IETF Logo Mail Archive

Re: Is addressing privacy via NAT really achieving much compared to a privacy goal of anonymity? (Re: [v6ops] A common problem with SLAAC in "renumbering" scenarios)

Michael Richardson <mcr+ietf@sandelman.ca> Fri, 22 February 2019 21:22 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12FA9130E8F; Fri, 22 Feb 2019 13:22:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tFvcdPA_xv2m; Fri, 22 Feb 2019 13:22:14 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F22771275F3; Fri, 22 Feb 2019 13:22:13 -0800 (PST)
Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2:56b2:3ff:fe0b:d84]) by tuna.sandelman.ca (Postfix) with ESMTP id 14C673826C; Fri, 22 Feb 2019 16:21:46 -0500 (EST)
Received: by sandelman.ca (Postfix, from userid 179) id 98E2A1DBD; Fri, 22 Feb 2019 16:21:56 -0500 (EST)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 977F41DB1; Fri, 22 Feb 2019 16:21:56 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Ca By <cb.list6@gmail.com>
cc: Tom Herbert <tom@herbertland.com>, IPv6 Operations <v6ops@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Subject: Re: Is addressing privacy via NAT really achieving much compared to a privacy goal of anonymity? (Re: [v6ops] A common problem with SLAAC in "renumbering" scenarios)
In-Reply-To: <CAD6AjGSsh7GvmrWpn_ZT--KRf=vMUR5awcUe=uhGdKP_w8fW9Q@mail.gmail.com>
References: <6D78F4B2-A30D-4562-AC21-E4D3DE019D90@consulintel.es> <B6E2EC33-EEAF-40D0-AFCC-BDAFA9134ACD@consulintel.es> <20190220113603.GK71606@Space.Net> <28fbc2c305c640c9afb3704050f6e8d7@boeing.com> <20190220213107.GS71606@Space.Net> <019c552eb1624d348641d6930829fd1f@boeing.com> <CAKD1Yr0HBG+rhyFWg9zh0t3mW486Mjx9umjn+CRqAZg4z9r0dg@mail.gmail.com> <20190221073530.GT71606@Space.Net> <CAO42Z2wmB2W52b4MZ2h9sW5E9cQKm-HRjyf--q8C26jezS7LXQ@mail.gmail.com> <a73818d31db7422b99a524bc431b00ed@boeing.com> <CAO42Z2z9-48Gbb_Exf+oWUqDO=axSLpZBtqeDcxkAoFq5OziGw@mail.gmail.com> <CALx6S3624hnGauG1HaSWPMvQw0t2Q5R3gb8W4R8w3kuK7dcrWQ@mail.gmail.com> <CAO42Z2wOyTDrp5FNnBZ6KMOPT86o6n8rWRhXWdtSU_AOR9mV2A@mail.gmail.com> <CALx6S37FQVx=Hw3yLGfg-SkCwECc1JZkbcsqxrYLw6Pw5izdfw@mail.gmail.com> <CAD6AjGSsh7GvmrWpn_ZT--KRf=vMUR5awcUe=uhGdKP_w8fW9Q@mail.gmail.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Fri, 22 Feb 2019 16:21:56 -0500
Message-ID: <1044.1550870516@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/2rdGB0eHLe9yPiDq6ceX0aHOhFQ>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 21:22:17 -0000

Ca By <cb.list6@gmail.com> wrote:
    > What pretty much any conversation about privacy in addressing seems to
    > lacking is a quantitative description of privacy and any empiracal
    > data on the impact that privacy mechanisms, like those defined in
    > RFC4941, have had. You might say it "makes using addresses harder to
    > use to identify a node". But then the obvious question is _how_ much
    > harder? Is this really protecting anyone's privacy, or it is just a
    > minor inconvenience to attackers and only giving users a false sense
    > of security?

    > The irony is that CGN seems to have the best supporting evidence for
    > being a mechanism that impacts privacy, but it was never even intended
    > to be a privacy mechanism. The evidence is in the form of concerns
    > form law enforcement that the privacy side effect is too strong and
    > impedes their investigations
    > (https://www.theregister.co.uk/2017/10/18/europol_cgnat/).

Has anyone seen any well-written explanations of how anti-privacy CGN is?

It seems that due to the need to:

    > 3. CGN is not private. It throw off per session logs of every transaction, so
    > this is a full click stream archived ... with varing levels of intentional
    > monetization and security from hackers.

that CGN results in significantly higher privacy invasion than IPv6 (even
without privacy extensions). (which is your point)

But, how we can explain this easily to other less technical people?

--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email