept-Language: fr-FR
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: fr-FR
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-PMX-Version: 5.5.9.395186, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2011.9.9.1215
Cc: "int-area@ietf.org" <int-area@ietf.org>
Subject: Re: [Int-area] IPv4 address sharing abuse [was RE: draft-boucadair-intarea-nat-reveal-analysis]
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/int-area>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Sep 2011 05:39:12 -0000

Dear SM,

The HOST_ID can enclose the origin source IPv4 address, IPv6 address, IPv6 prefix, vlan, random value, etc. The only requirement on the HOST_ID is as mentioned in the I-D:

        "It must be unique to each host under the same
        IP address.  It does not need to be globally unique.  Of course,
        the combination of the (public) IPv4 source address and the
        identifier (i.e., HOST_ID) ends up being relatively unique.  As
        unique as today's 32-bit IPv4 addresses which, today, can change
        when a host re-connects."

As such the HOST_ID does not reveal other information than the source IP address if there is no NAT in the path. 

According to draft-morris-privacy-considerations-03, 

   "The following list contains examples of information that may be
   considered personal data:

   o  Name

   o  Address information

   o  Phone numbers, email addresses, SIP/XMPP URIs, other identifiers

   o  IP and MAC addresses or other host-specific persistent identifiers
      that consistently links to a particular person or small, well-
      defined group of people

   o  Information identifying personally owned property, such as vehicle
      registration number"

IP addresses and host-specific persistent identifiers are on the same level and may be considered as personal data. This is why we have the following in the draft:

  "If the HOST_ID is persistent it may be used to track a host (similar to
   persistent IP addresses)."

Cheers,
Med
 

-----Message d'origine-----
De : int-area-bounces@ietf.org [mailto:int-area-bounces@ietf.org] De la part de SM
Envoyé : jeudi 8 septembre 2011 20:48
À : Francis Dupont
Cc : int-area@ietf.org
Objet : Re: [Int-area] IPv4 address sharing abuse [was RE: draft-boucadair-intarea-nat-reveal-analysis]

Hi Francis,
At 10:29 08-09-2011, Francis Dupont wrote:
>Perhaps I repeat myself but as far as I know solutions to the
>draft-boucadair-intarea-nat-reveal-analysis problem are illegal
>at some places, in particular in European Union (and at a level
>which overrules national texts)...
>IMHO this issue should be clarified before adopting any document
>as a WG item.

Are you saying that what draft-boucadair-intarea-nat-reveal-analysis 
argues for cannot be implemented in the European Union?

As a general comment, Section 1.2 of the draft discusses about 
privacy.  I have read
draft-morris-privacy-considerations-03.  I could not find which point 
in that draft, the following is based:

   "The HOST_ID does not reveal more privacy information than what the
    source IP address does in a non-shared address environment"

Regards,
-sm 

_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area

v2.23.0 | Report a Bug | By Email