IETF Logo Mail Archive

Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>

Mark Smith <markzzzsmith@gmail.com> Sat, 14 May 2016 02:32 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37B6A12B00F for <ipv6@ietfa.amsl.com>; Fri, 13 May 2016 19:32:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.198
X-Spam-Level:
X-Spam-Status: No, score=-2.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aK1w9-M_G1Ku for <ipv6@ietfa.amsl.com>; Fri, 13 May 2016 19:32:09 -0700 (PDT)
Received: from mail-vk0-x22b.google.com (mail-vk0-x22b.google.com [IPv6:2607:f8b0:400c:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E7CD12B007 for <ipv6@ietf.org>; Fri, 13 May 2016 19:32:09 -0700 (PDT)
Received: by mail-vk0-x22b.google.com with SMTP id s184so158040004vkb.3 for <ipv6@ietf.org>; Fri, 13 May 2016 19:32:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=6QJxNscy/Z1aBRhvSau1nGF+sAW6gap5nXhlL414OtI=; b=JUHNTjzmLRlpNwdGM8TT3K2A11W5Qjp7atjkr09DBh7DYHDFFJG6nUAdaPKhUcnz5S OJ8+3srZfgQW2wvlAu0AzaxZaSrWlTiEDQiqL6bD470ORK147j0iV2xJizDLiDDtE1pG 4mhF4x7oqujIfaz6mN31eLN4spx/Pznp5JxgNYSxOibSVaCl5ZF3KPQYioi9z5IByvuo m/pAh93snwC0XQSQIccOY6toyH6xS/TgmQnrx/5d94usnjTsdwPzh3FnoDbiYifHyftB wCJbdeASqAqCm5ptJDTPCWihdAJ/DN30RqBEWB3k0v/f4WAFrDKflYPz9gvTxtW4GO8H p4Kg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=6QJxNscy/Z1aBRhvSau1nGF+sAW6gap5nXhlL414OtI=; b=Wz0/eC7kwDxu5oswsJXWh/cJ0lmABgNMmRQvJAjtD4AJY/EBVYXAU/erH3r9bx/e5Q yKo+yNdqcYvoGmWsMd16IDwxzC82/vBJUtO9TaD47Y/xaKLH5s8SHvbN5nnQL3MM1eiF 7mI3Fbeq5QnXMIBEZCNd9wbNKLEt41JLQw5PFtj2QI/684THDRop7jFA6IJNgd1JmfNf W4qA2floEVoDsifmgdialzde16kYPG8VKtXELI8+Oh9AoqB0ltLFMGZrDljH80o4oMZO fyhX1E8y+owkgfCFvB4ccI+PIbVOrJ7tD8xc8hVlR/J4oN1tI0Oe6qpGAqjWlSBEH9wR A1qQ==
X-Gm-Message-State: AOPr4FVt/oFbctXgM+B/cupd8R4Fe0VgxQuY5jS5h21+28Ydq4XCGbjggQT1cNI3eIGDLnPbiO1NUN5JdN4ABw==
MIME-Version: 1.0
X-Received: by 10.159.39.106 with SMTP id a97mr9492950uaa.133.1463193128050; Fri, 13 May 2016 19:32:08 -0700 (PDT)
Received: by 10.176.4.55 with HTTP; Fri, 13 May 2016 19:32:07 -0700 (PDT)
Received: by 10.176.4.55 with HTTP; Fri, 13 May 2016 19:32:07 -0700 (PDT)
In-Reply-To: <CAKD1Yr1So_tFFSr=sk8ew-UJG-dWK=U6N9mwJnwkZdNX=__SVQ@mail.gmail.com>
References: <20160428004904.25189.43047.idtracker@ietfa.amsl.com> <89CA2C18-AE61-4D40-8997-221201835944@gmail.com> <6f2edbbc-d208-03a0-3c33-503a05c0bee8@gmail.com> <CAKD1Yr1So_tFFSr=sk8ew-UJG-dWK=U6N9mwJnwkZdNX=__SVQ@mail.gmail.com>
Date: Sat, 14 May 2016 12:32:07 +1000
Message-ID: <CAO42Z2x-kzpo_=G=nTpEwCuaCd6SuTPV_Hu3azrGLSpyHjT8oA@mail.gmail.com>
Subject: Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>
From: Mark Smith <markzzzsmith@gmail.com>
To: Lorenzo Colitti <lorenzo@google.com>
Content-Type: multipart/alternative; boundary="94eb2c0481e8a2a7cc0532c43273"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/21eFGPpMGicbCrqUCISuyaKn5DU>
Cc: 6man WG <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 May 2016 02:32:11 -0000

On 14 May 2016 11:56 AM, "Lorenzo Colitti" <lorenzo@google.com> wrote:
>
> I continue to oppose this document.
>
> This draft says that existing address generation mechanisms are bad for
privacy, and proceeds to change them. But there is nothing wrong with
the existing address generation mechanisms as if the link-layer addresses
are not stable, (e.g., random MAC addresses), and a growing body of IETF
work
>

The thing wrong with "solving" a layer 3 problem at layer 2 is that it
makes the effectiveness of the layer 3 outcome entirely dependent on the
attributes of another layer. It's fundamentally a layer violation.

I think we have layers to try to minimise or avoid these dependencies.
Having a layer 3 privacy solution to this layer 3 privacy problem means
that it doesn't matter if the layer 2 privacy is terrible or not.

I don't think this draft is forbidding layer 2 privacy at all - it is
forbidding relying on it at layer 3, because it can't and I don't think
should be relied on.

Regards,
Mark.

> This draft forbids implementations from using existing address generation
mechanisms using random MAC addresses, which is a perfectly valid way to
address the privacy problem this draft is purportedly solving, and is an
approach standardized in other IETF work, for example,
https://tools.ietf.org/html/draft-ietf-dhc-anonymity-profile-08#section-2.1
(now in RFC editor queue).
>
> Here are several examples of how this draft forbids using address
generation mechanisms with random MAC addresses.
>
>    The recommendations in this document apply only in cases where
>    implementations otherwise would have configured a stable IPv6 IID
>    containing a link layer address.
> ...
>    In standardized recommendations for IPv6 IID generation meant to
>    achieve particular security and privacy properties, it is therefore
>    necessary to recommend against embedding link-layer addresses in IPv6
>    IIDs.
> ...
>    By default, nodes SHOULD NOT employ IPv6 address generation schemes
>    that embed the underlying link-layer address in the IID.
>
> These statements should not say "link-layer address". They should say
"stable link-layer-address" or "non-ephemeral link-layer-address" or
"link-layer address that are not known to be ephemeral".
>
> Worse, consider this normative text:
>
>    The entire text of Section 4 of [RFC2464] is replaced with the
>    following text:
>
>    ---------------- cut here -------------- cut here ----------------
>    The Interface Identifier [AARCH] for an Ethernet interface MUST be
>    generated as specified in [RFCXXXX].
>
> This explicitly prohibits an implementation from taking a random MAC
address and forming an EUI-64 address out of it.
>
> On Fri, May 13, 2016 at 5:43 AM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:
>>
>> With the clarifying references to RFC4941, I think this document is
>> in good shape and ready to be advanced.
>>
>>     Brian
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email