IETF Logo Mail Archive

Re: Address privacy

Michael Richardson <mcr+ietf@sandelman.ca> Thu, 30 January 2020 19:03 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4D60120108 for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 11:03:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.435
X-Spam-Level: *
X-Spam-Status: No, score=1.435 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_SBL_CSS=3.335, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xN3LKPJsvILg for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 11:03:19 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [IPv6:2a01:7e00::f03c:91ff:feae:de77]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D8DE12008F for <ipv6@ietf.org>; Thu, 30 Jan 2020 11:03:18 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [209.29.231.2]) by relay.sandelman.ca (Postfix) with ESMTPS id A419B1F45B for <ipv6@ietf.org>; Thu, 30 Jan 2020 19:03:16 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 7EF121A373A; Thu, 30 Jan 2020 14:03:15 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: 6man WG <ipv6@ietf.org>
Subject: Re: Address privacy
In-reply-to: <CALx6S36TsYAJgD=s=vA=RpwRsPvQYKagnQB8kXp2mABRLP4HoQ@mail.gmail.com>
References: <03C832CE-7282-4320-BF1B-4CB7167FE6BE@employees.org> <1962.1579823388@localhost> <f83ab037-9125-bb74-dbac-68850aeb1020@huitema.net> <CBB23ABE-A7A3-4208-873C-E47EE063E34B@fugue.com> <11855.1579980079@localhost> <CALx6S36V_VjaxhELYcsgDYLWsCkj20p6gtiY9T9Q=9-9Oibyjw@mail.gmail.com> <32626.1580060558@localhost> <CALx6S37prWACD0jv9c-XHD-JtPqZAcgeT2Ax0EZHkiQaDR4t=g@mail.gmail.com> <419b7c7a-e364-7951-5a44-6c39e1da65fb@joelhalpern.com> <CALx6S36802oDaEgojAPq2c6hM_s1BayidXPh1Sc6RZmZa9UHpQ@mail.gmail.com> <6c5ba72d-9289-90ba-a1c9-2307ed29a4da@foobar.org> <a98bf2ab-32e7-459b-14d2-5e0e1c65a229@si6networks.com> <CALx6S36J5TPnXJQyMW2NUbQV6KL_oqUQ01m+BEzBJ+xcHpmQWw@mail.gmail.com> <bc0d1eb8-2301-224d-dc33-19f6a60e593e@si6networks.com> <CALx6S34i67ivt8t1P3omRVzsj9NfxY2t41JLjmjT6X0vtBQHKQ@mail.gmail.com> <1fc7816e-6179-28d6-7b11-be2027561a54@si6networks.com> <CALx6S37KXfLE22uHMZTD41+jR7fdZd9PZGqO-r4SE2LehtN=Gg@mail.gmail.com> <2d312ecf-e037-5c24-28d7-2a2c3dc06363@si6networks.com> <CALx6S3 7A1QzR0PhDUzujXGiB+a-9c1qG4g8TE8KOcxOLKP18TQ@mail.gmail.com> <42900FAF-7FD8-46D8-9831-5B9E520814BB@fugue.com> <CALx6S36f41nbj=2fibt9X2EpDO1Rz6o2Fm-QeNMvUfzPCu10jw@mail.gmail.com> <CAO42Z2xhmmrYqkBYF9PNSEtyRaZs8bdj_5DjYYk8Bc040OGCmw@mail.gmail.com> <CALx6S36TsYAJgD=s=vA=RpwRsPvQYKagnQB8kXp2mABRLP4HoQ@mail.gmail.com>
Comments: In-reply-to Tom Herbert <tom@herbertland.com> message dated "Tue, 28 Jan 2020 19:06:19 -0800."
X-Mailer: MH-E 8.6; nmh 1.7.1-RC3; GNU Emacs 25.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Thu, 30 Jan 2020 14:03:15 -0500
Message-ID: <30220.1580410995@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Oszm5MVxFo7qc6NQNfYv3FOMjXs>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jan 2020 19:03:21 -0000

Tom Herbert <tom@herbertland.com> wrote:
    > I don't understand why 24 hours is considered the preferred lifetime.

I think that this is a good and definite RFC4941bis comment that we should go
into.

I think that using temporary addresses in series, for short periods of time,
is useless: WHEN IT COMES TO PREVENTING TRACKING WHEN NOT MOBILE.

To be clear, we have made significant progress for devices which are mobile
or nomadic.  We should celebrate this and move on, but recognize that a
'temporary" address that lasts as long as the device is at a specific
location is good.
A stable private address may be good enough, if it is okay for the device to
resume the same address whenever it returns to that location. 

For the reasons Ted gave (upper-64 at home network), but also because the
risk is providing trivial tracking to a MITM observer who sees connection A
to facebook, to pr0n site Q, human rights organization Y, VPN service N and
then connection B to service X. As Tom and Mark have pointed out, if the MITM
can coordinate userinfo with service X, then they can determine the set of
things that the user has done.

*IF* we are trying to deal with tracking when a device is not moving, then we
 might need a different strategy.
 

-- 
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email