Re: Consensus call on adopting: <draft-gont-6man-stable-privacy-addresses-01>
Jong-Hyouk Lee <jonghyouk@gmail.com> Wed, 18 April 2012 09:26 UTC
Return-Path: <jonghyouk@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F85D21F85BB for <ipv6@ietfa.amsl.com>; Wed, 18 Apr 2012 02:26:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.298
X-Spam-Level:
X-Spam-Status: No, score=-3.298 tagged_above=-999 required=5 tests=[AWL=0.300, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6-8dQU1f03k8 for <ipv6@ietfa.amsl.com>; Wed, 18 Apr 2012 02:25:58 -0700 (PDT)
Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by ietfa.amsl.com (Postfix) with ESMTP id DD6BE21F85B7 for <ipv6@ietf.org>; Wed, 18 Apr 2012 02:25:57 -0700 (PDT)
Received: by iazz13 with SMTP id z13so12413717iaz.31 for <ipv6@ietf.org>; Wed, 18 Apr 2012 02:25:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=f3xL1kTwIXL8T9QgiNuuwCluM/009JhiexmbgOfO6ds=; b=SHx3VvmYb5Wai8TWZL8Bne8hzfGGO3uklQOP9Yhu9ceIz0rpIBZYsoulK1Ctf06Zbk vN4ByHV4MH0/7+TcjZxPPVR/HUm79PZCY5LBkl6rLjhNwRUzwm1yK0wuI/IOw4DMG4kU g/jyQYrzgeF39yA95AKTEE8dgdjbNriE31vJpCbBL7PoGHnpRfskbMZoAmQAvUyREJKN ldluRsPPcx0Uk6wGAAm/tAIoeSZDQB1LkJD6MMyHuU/iEIJJmX/LXGXy5nH0k9e4GKnq WMPMO3027dRuNziDYZ5PxgYQ2xHfEnb/E8ePSQQGgiUmgUcXWvQJEz/dGqTDNcARYjen r9TQ==
MIME-Version: 1.0
Received: by 10.50.45.231 with SMTP id q7mr1031277igm.42.1334741157555; Wed, 18 Apr 2012 02:25:57 -0700 (PDT)
Received: by 10.64.32.72 with HTTP; Wed, 18 Apr 2012 02:25:57 -0700 (PDT)
In-Reply-To: <4F881FFF.5030409@si6networks.com>
References: <E7607B61-9889-43A9-B86B-133BD4238BA2@gmail.com> <4F87D245.4000102@gmail.com> <95F65935-A316-4CFB-9A79-9B0AB7E33A10@ecs.soton.ac.uk> <EMEW3|09206087d5a8f81e80ca891498271ae5o3CBbj03tjc|ecs.soton.ac.uk|95F65935-A316-4CFB-9A79-9B0AB7E33A10@ecs.soton.ac.uk> <4F881FFF.5030409@si6networks.com>
Date: Wed, 18 Apr 2012 11:25:57 +0200
Message-ID: <CAB2CD_Ux25Ge6iB3tA7OGcgZCSyJw0BZXvRLLeJQv3qUMY3Hnw@mail.gmail.com>
Subject: Re: Consensus call on adopting: <draft-gont-6man-stable-privacy-addresses-01>
From: Jong-Hyouk Lee <jonghyouk@gmail.com>
To: Fernando Gont <fgont@si6networks.com>
Content-Type: multipart/alternative; boundary="14dae9340621902c5704bdf0a42a"
Cc: 6man Chairs <6man-chairs@tools.ietf.org>, IPv6 WG Mailing List <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Apr 2012 09:26:02 -0000
Dear all, I support this document to be an official working group document. IPv6 is being considered to be a protocol providing Internet access from vehicles. When we consider vehicular communications, location privacy becomes vital. The described mechanism "stable-privacy-addresses" would help for it. Cheers. On Fri, Apr 13, 2012 at 2:45 PM, Fernando Gont <fgont@si6networks.com>wrote: > Hi, Tim, > > Thanks so much for your feedback! Please find my comments inline... > > On 04/13/2012 12:37 PM, Tim Chown wrote: > > Extensions. If I understand it correctly, essentially what you are > > defining is randomised stable-per-prefix public interface > > identifiers, > > Exactly. > > > > On 3484bis, if stable privacy addresses are alternative public (not > > temporary) identifiers for hosts then is there anything more to say? > > Not that I can think of. > > > > Note that RFC4941 temporary addresses can also be stable, in that > > they do not change if the host stays on the same network; the > > specification only says identifiers SHOULD be regenerated at some > > defined interval. > > Two things: > > * If you do RFC 4941 but do not change the addresses over time (e.g. as > Windows does for their stable addresses), then you can be tracked > exactly in the same way as with MAC-based addresses. Such addreseses > mitigate only host-scanning attacks (i.e., they are unpredictable), but > since there's a constant identifier used across networks, tracking is > still possible. -- So at the time you implement RFC 4941 without > regenerating the addresses over time, they are not *privacy* extensions > anymore :-) > > * IMO, it is a bit of a strech to say "RFC4941 temporary addresses can > also be stable", implying that stability is allowed. That would be the > case if "identifiers MAY be generated at some defined interval". But if > it's a SHOULD, and you go against it, you're not fully-compliant with > the specification. ("SHOULD" just means that there are specific cases in > which you're allowed to not follow the recommendation). > > > > > Finally, it would be interesting to know what algorithm Windows uses > > to generate its identifiers; they are randomised, public and stable. > > I had thought they were based on the prefix, but Fernando's tests > > suggest not. > > Dave Thaler commented on this one during the 6man wg meeting at IETF 83: > They do RFC4941, without changing the addresses over time. Hence, the > identifiers are constant across networks. > > This means that they mitigate host scanning attacks, but as noted in > draft-gont-6man-stable-privacy-addresses-01 they are still subject to > host-tracking. > > Thanks! > > Best regards, > -- > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -- RSM Department, TELECOM Bretagne, France Jong-Hyouk Lee, living somewhere between /dev/null and /dev/random #email: jonghyouk (at) gmail (dot) com #webpage: http://sites.google.com/site/hurryon/
- Consensus call on adopting: <draft-gont-6man-stab… Bob Hinden
- RE: Consensus call on adopting: <draft-gont-6man-… Manfredi, Albert E
- Re: Consensus call on adopting: <draft-gont-6man-… Karl Auer
- Re: Consensus call on adopting: <draft-gont-6man-… Brian E Carpenter
- Re: Consensus call on adopting: <draft-gont-6man-… Eliot Lear
- Re: Consensus call on adopting: <draft-gont-6man-… Tim Chown
- Re: Consensus call on adopting: <draft-gont-6man-… Fernando Gont
- Feedback on draft-gont-6man-stable-privacy-addres… Fernando Gont
- Re: Consensus call on adopting: <draft-gont-6man-… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Karl Auer
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Washam Fan
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Karl Auer
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Tim Chown
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Karl Auer
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Tim Chown
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Brian E Carpenter
- Tokenized addresses (was: Re: Feedback on draft-g… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fred Baker
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fernando Gont
- RE: Feedback on draft-gont-6man-stable-privacy-ad… Christian Huitema
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fred Baker
- RE: Feedback on draft-gont-6man-stable-privacy-ad… Christian Huitema
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fred Baker
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fred Baker
- RE: Feedback on draft-gont-6man-stable-privacy-ad… Christian Huitema
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Fernando Gont
- Re: Feedback on draft-gont-6man-stable-privacy-ad… Tina TSOU
- Re: Consensus call on adopting: <draft-gont-6man-… Jong-Hyouk Lee
- Re: Consensus call on adopting: <draft-gont-6man-… Eliot Lear
- Re: Consensus call on adopting: <draft-gont-6man-… Fernando Gont
- Re: Consensus call on adopting: <draft-gont-6man-… Eliot Lear
- Re: Consensus call on adopting: <draft-gont-6man-… Fernando Gont
- Re: Consensus call on adopting: <draft-gont-6man-… Dominik Elsbroek
- Re: Consensus call on adopting: <draft-gont-6man-… Mohacsi Janos
- Re: Consensus call on adopting: <draft-gont-6man-… Fernando Gont
- Re: Consensus call on adopting: <draft-gont-6man-… Mohacsi Janos
- Re: Consensus call on adopting: <draft-gont-6man-… Fernando Gont
- Re: Consensus call on adopting: <draft-gont-6man-… Ole Trøan
- Re: Consensus call on adopting: <draft-gont-6man-… Fernando Gont
- Re: Consensus call on adopting: <draft-gont-6man-… Bob Hinden
- Re: Consensus call on adopting: <draft-gont-6man-… Fernando Gont
- Re: Consensus call on adopting: <draft-gont-6man-… RJ Atkinson
- Re: Consensus call on adopting: <draft-gont-6man-… Randy Bush
- Re: Consensus call on adopting: <draft-gont-6man-… Bob Hinden
- Re: Consensus call on adopting: <draft-gont-6man-… Randy Bush
- Re: Consensus call on adopting:<draft-gont-6man-s… Brian E Carpenter