Re: Giving up security & privacy when manually configuring addresses - rfc4291bis text
sthaug@nethelp.no Wed, 07 June 2017 12:29 UTC
Return-Path: <sthaug@nethelp.no>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CCE612EBF7 for <ipv6@ietfa.amsl.com>; Wed, 7 Jun 2017 05:29:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QpuID04D9De8 for <ipv6@ietfa.amsl.com>; Wed, 7 Jun 2017 05:29:38 -0700 (PDT)
Received: from bizet.nethelp.no (bizet.nethelp.no [IPv6:2001:8c0:9e04:500::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D1C112EBF4 for <ipv6@ietf.org>; Wed, 7 Jun 2017 05:29:38 -0700 (PDT)
Received: from localhost (bizet.nethelp.no [IPv6:2001:8c0:9e04:500::1]) by bizet.nethelp.no (Postfix) with ESMTP id 26BACE6065; Wed, 7 Jun 2017 14:29:36 +0200 (CEST)
Date: Wed, 07 Jun 2017 14:29:36 +0200
Message-Id: <20170607.142936.74725051.sthaug@nethelp.no>
To: ek@google.com
Cc: fredbaker.ietf@gmail.com, markzzzsmith@gmail.com, job@instituut.net, ipv6@ietf.org
Subject: Re: Giving up security & privacy when manually configuring addresses - rfc4291bis text
From: sthaug@nethelp.no
In-Reply-To: <CAAedzxqWqShdneSBVTEN=5b+KsyQdCroOoyviH9AOJKV262xyg@mail.gmail.com>
References: <EB4E2A17-B77F-40B8-B565-B3BBC1E378B3@gmail.com> <20170607.075131.74727436.sthaug@nethelp.no> <CAAedzxqWqShdneSBVTEN=5b+KsyQdCroOoyviH9AOJKV262xyg@mail.gmail.com>
X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Iy_EmBJUR1tFvtgljVYNtFL4Pgc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2017 12:29:40 -0000
> > That's precisely the point. I configure fixed addresses typically for > > servers, and I put the addresses in the DNS. I *want* those addresses > > to be publically known. Security and privacy is not relevant in this > > particular case. > > For an authoritative server, sure. > > But if you're a recursive resolver then using privacy addresses while doing > recursion (and changing the privacy addresses frequently) might indeed be > very useful. (In fact: a unique source address per query is wonderful.) Different strokes for different folks. I'm fine with fixed addresses for the query sources of my recursive resolvers, and have no plans to change this. I have no problems with others using a unique source address per query. Steinar Haug, AS2116
- Giving up security & privacy when manually config… Mark Smith
- Re: Giving up security & privacy when manually co… David Farmer
- Re: Giving up security & privacy when manually co… Fred Baker
- Re: Giving up security & privacy when manually co… Job Snijders
- Re: Giving up security & privacy when manually co… Christopher Morrow
- Re: Giving up security & privacy when manually co… Tom Herbert
- Re: Giving up security & privacy when manually co… sthaug
- Re: Giving up security & privacy when manually co… Erik Kline
- Re: Giving up security & privacy when manually co… sthaug
- Re: Giving up security & privacy when manually co… Fernando Gont
- Re: Giving up security & privacy when manually co… Fernando Gont
- Re: Giving up security & privacy when manually co… Mark Andrews
- Re: Giving up security & privacy when manually co… Nick Hilliard
- Re: Giving up security & privacy when manually co… Mark Smith
- Re: Giving up security & privacy when manually co… Philip Homburg
- Re: Giving up security & privacy when manually co… Lorenzo Colitti
- Re: Giving up security & privacy when manually co… Simon Hobson
- Re: Giving up security & privacy when manually co… Fernando Gont
- Re: Giving up security & privacy when manually co… Lorenzo Colitti
- Re: Giving up security & privacy when manually co… Fernando Gont
- Re: Giving up security & privacy when manually co… Mark Smith
- Re: Giving up security & privacy when manually co… Tom Herbert
- Re: Giving up security & privacy when manually co… Lorenzo Colitti
- Re: Giving up security & privacy when manually co… Fernando Gont
- Re: Giving up security & privacy when manually co… Alexandre Petrescu
- Re: Giving up security & privacy when manually co… Mark Smith
- Re: Giving up security & privacy when manually co… Simon Hobson
- Re: Giving up security & privacy when manually co… Tom Herbert
- Re: Giving up security & privacy when manually co… Fernando Gont
- Re: Giving up security & privacy when manually co… Fernando Gont