Re: [Int-area] [Captive-portals] [homenet] [EXTERNAL] Re: Evaluate impact of MAC address randomization to IP applications
Juan Carlos Zuniga <j.c.zuniga@ieee.org> Tue, 29 September 2020 20:10 UTC
Return-Path: <j.c.zuniga@ieee.org>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C7D63A113B for <int-area@ietfa.amsl.com>; Tue, 29 Sep 2020 13:10:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.298
X-Spam-Level:
X-Spam-Status: No, score=-3.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ieee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZmAN2klc4AFq for <int-area@ietfa.amsl.com>; Tue, 29 Sep 2020 13:10:41 -0700 (PDT)
Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com [IPv6:2607:f8b0:4864:20::d36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BB323A113D for <int-area@ietf.org>; Tue, 29 Sep 2020 13:10:41 -0700 (PDT)
Received: by mail-io1-xd36.google.com with SMTP id y13so6203497iow.4 for <int-area@ietf.org>; Tue, 29 Sep 2020 13:10:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=DxPESRM2XScl63SBNDAd48Y2HEIkWfmACREHiRAdr8M=; b=dzrfNG0C4T1Cm/iBPLZtSNZkugqRx7wll+VS3+yLB7Z9KVC0rn6JDvcchGfGcEPfL3 qCgwHm6Wc9a5rPHGp1iTkELodfvRBafa8JBHL3SFLIJ7fnv3B/21XfJJk3rhlAgvTtjY XML2u9HWNN9JXmSavHYchWdb8/kqYmHr4vIyo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=DxPESRM2XScl63SBNDAd48Y2HEIkWfmACREHiRAdr8M=; b=c/yvm7hHJzMfdCDUpJRfUcSVybfEIzh+On8kRvZSYxQQS6NOlJYwO+qZOboHA+/8w3 IRyLTPAG7TzRT2AMQAKTGlIEh5FBrkaunIwX0gQYsqnNj5Vx4a4KsW4r1dfrXPtxSOoY shlsPjq30qfIm4+4F8kn04f0WTsw7ficzP20WJIIE2AO1dBBprWVVsWU3OvqOlWnyeQs Io/p4u1SEKEaQsRVgLk2OLSu88U4Wqqz7sVPkqSiexKTGUQMzcNWBVUkPRbQfyczCRQ+ D5HAKasB73A5ZDvdTzPMH2YTBRqgUXTb7XD39ab/tSnfg5V+q7Q3fDbYJTF2oNqtVq4g o3uQ==
X-Gm-Message-State: AOAM531/poj+kGi09uiqjdBw4dplk5B8D9sCaV6v/fPabU2ysbcRO5hP /uvVK4S0pXUlnSqsyvQ3DzA5z+3Fwm+VpysR7VojJg==
X-Google-Smtp-Source: ABdhPJyfrD3+O/bBtnjcbqN/pFp3IRDGBIFptMBkF0kufv8Z18MdG/nodATorDpB85zr1+AYsBo8ybtPf48Ht7z+VPg=
X-Received: by 2002:a5e:8c0c:: with SMTP id n12mr3782440ioj.147.1601410240274; Tue, 29 Sep 2020 13:10:40 -0700 (PDT)
MIME-Version: 1.0
References: <20200922201317.097C3389D4@tuna.sandelman.ca> <15660.1600807202@localhost> <902400f2-9172-9581-25ab-59ad08e67bee@cs.tcd.ie> <D81695FF-973F-472D-BC0A-9B0F57278B21@comcast.com> <ca575a6b-987e-d998-2713-91e45190f5ea@cs.tcd.ie> <0A436777-D9CE-4A4C-BE45-C8C2CAB9FBF6@comcast.com> <29901277-6da1-46fc-b244-ca289005841d@www.fastmail.com> <af0451b1-8eae-4714-849f-d6e384dda075@huitema.net> <19117.1601400596@localhost> <CAH1iCip7UBe+FR-Cz+sP6SdS11NUQC9gV_s=99yO0tjcvCcX6A@mail.gmail.com> <4215.1601404884@localhost> <3a4b39c8-6b71-5d84-1422-3470c3b01591@cs.tcd.ie> <037001d69698$4b7a4cf0$e26ee6d0$@akayla.com>
In-Reply-To: <037001d69698$4b7a4cf0$e26ee6d0$@akayla.com>
From: Juan Carlos Zuniga <j.c.zuniga@ieee.org>
Date: Tue, 29 Sep 2020 16:10:28 -0400
Message-ID: <CAHLBt83U67qntQN8gx5Kez8oLBBfZN281qBBTMTDae+E+gETfw@mail.gmail.com>
To: Peter Yee <peter@akayla.com>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, captive-portals@ietf.org, homenet@ietf.org, int-area@ietf.org
Content-Type: multipart/alternative; boundary="00000000000083256905b0796086"
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/iXdbja9U57TBgmNJfbRFWKxegHs>
Subject: Re: [Int-area] [Captive-portals] [homenet] [EXTERNAL] Re: Evaluate impact of MAC address randomization to IP applications
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Sep 2020 20:10:43 -0000
Indeed, this is a continuation of the work started at IEEE 802 back in 2014 after the STRINT Workshop pre-IETF 89 [1] [2]. So far IEEE 802 has developed the (soon to be published) 802E Privacy Recommendations [3], the recommended use of MAC address randomization in 802c [4], and now the work in 802.11 that Peter points out. We carried out the experiment on the IETF (x2) and IEEE 802 Wi-Fi meeting networks and we published some results at the time [5]. Even though we found some very minor impact on DHCP, the experiment showed that MAC address randomization worked fine. However, as we pointed out the Privacy issues should not stop at L3. If there is a good take away from that work, it is that Privacy cannot be solved at a single layer, and effective solutions should be system-wide. Juan Carlos [1] https://mentor.ieee.org/802-ec/dcn/14/ec-14-0043-01-00EC-internet-privacy-tutorial.pdf [2] http://www.ieee802.org/PrivRecsg/ [3] https://1.ieee802.org/security/802e/ [4] https://ieeexplore.ieee.org/document/8016709 [5] https://ieeexplore.ieee.org/abstract/document/7390443/ pre-print: https://www.it.uc3m.es/cjbc/papers/pdf/2015_bernardos_cscn_privacy.pdf On Tue, Sep 29, 2020 at 3:40 PM Peter Yee <peter@akayla.com> wrote: > On 29/09/2020 12:03, Stephen Farrell wrote: > > > More on-topic, I do think MAC address randomisation has a role to play > for WiFi as it does for BLE, but yes there is a lack of guidance as to how > to implement and deploy such techniques well. It's a bit tricky though as > it's fairly OS dependent so maybe not really in scope for the IETF? > > (For the last 3 years I've set a possible student project in this space, > but each time a student has considered it, it turned out "too hard";-) > > As I mentioned previously, IEEE 802.11 is looking into this area, both > from an operational perspective and from a privacy perspective. New IEEE > 802.11 amendments (IEEE 802.11bh and IEEE 802.11bi, if approved) are being > discussed. The (very) high-level documents describing each can be found at > [1] and [2]. I would be happy to convey input to IEEE 802.11 regarding > either document, particularly in regards to layers 3 and above. Without > wishing to open up a can of worms about meeting fees, I will note that IEEE > 802.11 is currently not charging for its online meetings, so if anyone > wishes to take part in the random MAC address discussions directly, the > next meeting will be held in early November. The RCM Study Group met > yesterday morning (Americas) and will meet again in two weeks. See [3]. > > -Peter > > [1] > https://mentor.ieee.org/802.11/dcn/20/11-20-0742-04-0rcm-proposed-par-draft.docx > [2] > https://mentor.ieee.org/802.11/dcn/20/11-20-0854-06-0rcm-par-proposal-for-privacy.pdf > [3] > https://mentor.ieee.org/802.11/dcn/20/11-20-0995-10-0rcm-rcm-sg-agenda.pptx > > > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org > https://www.ietf.org/mailman/listinfo/int-area >
- [Int-area] Evaluate impact of MAC address randomi… Lee, Yiu
- Re: [Int-area] Evaluate impact of MAC address ran… Andy Smith
- Re: [Int-area] Evaluate impact of MAC address ran… Michael Richardson
- Re: [Int-area] Evaluate impact of MAC address ran… Michael Richardson
- Re: [Int-area] Evaluate impact of MAC address ran… Michael Richardson
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Stephen Farrell
- Re: [Int-area] [EXTERNAL] Re: Evaluate impact of … Lee, Yiu
- Re: [Int-area] [Captive-portals] Evaluate impact … Peter Yee
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Stephen Farrell
- Re: [Int-area] Evaluate impact of MAC address ran… Lee, Yiu
- Re: [Int-area] [homenet] Evaluate impact of MAC a… David R. Oran
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Lee, Yiu
- Re: [Int-area] [EXTERNAL] Re: [homenet] Evaluate … Lee, Yiu
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Bob Hinden
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Michael Richardson
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Brian Dickson
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Stephen Farrell
- Re: [Int-area] [Captive-portals] [EXTERNAL] Re: [… Martin Thomson
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Michael Richardson
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Michael Richardson
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Ralf Weber
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Pascal Thubert (pthubert)
- Re: [Int-area] Evaluate impact of MAC address ran… Stewart Bryant
- Re: [Int-area] [homenet] Evaluate impact of MAC a… Michael Richardson
- Re: [Int-area] [Captive-portals] [homenet] Evalua… Michael Richardson
- Re: [Int-area] Evaluate impact of MAC address ran… Eric Vyncke (evyncke)
- Re: [Int-area] Evaluate impact of MAC address ran… Joseph Touch
- Re: [Int-area] Evaluate impact of MAC address ran… Stewart Bryant
- Re: [Int-area] Evaluate impact of MAC address ran… Alan DeKok
- Re: [Int-area] Evaluate impact of MAC address ran… tom petch
- Re: [Int-area] [Captive-portals] Evaluate impact … Derek Fawcus
- Re: [Int-area] [Captive-portals] [homenet] Evalua… Malay Vadher
- Re: [Int-area] [Captive-portals] [EXTERNAL] Re: [… Christian Huitema
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Michael Richardson
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Brian Dickson
- Re: [Int-area] [Captive-portals] [homenet] [EXTER… Michael Richardson
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Stephen Farrell
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Christian Huitema
- Re: [Int-area] [Captive-portals] [homenet] [EXTER… Peter Yee
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Michael Richardson
- Re: [Int-area] [Captive-portals] [homenet] [EXTER… Juan Carlos Zuniga
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Stephen Farrell
- Re: [Int-area] [Captive-portals] [homenet] [EXTER… Weil, Jason
- Re: [Int-area] [Captive-portals] [homenet] [EXTER… Rolf Winter
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Michael Richardson
- Re: [Int-area] [homenet] [Captive-portals] [EXTER… Stephen Farrell
- Re: [Int-area] [Captive-portals] [homenet] [EXTER… Carsten Bormann
- Re: [Int-area] Evaluate impact of MAC address ran… Andrew G. Malis
- Re: [Int-area] [EXTERNAL] Re: Evaluate impact of … Lee, Yiu
- Re: [Int-area] [Captive-portals] [homenet] Re: Ev… Livingood, Jason