IETF Logo Mail Archive

Re: Address privacy

Mark Smith <markzzzsmith@gmail.com> Tue, 28 January 2020 20:38 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC9C91200A3 for <ipv6@ietfa.amsl.com>; Tue, 28 Jan 2020 12:38:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.498
X-Spam-Level:
X-Spam-Status: No, score=-0.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FvrY21k74huM for <ipv6@ietfa.amsl.com>; Tue, 28 Jan 2020 12:38:50 -0800 (PST)
Received: from mail-ot1-x32c.google.com (mail-ot1-x32c.google.com [IPv6:2607:f8b0:4864:20::32c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C2B612006B for <ipv6@ietf.org>; Tue, 28 Jan 2020 12:38:50 -0800 (PST)
Received: by mail-ot1-x32c.google.com with SMTP id d3so13081593otp.4 for <ipv6@ietf.org>; Tue, 28 Jan 2020 12:38:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=icq+MP5op25Cbp0OhJW/H38JdGVthZ9DDRoaIstiWu8=; b=R54vGJaFMSCvs+xNSnKEcUon5LN/LFEdm99Mr4+Yv+UaugkRi4jXPvAnJUNukQ2ftV JOM71UYQtPRQx6CPsrMzfZSXN3bmjVan8bzZeIgYx9dbtq6MXRzDp5ND/HQFtGzNht2c VBK0ASvHDKuC9xyqfzK+EWrHfqrEViz0nTIdp8I+3UNOfvqgOOVGkpa9CZRhLYTkxCjt LTkUjURkvxa0EM4TdFTjz9yi2ZLVPiYXvxaKXeqEPk4CojaW5wQYm6YeZU3SifwqlsWf 8XnwG3b2gvXtQG5gVjngrOJBst6bLvfc8XZshMCLvpYUngi/sc11KQ4//O6EH2nuWbaN SQxw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=icq+MP5op25Cbp0OhJW/H38JdGVthZ9DDRoaIstiWu8=; b=m7JlvGrnEznlD9rAwSc+w33kFAwmdosL5EvNfKykyaZQgrpvS6zxOwiVgtAsFgDQiT IKXQaF0L26IM+8RTJonxZlBOvFjJNB4gXhrDs+MxY9Hs3Sm2ylyvg9qv1KZXbvazhJXM frL1GV4uQ17fgKy3VRFcGaA0WDX+vVY3jDrR4H83uyZOhfkBDYwCP6d/A+/VsL7/2e2+ AO7tBzkCO59GeTkrRaeOO62ZUgTlO0loXcXO89TjBHHylBMhBVZ21jMkyh6DoIZpP1uv GR0H5K7R8X9rcBej4XuKP3fl4XBubaCcPJqOMedE1VUH4tHdWbPZEbtXEckgx2G4RwXH 4xsQ==
X-Gm-Message-State: APjAAAVy6tsGAxQW8iiSZnS76SV/jvaeOQy5HGbCxdFwiW7wmb/U5GHa o9lqcjYJxFHuJv+rdudqJ7zkHMEwPnKJJcnW0sI1kwlV
X-Google-Smtp-Source: APXvYqyBNzf0aQMP8YDInrQIhKqv319tUkK6LQs9o4yT3v2qGmrRKjfW2yQnNMwfDdSf06fS0wbID1h6DTP6F0TeJdE=
X-Received: by 2002:a9d:7548:: with SMTP id b8mr17700246otl.74.1580243929755; Tue, 28 Jan 2020 12:38:49 -0800 (PST)
MIME-Version: 1.0
References: <03C832CE-7282-4320-BF1B-4CB7167FE6BE@employees.org> <MN2PR11MB3565330989D411525D30B90DD80F0@MN2PR11MB3565.namprd11.prod.outlook.com> <80207E17-AE8E-4D19-B516-D2E6AB70721E@employees.org> <8D5610EA-49D3-483E-BB7A-67D67BC89346@jisc.ac.uk> <DE7B0688-230F-4A5C-8E24-9EAED9FD9FEB@puck.nether.net> <CAO42Z2zXwVnzemRqyqy78czpHjZm0nhkCJgVrx=-fmt+C6MnSA@mail.gmail.com> <1962.1579823388@localhost> <f83ab037-9125-bb74-dbac-68850aeb1020@huitema.net> <CBB23ABE-A7A3-4208-873C-E47EE063E34B@fugue.com> <11855.1579980079@localhost> <CALx6S36V_VjaxhELYcsgDYLWsCkj20p6gtiY9T9Q=9-9Oibyjw@mail.gmail.com> <32626.1580060558@localhost> <CALx6S37prWACD0jv9c-XHD-JtPqZAcgeT2Ax0EZHkiQaDR4t=g@mail.gmail.com> <419b7c7a-e364-7951-5a44-6c39e1da65fb@joelhalpern.com> <CALx6S36802oDaEgojAPq2c6hM_s1BayidXPh1Sc6RZmZa9UHpQ@mail.gmail.com> <6c5ba72d-9289-90ba-a1c9-2307ed29a4da@foobar.org> <a98bf2ab-32e7-459b-14d2-5e0e1c65a229@si6networks.com> <CALx6S36J5TPnXJQyMW2NUbQV6KL_oqUQ01m+BEzBJ+xcHpmQWw@mail.gmail.com> <bc0d1eb8-2301-224d-dc33-19f6a60e593e@si6networks.com> <CALx6S34i67ivt8t1P3omRVzsj9NfxY2t41JLjmjT6X0vtBQHKQ@mail.gmail.com>
In-Reply-To: <CALx6S34i67ivt8t1P3omRVzsj9NfxY2t41JLjmjT6X0vtBQHKQ@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Wed, 29 Jan 2020 09:38:37 +1300
Message-ID: <CAO42Z2x079xurzjoRkX6kVa6Cc3SkJJH3_RvaTgVyB-sYO6yWg@mail.gmail.com>
Subject: Re: Address privacy
To: Tom Herbert <tom@herbertland.com>
Cc: Fernando Gont <fgont@si6networks.com>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000017756b059d393620"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/SayA1nIH80kj2MPHZFekmapILYY>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2020 20:38:52 -0000

On Wed, 29 Jan 2020, 08:51 Tom Herbert, <tom@herbertland.com> wrote:

>
>
> On Mon, Jan 27, 2020, 7:57 PM Fernando Gont <fgont@si6networks.com> wrote:
>
>> On 28/1/20 00:10, Tom Herbert wrote:
>> > On Mon, Jan 27, 2020 at 5:36 PM Fernando Gont <fgont@si6networks.com>
>> wrote:
>> >>
>> >> On 26/1/20 18:37, Nick Hilliard wrote:
>> >>> Tom Herbert wrote on 26/01/2020 20:16:
>> >>>> It's intuitive
>> >>>> that a higher frequency of address rotation yields more privacy
>> >>>
>> >>> intuitive, but probably inaccurate because of the a priori assumption
>> >>> that privacy is strongly associated with the endpoint identifier.
>> >>
>> >> In many cases, it is: you log in to fb with a given address, and reuse
>> >> that address to do other stuf
>> >>
>> > Yes, that's the "always on" network application that would allow
>> > address tracking and identification at even high frequency of address
>> > change. An exploit based on that is described in section 4.4 of
>> > draft-herbert-ipv6-prefix-address-privacy-00. I believe the only way
>> > to defeat this exploit would be single use (per flow), uncorrelated
>> > address.
>>
>> Agreed. That said, temporary addresses, for obvious reasons mitigates
>> activity correlation over time -- certainly not to the same extent that
>> the paranoid "one address per flow" would.
>>
>
> Fernando,
>
> The rationale for temporary addresses may be obvious, but I don't believe
> anyone has yet quantified the effects. For instance, RFC4941 is thirteen
> years old, is there any evidence that it has materially improved anyone's
> privacy? (I'm not being cynical, but I think it's a fair question).
>

It depends. What were the privacy goals RFC3041/4241 designed to achieve
and does it achieve them?

It isn't reasonable to come up with a different set of privacy goals that
RFC3041/4241 weren't designed to satisfy and then declare 3041/4241 is a
privacy failure because it doesn't satisfy them.

Privacy isn't binary, there are different privacy threats and different
parties to be private from. That means needing different privacy mechanisms
to suit the different privacy threat models.



> One might compare this to the policy of some sys admins that users need to
> change passwords regularly. The rationale is similar, but that practice has
> been most debunked as not improving security and in fact is more of a
> burden to users that providing any real value.
>
> Tom
>
>
>
>> Thanks,
>> --
>> Fernando Gont
>> SI6 Networks
>> e-mail: fgont@si6networks.com
>> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>>
>>
>>
>>
>> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email