Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt
Fernando Gont <fernando@gont.com.ar> Tue, 27 March 2018 08:49 UTC
Return-Path: <fernando@gont.com.ar>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF38C126B7E for <ipv6@ietfa.amsl.com>; Tue, 27 Mar 2018 01:49:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kj4HF8HM1d-A for <ipv6@ietfa.amsl.com>; Tue, 27 Mar 2018 01:49:02 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8109A1200C5 for <ipv6@ietf.org>; Tue, 27 Mar 2018 01:49:02 -0700 (PDT)
Received: from [192.168.11.242] (unknown [109.68.194.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id AFBDC80A09; Tue, 27 Mar 2018 10:49:00 +0200 (CEST)
Subject: Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, Tim Chown <Tim.Chown@jisc.ac.uk>
Cc: 6man <ipv6@ietf.org>
References: <152203605148.3066.2744350974766846700@ietfa.amsl.com> <2c561929-98dc-beac-7916-20af889956a4@gmail.com> <50B5C57C-523B-437C-AD74-3F641648EA42@jisc.ac.uk> <803efd39-f488-7b97-cc34-232bc92c7623@gmail.com>
From: Fernando Gont <fernando@gont.com.ar>
Message-ID: <f728c0f7-512d-9d6d-7f76-03cead98d2f5@gont.com.ar>
Date: Tue, 27 Mar 2018 09:35:28 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <803efd39-f488-7b97-cc34-232bc92c7623@gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/QmfAa2TaGmurHNBFEdKz8LH5amc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2018 08:49:04 -0000
On 03/26/2018 11:52 PM, Brian E Carpenter wrote:
>>>
>>>> 6. Temporary addresses are *not* disabled by default.
>>>
>>> Specifically, this text was removed:
>>>
>>>> Consequently, the use of temporary addresses SHOULD be disabled by
>>>> default in order to minimize potential disruptions.
>>>
>>> My concern is that the disruptions ("some applications may not behave
>>> robustly if temporary addresses are used") haven't gone away, and the
>>> cause may be very hard for ordinary users to diagnose. In fact, I
>>> think some of the cases of help desks advising users to switch off
>>> IPv6 derive from recently shipped operating systems that enable
>>> temporary addresses by default. I've disabled them on a couple of
>>> Windows 10 laptops for this reason.
>>
>> Through what impact of using privacy addresses? What are the problematic applications?
>
> I don't know what the 4941 authors were thinking of.
I guess they were referring to long-lived connections?
> The example
> I've seen is mentioned below: a service that considers frequent
> changes of IP address to be a sign of illicit activity.
This is tricky already, anyway. With happy-eyeballs sort of behavior,
this can already happen (one connection happens over v4, and a
subsequent happens over v6).
I do believe that, for all such cases, giving apps more control (and
awareness!) regarding v6 addressing and what they can do about it is
needed. But that would be out of cope for this particular document, I think.
That said, we could add a comment about this issue in this document.
Thoughts?
> (Remember, my concern is only about the default configuration
> and the resulting puzzlement of ordinary users and help desks.)
Another part of the problem here is that you cannot hint the network
about what to do. e.g., see draft-gont-6man-managing-slaac-policy
Thanks!
Cheers,
--
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tim Chown
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tim Chown
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Lorenzo Colitti
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Lorenzo Colitti
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tim Chown
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tim Chown
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Michael Richardson
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Mikael Abrahamsson
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tim Chown
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Michael Richardson
- IPv6 addressing APIs (Re: I-D Action: draft-fgont… Fernando Gont
- IPv6 addresing problem statement (was: Re: I-D Ac… Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: IPv6 addresing problem statement (was: Re: I-… Michael Richardson
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tom Herbert
- Re: IPv6 addresing problem statement Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tom Herbert
- Re: IPv6 addressing APIs (Re: I-D Action: draft-f… Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tim Chown
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tom Herbert
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Brian E Carpenter
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tom Herbert
- Re: IPv6 addresing problem statement Michael Richardson
- Re: IPv6 addresing problem statement Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: IPv6 addressing APIs (Re: I-D Action: draft-f… Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tom Herbert
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Fernando Gont
- Re: I-D Action: draft-fgont-6man-rfc4941bis-01.txt Tim Chown
- Re: IPv6 addressing APIs (Re: I-D Action: draft-f… Erik Kline