IETF Logo Mail Archive

Re: Address privacy

Tom Herbert <tom@herbertland.com> Tue, 28 January 2020 19:50 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD78C12007A for <ipv6@ietfa.amsl.com>; Tue, 28 Jan 2020 11:50:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d9lzIvMolk13 for <ipv6@ietfa.amsl.com>; Tue, 28 Jan 2020 11:50:58 -0800 (PST)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A30F3120059 for <ipv6@ietf.org>; Tue, 28 Jan 2020 11:50:57 -0800 (PST)
Received: by mail-ed1-x534.google.com with SMTP id dc19so15948024edb.10 for <ipv6@ietf.org>; Tue, 28 Jan 2020 11:50:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=DyX6nXZiJqf4zXbdaCwHGfoX+OPUOXhrhR6Bm2f/T7w=; b=UwO/PjNPRbi4LRJO1KkQDydBeolFI/VW4YbHrTajVk3gOGdaXohNPENwyFg/3Z8BlU Q6khjNrDy5B08gkGeCh1bD0FiutrLCpfg7y3yYJtfNWi5/PXqM3nibPVW4GTPl9O92Ie NsTMY7ejq8M69i5E+IktAMZiuBthBd/i5sSnVnz0UsbPhUwb77at3iQRYp1Mtk9aSZPC ZSAEgGDt/BKYeVUkdmhrHJYFBYjwT8a3fRzzYf4DKpUlQCL5FN6pUb72ihvVfr8L6crx kboqxCbfKUUE+TS5Q88d0iLbyt9i+atcAeuVwjoHaD3i0RV1zvYhDkSy2L9HOkn0H523 nYnQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=DyX6nXZiJqf4zXbdaCwHGfoX+OPUOXhrhR6Bm2f/T7w=; b=Vk4IA7/pVtzwB3PVZU1mwS+7OW8Z6SBTOR1jVYpW7Fl1WMNyEBSiOfbP/hw5gkg0Dt p/yZuExHenfsOq4WQ4mM25fkZuEKD99J+jdvs+mL6lzMO24UslIBCFtRModLbAS4K+YC g0XMVwCrAkmiIwxaJAaqhDRlLSFt9LO/+syHDKJ5Lp3fUVN+NN4wIeKyFa71lfK/5Wp7 6OBaHvIbpIlzQ+AWrGBIdyWwAbOYm6nLDkJCqSAmnxDUd/eEZO6ViinHfZyyd4PhrfLj WQAjGAa8EL47O4lVsGLoRpzulZ/KI8j6R/Fbyty+mZik0Zm1Y1dPC3XtnxMqIxrAx7jl 87Gw==
X-Gm-Message-State: APjAAAWLBr4LxZSXa9V5/Xwe0juRdYxezUFvM6Oncm2Qd1XlhsRlyOCz hC0FHWtw8TxPhZju2SZpopxylZD5E9l/dgsgYFRwOHKI
X-Google-Smtp-Source: APXvYqx7LIlGc+ejd3yq9stgjjb+n667onmdtJ9iwm7dp5YiAnu7IHOZWprf5J7cMdJASUyp/3Cp2doM8wRLEAUvWn4=
X-Received: by 2002:a17:906:c791:: with SMTP id cw17mr4328577ejb.69.1580241055990; Tue, 28 Jan 2020 11:50:55 -0800 (PST)
MIME-Version: 1.0
References: <03C832CE-7282-4320-BF1B-4CB7167FE6BE@employees.org> <MN2PR11MB3565330989D411525D30B90DD80F0@MN2PR11MB3565.namprd11.prod.outlook.com> <80207E17-AE8E-4D19-B516-D2E6AB70721E@employees.org> <8D5610EA-49D3-483E-BB7A-67D67BC89346@jisc.ac.uk> <DE7B0688-230F-4A5C-8E24-9EAED9FD9FEB@puck.nether.net> <CAO42Z2zXwVnzemRqyqy78czpHjZm0nhkCJgVrx=-fmt+C6MnSA@mail.gmail.com> <1962.1579823388@localhost> <f83ab037-9125-bb74-dbac-68850aeb1020@huitema.net> <CBB23ABE-A7A3-4208-873C-E47EE063E34B@fugue.com> <11855.1579980079@localhost> <CALx6S36V_VjaxhELYcsgDYLWsCkj20p6gtiY9T9Q=9-9Oibyjw@mail.gmail.com> <32626.1580060558@localhost> <CALx6S37prWACD0jv9c-XHD-JtPqZAcgeT2Ax0EZHkiQaDR4t=g@mail.gmail.com> <419b7c7a-e364-7951-5a44-6c39e1da65fb@joelhalpern.com> <CALx6S36802oDaEgojAPq2c6hM_s1BayidXPh1Sc6RZmZa9UHpQ@mail.gmail.com> <6c5ba72d-9289-90ba-a1c9-2307ed29a4da@foobar.org> <a98bf2ab-32e7-459b-14d2-5e0e1c65a229@si6networks.com> <CALx6S36J5TPnXJQyMW2NUbQV6KL_oqUQ01m+BEzBJ+xcHpmQWw@mail.gmail.com> <bc0d1eb8-2301-224d-dc33-19f6a60e593e@si6networks.com>
In-Reply-To: <bc0d1eb8-2301-224d-dc33-19f6a60e593e@si6networks.com>
From: Tom Herbert <tom@herbertland.com>
Date: Tue, 28 Jan 2020 11:50:44 -0800
Message-ID: <CALx6S34i67ivt8t1P3omRVzsj9NfxY2t41JLjmjT6X0vtBQHKQ@mail.gmail.com>
Subject: Re: Address privacy
To: Fernando Gont <fgont@si6networks.com>
Cc: Nick Hilliard <nick@foobar.org>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cd5e71059d388a22"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/I3AMatLKWSw7nuIMfkBkLTrguEM>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2020 19:51:00 -0000

On Mon, Jan 27, 2020, 7:57 PM Fernando Gont <fgont@si6networks.com> wrote:

> On 28/1/20 00:10, Tom Herbert wrote:
> > On Mon, Jan 27, 2020 at 5:36 PM Fernando Gont <fgont@si6networks.com>
> wrote:
> >>
> >> On 26/1/20 18:37, Nick Hilliard wrote:
> >>> Tom Herbert wrote on 26/01/2020 20:16:
> >>>> It's intuitive
> >>>> that a higher frequency of address rotation yields more privacy
> >>>
> >>> intuitive, but probably inaccurate because of the a priori assumption
> >>> that privacy is strongly associated with the endpoint identifier.
> >>
> >> In many cases, it is: you log in to fb with a given address, and reuse
> >> that address to do other stuf
> >>
> > Yes, that's the "always on" network application that would allow
> > address tracking and identification at even high frequency of address
> > change. An exploit based on that is described in section 4.4 of
> > draft-herbert-ipv6-prefix-address-privacy-00. I believe the only way
> > to defeat this exploit would be single use (per flow), uncorrelated
> > address.
>
> Agreed. That said, temporary addresses, for obvious reasons mitigates
> activity correlation over time -- certainly not to the same extent that
> the paranoid "one address per flow" would.
>

Fernando,

The rationale for temporary addresses may be obvious, but I don't believe
anyone has yet quantified the effects. For instance, RFC4941 is thirteen
years old, is there any evidence that it has materially improved anyone's
privacy? (I'm not being cynical, but I think it's a fair question).

One might compare this to the policy of some sys admins that users need to
change passwords regularly. The rationale is similar, but that practice has
been most debunked as not improving security and in fact is more of a
burden to users that providing any real value.

Tom



> Thanks,
> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>
>

v2.23.0 | Report a Bug | By Email