IETF Logo Mail Archive

Re: Disabling temporary addresses by default?

Michael Richardson <mcr+ietf@sandelman.ca> Thu, 30 January 2020 19:14 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B64B120809 for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 11:14:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.435
X-Spam-Level: *
X-Spam-Status: No, score=1.435 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_SBL_CSS=3.335, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8t7JQIwUviyI for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 11:14:17 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8AA95120802 for <ipv6@ietf.org>; Thu, 30 Jan 2020 11:14:17 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [209.29.231.2]) by relay.sandelman.ca (Postfix) with ESMTPS id 538A91F45B for <ipv6@ietf.org>; Thu, 30 Jan 2020 19:14:16 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 754D11A373A; Thu, 30 Jan 2020 14:14:15 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: IPv6 List <ipv6@ietf.org>
Subject: Re: Disabling temporary addresses by default?
In-reply-to: <CAKD1Yr3H06F9__Bp99Co8vW=UNdk=bbtAvBpCjr3SuRVBDi4MQ@mail.gmail.com>
References: <03C832CE-7282-4320-BF1B-4CB7167FE6BE@employees.org> <c4166907-b6c9-a4ef-fd59-cf539bbe0405@si6networks.com> <43D76C96-C16B-4BEB-B9B8-C68D53BCE63F@fugue.com> <fb5b8377-892d-2777-ef9b-4f9ddefa6c93@si6networks.com> <CAKD1Yr034_tu7ZoJ1FCfDYhNSN6igm-ZQyR4u3U+UDMr=huGOw@mail.gmail.com> <1af0b06d-f9d7-5ea1-27f3-b417eb9148fa@si6networks.com> <7606A049-318D-4526-917D-F2A801BF7050@cisco.com> <CAKD1Yr1d9kORFdoOJr22J_UDJ9hLPr6AQLyWuh7=bAQKa+aXGw@mail.gmail.com> <MN2PR11MB356588FC3E8A6410B725D159D80A0@MN2PR11MB3565.namprd11.prod.outlook.com> <CAKD1Yr35meRGh_POo_2jrHA_oazO1xUOG5G_rx43xNLFYHQsMQ@mail.gmail.com> <MN2PR11MB356526F01CAE1CADEF8E4472D80A0@MN2PR11MB3565.namprd11.prod.outlook.com> <CAKD1Yr0-rmyzz3y1d+pCpA0+tGuhSdjojaJovXUzVuyx6UdeLA@mail.gmail.com> <98179a48-8d86-4673-6c82-fc0022988862@foobar.org> <F84FEFAF-1F78-47D4-B3E0-981DCFD0CB58@employees.org> <CAKD1Yr11_SSUkCBuQ3-h+eRg0LPZQdhe+h7f0YZy9TiyRWj6mw@mail.gmail.com> <1F1CE807-5466-42B3-AA37-8C916EAB545C@gmail.com> <f02490c8-5 f52-acf6-75e7-109d10d89740@si6networks.com> <CAKD1Yr3H06F9__Bp99Co8vW=UNdk=bbtAvBpCjr3SuRVBDi4MQ@mail.gmail.com>
Comments: In-reply-to Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org> message dated "Wed, 29 Jan 2020 20:19:16 +0900."
X-Mailer: MH-E 8.6; nmh 1.7.1-RC3; GNU Emacs 25.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Thu, 30 Jan 2020 14:14:15 -0500
Message-ID: <30597.1580411655@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/1VHunv1OS1DhRn_TFl8PFB-2NIE>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jan 2020 19:14:19 -0000

Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org> wrote:
    >> Option #2: Reduce the N ratio, but allow ongoing sessions to use invalid
    >> addresses. This could be worse than legacy RFC4941 (if long lived
    >> sessions last more than a week), since now temporary addresses would not
    >> have a limited lifetime (the lifetime would only be limited wrt the
    >> ability to employ them for new transport protocol instances)
    >> 

    > ISTM that "using invalid addresses" is poorly defined and likely difficult
    > to implement. It also isn't not much (if at all) different from the current
    > status quo with lots of deprecated addresses. The only difference is that
    > it forbids allow applications from purposely binding to an expired address.
    > But applications don't do that - why would they? The current privacy
    > address is better than that address in every way.

So, I have an FTP control channel open for two weeks.
I want to bind a new socket for data tranfers... and now I can't bind the IP
address that I want.  Okay, FTP is ancient dead.  Replace with SIP.
Yes, HTTP/2 and/or QUIC knows how to do this easier.
I don't know that I want to force everything to convert to QUIC.

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

v2.23.0 | Report a Bug | By Email