IETF Logo Mail Archive

RE: I-D Action: draft-ietf-6man-ipv6-address-generation-privacy-01.txt

Christian Huitema <huitema@microsoft.com> Fri, 14 February 2014 21:44 UTC

Return-Path: <huitema@microsoft.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6D561A032B for <ipv6@ietfa.amsl.com>; Fri, 14 Feb 2014 13:44:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OSZVH6lbB2Iu for <ipv6@ietfa.amsl.com>; Fri, 14 Feb 2014 13:44:32 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0211.outbound.protection.outlook.com [207.46.163.211]) by ietfa.amsl.com (Postfix) with ESMTP id 794471A02EE for <ipv6@ietf.org>; Fri, 14 Feb 2014 13:44:32 -0800 (PST)
Received: from BL2PR03CA021.namprd03.prod.outlook.com (10.141.66.29) by BY2PR03MB027.namprd03.prod.outlook.com (10.255.240.41) with Microsoft SMTP Server (TLS) id 15.0.878.16; Fri, 14 Feb 2014 21:44:22 +0000
Received: from BY2FFO11FD025.protection.gbl (2a01:111:f400:7c0c::188) by BL2PR03CA021.outlook.office365.com (2a01:111:e400:c1b::29) with Microsoft SMTP Server (TLS) id 15.0.873.15 via Frontend Transport; Fri, 14 Feb 2014 21:44:22 +0000
Received: from mail.microsoft.com (131.107.125.37) by BY2FFO11FD025.mail.protection.outlook.com (10.1.15.214) with Microsoft SMTP Server (TLS) id 15.0.868.13 via Frontend Transport; Fri, 14 Feb 2014 21:44:21 +0000
Received: from TK5EX14MBXC302.redmond.corp.microsoft.com ([169.254.2.226]) by TK5EX14HUBC102.redmond.corp.microsoft.com ([157.54.7.154]) with mapi id 14.03.0174.002; Fri, 14 Feb 2014 21:43:36 +0000
From: Christian Huitema <huitema@microsoft.com>
To: Alissa Cooper <alissa@cooperw.in>, "ipv6@ietf.org" <ipv6@ietf.org>
Subject: RE: I-D Action: draft-ietf-6man-ipv6-address-generation-privacy-01.txt
Thread-Topic: I-D Action: draft-ietf-6man-ipv6-address-generation-privacy-01.txt
Thread-Index: AQHPKbTGum4CxepzqEuRLO1ZYGGEqZq1GL6AgAArHPA=
Date: Fri, 14 Feb 2014 21:43:36 +0000
Message-ID: <C91E67751B1EFF41B857DE2FE1F68ABA3DFC18C5@TK5EX14MBXC302.redmond.corp.microsoft.com>
References: <20140214184335.29433.45425.idtracker@ietfa.amsl.com> <CF23A554.13ED6%alissa@cooperw.in>
In-Reply-To: <CF23A554.13ED6%alissa@cooperw.in>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.76]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009001)(6009001)(189002)(199002)(51704005)(44976005)(59766001)(79102001)(80976001)(56776001)(74366001)(95416001)(55846006)(77982001)(65816001)(6806004)(66066001)(50986001)(63696002)(54316002)(80022001)(33656001)(20776003)(83322001)(47776003)(85306002)(50466002)(23726002)(95666001)(81816001)(81686001)(51856001)(47976001)(74706001)(46102001)(76482001)(54356001)(53806001)(4396001)(47736001)(2656002)(46406003)(87266001)(47446002)(49866001)(31966008)(74662001)(85852003)(56816005)(74502001)(92726001)(92566001)(94316002)(87936001)(74876001)(90146001)(93516002)(81542001)(86362001)(76796001)(83072002)(69226001)(81342001)(86612001)(94946001)(77096001)(76786001)(93136001); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR03MB027; H:mail.microsoft.com; CLIP:131.107.125.37; FPR:1C94FF3D.AD0AC20B.78D11FBB.CE1DEBD.20268; MLV:sfv; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 01221E3973
X-OriginatorOrg: microsoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/ipv6/0BM-aGJa9ImwBSqNuKOnsPVdM0s
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Feb 2014 21:44:35 -0000

> Summary of changes:
>
> Additional text about unique prefix assignment in Sec 4
>
> Updated table entries in Sec 4 to reflect discussion at IETF 88
> 
> Corrected Sec 4.4 text on CGAs
> 
> Added detail to Sec 4.7 to reflect common DHCPv6 practices

I read this draft, and while I generally agree with the discussion, I feel that a particular angle is missing, the relation between IPv6 address and MAC address tracking.

There are tracking systems that can record and correlate the MAC addresses of mobile nodes as they connect to various networks. The obvious countermeasure is to randomize the MAC address. On a Wi-Fi network, it could be done by passively listening to the advertisement from the access point, and then making an explicit decision to use a stable MAC address if the location is trusted, and a randomized one if it is not.

The question then is whether the IPv6 would remain constant even if the MAC address changed. There are generation schemes where the address would remain constant. CGA for example only depends of the IPv6 header and the public key. Stable IID would remain constant if the network interface parameter used in the generation (Net_Iface) remained constant, e.g. was based on the interface name. It would obviously change if the interface was identified by the MAC address.

Can we add a discussion of the issue to this address privacy draft?

-- Christian Huitema

v2.23.0 | Report a Bug | By Email