IETF Logo Mail Archive

Re: Disabling temporary addresses by default?

Fernando Gont <fgont@si6networks.com> Thu, 30 January 2020 21:44 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A51412009C for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 13:44:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EP0p-vgAZEVK for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 13:44:15 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BD8A12001A for <ipv6@ietf.org>; Thu, 30 Jan 2020 13:44:15 -0800 (PST)
Received: from [192.168.100.103] (unknown [186.183.50.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 2610486789; Thu, 30 Jan 2020 22:44:10 +0100 (CET)
Subject: Re: Disabling temporary addresses by default?
To: otroan@employees.org, 6man WG <ipv6@ietf.org>
References: <56BD2286-D761-44EF-812B-82BAFB380992@employees.org> <0163A2F7-7874-43BF-B0CE-E83D62A92123@puck.nether.net> <B72F96B6-9B19-4832-8636-B86A6ED01402@employees.org>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <b6ce0b8a-c22b-75db-3aa6-459325898cd2@si6networks.com>
Date: Thu, 30 Jan 2020 18:44:03 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <B72F96B6-9B19-4832-8636-B86A6ED01402@employees.org>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/GxOu8v39ZPUuvb7Ynp1OcKzyIz0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jan 2020 21:44:17 -0000

On 29/1/20 08:48, otroan@employees.org wrote:
>>> Enterprises use web proxies and SSL intercepting gateways anyway, don't they (sigh).
>>
>> Some do. I've worked places that did for non-SSL. Keep in mind the operator of that network tends to only allow devices managed by them so they are not user devices. A user generally has no right to privacy on equipment they do not own.
>>
>> (This is a controversial position to state in the IETF but is still valid).
> 
> And just to be clear. I am not against a document specifying temporary addresses.
> The IETF published RFC3041 back in 2001, as a response to information leakage caused by EUI-64 based IIDs.
> Quite a lot has changed since then. I am trying to get some answers to the following questions:
> 
>   - what are the operational consequences of temporary addresses

I proposed a paragraph about this one.


>   - how effective are temporary addresses in making correlation harder?

They limit the lifetime of the address, and in doing so the limit the 
amount of time that network activity correlation can be performed.



>   - are applications clever enough to not re-use tainted addresses for example?

This is out of scope for rfc4941bis. We raised this here 
https://tools.ietf.org/html/draft-gont-6man-address-usage-recommendations 
. I presented in 6man, and the suggestion was that this belonged 
elsewhere. Maybe it's time to work on it?




>   - do protocols like ICE, MPTCP, QUIC bundle together stable and temporary addresses?

At the very least, temporary addresses came way before MPTCP and QUIC. 
So I think this is out of scope for this document. -- it *might* be in 
scope for draft-gont-6man-address-usage-recommendations


>   - implementations that allow for the use of many addresses might get into trouble with the network,
>     can they deal with those failure cases in an acceptable way?

Maybe this was in scope for RFC7934? -- That's the RFC that says host 
should be free to employ addresses as they wish. If anything, RFC4941 is 
below the umbrella of RFC7934.



> 4941bis is being demoted to proposed standard. 

As a non-native English speaker, I had to look up what "demoted" means. 
The dictionary says "move (someone) to a lower position or rank, usually 
as a punishment".

You can argue that in terms of rank, it has been lowered (does anybody 
care?). However, it worries me the idea that addressing flaws in a 
protocol is a kind of punishment.



> Which means we might live with these questions being unanswered, but I think we need to have some of the discussion around these in the deployment considerations.

I think discussion does not belong here (other than the note about 
possible effects of many addresses). The topic is a much larger topic, 
and involves many other aspects. Please see: 
draft-gont-6man-address-usage-recommendations

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email