Re: IPv6 Privacy Considerations

[sthaug@nethelp.no]

> > Every residential deployment I'm aware either uses DHCPv6 IA_PD
> > to supply the prefix, or 6rd (where the prefix is based on the IPv4 address,
> > which can be static or dynamic, from DHCPv4 or IPCP).
> 
> I'm aware of at least some residential Ipv6 deployments in some 
> countries that use SLAAC rather than DHCPv6. 
> 
> Similarly, at least some "wireless hotspot" deployments today
> use SLAAC and put all users from that one hotspot (e.g. coffee shop)
> on the same IPv6 routing prefix.  Using SLAAC and an unpredictable
> IPv6 IID on such links can help with privacy.

If DHCPv4 is acceptable, I would expect DHCPv6 IA_NA, or DHCPv6 IA_PD
(with a suitable non identifiable user part) to be equally acceptable.
Am I wrong here?

> > Thanks to strong IETF pressure to keep these DHCPv6 prefixes as static
> > as possible, it appears that most wireline providers do intend to move
> > to a model of static IPv6 prefixes.
> 
> Which IETF RFCs are you thinking of that apply "strong IETF pressure" 
> for ISPs to have very static IPv6 prefix allocations ?

We see strong *user* pressure to keep addresses handed out with DHCP
to be as static as possible (for instance so that users can run servers
on their DHCP addresses).

> > When the IPv4 address or IPv6 prefix (to the residence) changes frequently,
> > the only way to get a consistent IP address to residence mapping was
> > to ask the ISP to maintain that mapping and provide it frequently.
> 
> I'm having trouble parsing that sentence, but it seems to be agreeing 
> that DHCP logs are used today to track users (i.e. the privacy issue
> is real).

In some places we have *legal requirements* to be able to track address
to customer mapping this way. Note that customer is not necessarily the
same as user (e.g. a customer could represent a household).

Steinar Haug, AS 2116