IETF Logo Mail Archive

Re: draft-gont-6man-managing-privacy-extensions-00.txt

"Joel M. Halpern" <jmh@joelhalpern.com> Wed, 09 March 2011 19:31 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 851EF3A6A48 for <ipv6@core3.amsl.com>; Wed, 9 Mar 2011 11:31:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QHzz1Mye-WrO for <ipv6@core3.amsl.com>; Wed, 9 Mar 2011 11:31:30 -0800 (PST)
Received: from hgblob.out.tigertech.net (hgblob.out.tigertech.net [74.114.88.71]) by core3.amsl.com (Postfix) with ESMTP id 3E7D73A69D1 for <ipv6@ietf.org>; Wed, 9 Mar 2011 11:31:30 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by hgblob.tigertech.net (Postfix) with ESMTP id 3E133325B2CD for <ipv6@ietf.org>; Wed, 9 Mar 2011 11:32:47 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at hgblob.tigertech.net
Received: from [10.154.181.170] (unknown [129.192.147.67]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by hgblob.tigertech.net (Postfix) with ESMTPSA id E3D3332280B3 for <ipv6@ietf.org>; Wed, 9 Mar 2011 11:32:46 -0800 (PST)
Message-ID: <4D77D5DD.40100@joelhalpern.com>
Date: Wed, 09 Mar 2011 14:32:45 -0500
From: "Joel M. Halpern" <jmh@joelhalpern.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.15) Gecko/20110303 Lightning/1.0b2 Thunderbird/3.1.9
MIME-Version: 1.0
To: ipv6@ietf.org
Subject: Re: draft-gont-6man-managing-privacy-extensions-00.txt
References: <7111FC5F-BC3F-4242-9C3F-037E79894749@gmail.com> <alpine.DEB.1.10.1103091212570.7942@uplift.swm.pp.se> <4D77CBB9.1080702@gmail.com> <A8E3ED1C-D74F-4B16-8CBE-049CA30B7D29@gmail.com>
In-Reply-To: <A8E3ED1C-D74F-4B16-8CBE-049CA30B7D29@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Mar 2011 19:31:31 -0000

I would observe that we have multiple documents which note the 
importance of traceability for "problem" resolution.  Treating privacy 
as an all-or-nothing thing is probably a misleading perspective.
It is extremely likely that privacy addresses, and their bindings to 
homes or office desktops, will be logged.  I would hope that said logs 
will be handled in a manner that preserves privacy in the normal course 
of events.

Pretending that such things will not happen strikes me as even sillier 
than assuming that a malicious host will cooperate with some unenforced 
flags.

Yours,
Joel

On 3/9/2011 2:17 PM, RJ Atkinson wrote:
>
> On 09  Mar 2011, at 13:49 , Brian E Carpenter wrote:
>> On 2011-03-10 00:17, Mikael Abrahamsson wrote:
>>>
>>> I don't think it solves what it thinks it solves, but if this REALLY
>>> should be implemented, it's my initial thinking that the H flag should
>>> be a MUST demand to only have ONE and only one MAC-based IPv6 address
>>> according to EUI64. I would appreciate some reasoning in the draft why
>>> this was chosen as a SHOULD option.
>>
>> For the reason I just gave against the disable-private flag: this
>> violates the host's right to use an untraceable address.
>
> (Hardware I am familiar with is not sentient.  So I don't know
> what it means to talk about the rights of a host, as above ---
> I'll assume the meaning is that human users have privacy rights. :-)
>
>> It may be that in corporate deployments, that right can be removed.
>
> At least within the US, I am told that multiple courts have ruled
> that when an employee is using employer-owned equipment attached
> to an employer-owned network, then a reasonable expectation of
> privacy does not exist.  My examples and discussion have solely
> focused on this "corporate deployment" scenario.
>
> [ASIDE:  I am also told that the courts have ruled differently with
> respect to people accessing the Internet from their own home when
> using their own equipment.]
>
> [ASIDE: Of course the IETF is global; legal systems vary from one place
> to another.  So the above is intended narrowly as a practical example. :-]
>
>> But removing it for public subscribers would be a political blunder.
>
>
> Earlier, I specifically noted that the privacy issue ought to be
> discussed in the Security Considerations section of (any) I-D on
> this topic, in (2A) and (2B) of this previous list email:
>
> 	<http://www.ietf.org/mail-archive/web/ipv6/current/msg13489.html>
>
> Cheers !
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email