IETF Logo Mail Archive

Re: Giving up security & privacy when manually configuring addresses - rfc4291bis text

sthaug@nethelp.no Wed, 07 June 2017 05:51 UTC

Return-Path: <sthaug@nethelp.no>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EDF312E858 for <ipv6@ietfa.amsl.com>; Tue, 6 Jun 2017 22:51:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Level:
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mchUjOlNJu1w for <ipv6@ietfa.amsl.com>; Tue, 6 Jun 2017 22:51:34 -0700 (PDT)
Received: from bizet.nethelp.no (bizet.nethelp.no [195.1.209.33]) by ietfa.amsl.com (Postfix) with ESMTP id 8B7A512E856 for <ipv6@ietf.org>; Tue, 6 Jun 2017 22:51:33 -0700 (PDT)
Received: from localhost (bizet.nethelp.no [IPv6:2001:8c0:9e04:500::1]) by bizet.nethelp.no (Postfix) with ESMTP id 173D6E6065; Wed, 7 Jun 2017 07:51:31 +0200 (CEST)
Date: Wed, 07 Jun 2017 07:51:31 +0200
Message-Id: <20170607.075131.74727436.sthaug@nethelp.no>
To: fredbaker.ietf@gmail.com
Cc: markzzzsmith@gmail.com, job@instituut.net, ek@google.com, ipv6@ietf.org
Subject: Re: Giving up security & privacy when manually configuring addresses - rfc4291bis text
From: sthaug@nethelp.no
In-Reply-To: <EB4E2A17-B77F-40B8-B565-B3BBC1E378B3@gmail.com>
References: <CAO42Z2ziUZnK+n2f9N_Xvb5TZBppApXgNSmDsRLxaT1_taLvFw@mail.gmail.com> <EB4E2A17-B77F-40B8-B565-B3BBC1E378B3@gmail.com>
X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/IN22QQlVlVA0_lT_WnLA7jfcMiw>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2017 05:51:36 -0000

> > That doesn't mention that security and privacy properties of addresses
> > will be compromised if the manually configured addresses are from a
> > small prefix.
> 
> Or advertised in DNS?
> 
> I would expect that any address configured manually would also be advertised in DNS, the latter being the reason for the former. If the address is publicly announced, does one have a reasonable expectation of privacy?

That's precisely the point. I configure fixed addresses typically for
servers, and I put the addresses in the DNS. I *want* those addresses
to be publically known. Security and privacy is not relevant in this
particular case.

Steinar Haug, AS2116

v2.23.0 | Report a Bug | By Email