IETF Logo Mail Archive

Re: SLAAC on non-/64 networks

Mark Smith <markzzzsmith@gmail.com> Wed, 11 April 2018 20:26 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DE9B12AF83 for <ipv6@ietfa.amsl.com>; Wed, 11 Apr 2018 13:26:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.498
X-Spam-Level:
X-Spam-Status: No, score=-0.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SUdRt6_UIOjd for <ipv6@ietfa.amsl.com>; Wed, 11 Apr 2018 13:26:37 -0700 (PDT)
Received: from mail-ua0-x22a.google.com (mail-ua0-x22a.google.com [IPv6:2607:f8b0:400c:c08::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 826B61271FD for <ipv6@ietf.org>; Wed, 11 Apr 2018 13:26:37 -0700 (PDT)
Received: by mail-ua0-x22a.google.com with SMTP id q26so2023169uab.0 for <ipv6@ietf.org>; Wed, 11 Apr 2018 13:26:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=xo3TusYotlEQhwnmXzKIJbBcGTQLfJGKr1S9wH1UZsM=; b=iJSWURdMmZpdBDFTi5vI3pi642de++B4nu1GUdumsy6B9k0ROJTFYGpiHcehGAgSnI dQTkr87xQnFhBtauvFncgbSrjMWxkevmYMw6JelM9JWQd/z+WJ1oe8J196Qp000oHsJc WQ4wYcJu8obNuE6g92cLkIJmXO+JjNAUPDEjMd+LuLCN5B7FNyojD9dthnLzILjRS5wD ekRS2e6hpXxrFNZB0zUy36vfwZWDvK9QJHCJsFGyeoPSSzp2BAhX4i2EqIyeq/UlSVHa dr7+C4SSMZM/wkIQ6Grwic/KKGsPz0zKdSm84Tr1+3EmMZeVNH+e+5oK9ChZpdEPn4GY OSDQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xo3TusYotlEQhwnmXzKIJbBcGTQLfJGKr1S9wH1UZsM=; b=sh1E+/nFU73j91Gjkjsz1Yi3P+NpAme4zqwVJnp8KKHFAT2PG0CPdMcvGBmzy1T9LX 4lXsD/cYrcE4n2LphUGJkr+h+hDkZUCjOy2mBlS5Zbb2TAcpYONwaK0AL1FZBsieC9lU sBuf5IvtlKfdNRH/NqSpcMLSrGUXBodjYbvR0UyWrIIut/aMIY5gRmA9fLDdY+Gklch1 +Ang10+gAJHbCR0asU/sCWbea/MvmebwBXZLHisWZTM7ErPnpjBTXAXcfxxH/xhebC8n In+2NJryAjZnsLHFMBRvz9ppUSkbRAKq8llx8L2seyYC4+VZ5DVJ8dA+tluUNV+nJtLj /skg==
X-Gm-Message-State: ALQs6tApDq9jZDRqXDbreSThQPGndr9yRYa1rURcOuam+9r6jCPPg6BA MvgIbchFjTXB7/eHP8QrqPQJOTngTlBcN0m31soxug==
X-Google-Smtp-Source: AIpwx4+asmDx+SSauhtInjtExh1hSlWkqbsV3e8c3j19N1OcKBwQsy+VzCfiOx8WU1TP8FtTcDdfrItUhbv3x7j+Bj4=
X-Received: by 10.176.6.5 with SMTP id f5mr4349882uaf.37.1523478396465; Wed, 11 Apr 2018 13:26:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.25.4 with HTTP; Wed, 11 Apr 2018 13:26:05 -0700 (PDT)
In-Reply-To: <CALx6S35PezT8Et8qhYHja45-oK22coajQ0n=CYoNXQ9CzSVXgw@mail.gmail.com>
References: <43fe7a37-0a14-e3e0-7703-1769ff7926d0@si6networks.com> <CAKD1Yr2MzNCyvbKy=3TpEtYzm23qqR=+5C-GNMH5BtFwmDPeNg@mail.gmail.com> <ffd927f3-2ff1-e385-da54-4d47d56fe098@si6networks.com> <CAKD1Yr2PoyZkwiFGZPHc8LCRV_BhOBYS7Wq=MgSmH9zXM7OX4g@mail.gmail.com> <0680f74a-7284-c821-a612-b98640052e4f@si6networks.com> <CAKD1Yr3rLkHkn+f66OZ0aMfjvSJ4KwOUdX+0oOZVaDG358zZ2g@mail.gmail.com> <c2555c3c-78b0-90c5-6221-74985a06e7d9@si6networks.com> <CAKD1Yr326Z99u7LK+P9=NVqaKHxkRSya4J2MfeeHH=f8nN8znA@mail.gmail.com> <38f09638-5a1f-70bb-14e9-b4d763a9df24@si6networks.com> <BD37969E-6D52-48E5-9545-A24576E0A3B9@isc.org> <547e3a40-bf3f-049f-556d-3aba4d9d0f3c@si6networks.com> <4F245851-B67D-4153-A025-6DD2DEB4CDCA@isc.org> <A3F46D2E-2DA3-4F0A-8DE1-AEC0BCE374DB@gmail.com> <C22AAC88-7A7E-4915-854C-77AF88678951@employees.org> <5CD49C1A-E1B0-4088-A3F9-E5C028A35BEC@gmail.com> <alpine.DEB.2.20.1803240802370.20609@uplift.swm.pp.se> <5ABC233D-6A2D-4143-9FB6-EF2298ADC2BF@gmail.com> <f8982a54-463b-f1ee-2b2f-f8b888b34d2a@asgard.org> <CAO42Z2yj5wRWxQnXE_M4e=_SagGESiLW_Wj6Q4jGvu_ao8PRyg@mail.gmail.com> <CALx6S35PezT8Et8qhYHja45-oK22coajQ0n=CYoNXQ9CzSVXgw@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Thu, 12 Apr 2018 06:26:05 +1000
Message-ID: <CAO42Z2w5KKviS6kd9m55rOsjigFxaP2D2h=Z6+DoJ-ksrHHHNA@mail.gmail.com>
Subject: Re: SLAAC on non-/64 networks
To: Tom Herbert <tom@herbertland.com>
Cc: Lee Howard <lee@asgard.org>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c1242e2a4fff805699874d1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/U3pAgcqMYjFoNmiNhWlc_PFc0eQ>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2018 20:26:40 -0000

Hi Tom,

On 10 April 2018 at 16:07, Tom Herbert <tom@herbertland.com> wrote:

> On Mon, Apr 9, 2018 at 1:59 PM, Mark Smith <markzzzsmith@gmail.com> wrote:
> >
> >
> > On Sat., 24 Mar. 2018, 20:35 Lee Howard, <lee@asgard.org> wrote:
> >>
> >>
> >>
> >> On 03/24/2018 07:39 AM, DaeYoung KIM wrote:
> >>
> >> On 24 Mar 2018, at 16:03, Mikael Abrahamsson <swmike@swm.pp.se> wrote:
> >>
> >> We're already telling them to hand out /56:es, but that seems to be
> >> working so-so. Right?
> >>
> >> Where’s the document to strongly recommend or mandate that they SHOULD
> or
> >> MUST hand out /56:es?
> >>
> >> With the one for /64, I mean a strong recommendation or mandating as
> >> SHOULD or MUST.
> >>
> >> If ISPs still don’t comply, it’d only mean that IETF has simply lost its
> >> authority as an SDO.
> >>
> >>
> >> The only authority the IETF has is in ensuring interoperability.
> >>
> >> The only appropriate use for MUST is "If you don't do this, your stuff
> >> won't work with others' stuff."
> >>
> >> RFC2119 "Key words for use in RFCs to Indicate Requirements Levels"
> >> Section 6 Guidance in the use of these Imperatives:
> >>
> >> Imperatives of the type defined in this memo must be used with care
> >>    and sparingly.  In particular, they MUST only be used where it is
> >>    actually required for interoperation or to limit behavior which has
> >>    potential for causing harm (e.g., limiting retransmisssions)  For
> >>    example, they must not be used to try to impose a particular method
> >>    on implementors where the method is not required for
> >>    interoperability.
> >>
> >>
> >> (emphasis mine)
> >>
> >> I don't think the case has been successfully made that IPv6 (or higher
> >> protocols) fails to interoperate with the 64 bit boundary.
> >
> >
> >
> > TL;DR. removing the /64 boundary, and making it arbitrary, contradicts
> > BCP188 - "Pervasive Monitoring Is an Attack".
> >
> > Where the difference is between IPv4 and IPv6 is in terms of addressing
> > security and privacy.
> >
> > In my experience, at a number of corporate and residential ISPs, privacy
> and
> > security properties of addresses have not been a consideration in IPv4
> > because they couldn't be - there just weren't enough address bits for it
> to
> > be possible. It has been all about providing customers with as many
> > addresses as they needed, while also considering the scarcity of IPv4
> > addresses.
> >
> > We might not know how many bits are the minimum are required for
> addressing
> > privacy and security. However, I think we do know that more bits is
> always
> > going to be better.
> >
> > Today, with the /64 boundary, ISPs still don't specifically need to
> think of
> > customer address privacy and security - it is inherent in the size of
> /64.
>
> Mark,
>
> I disagree that privacy customer privacy is inherent in /64
> assignment.



I don't think I said that. What I was saying is that ISPs aren't in the
habit of considering customers' privacy requirements during IPv4 address
assignment during assignment, both because there wasn't an evident need
(i.e. pre-Snowden), and there weren't enough IPv4 addressing bits to do so
anyway. (I've never done it, and as recently as within the last month or
so, I've split up a public IPv4 /24 into /29s for customer assignments for
the most recent of 5 ISPs I've worked for.)

Unless the ISP service or product specifically offers security and privacy
as a feature e.g. IPsec VPN product, in my experience ISPs consider
customer privacy and security to be the customers' responsibility.



> In the very common case where /64s are being assigned to
> individual devices, all addresses created by the device will share a
> common unique prefix. The device is trackable based on the /64 prefix
> alone. The IIDs used by the device can change constantly, but that
> does nothing to prevent tracking of the device. This concern is
> mentioned in passing in RFC4941 and we examine it in more detail in
> draft-herbert-ipv6-prefix-address-privacy.
>

I think that is unrelated to the size of the IID itself, and is a privacy
issue related to and caused by the assignment of a single prefix to a
single device. As you've observed, the prefix becomes the host identifier.

Reducing the default size of the IID, or abandoning a default IID size,
isn't going to have any positive influence on host addressing privacy in
that prefix-per-host scenario. Reducing the IID size significantly would
help confirm to a remote attacker that the prefix-per-host assignment model
is being used, when e.g. despite their being a possible 2^64 IID values
within a conventional /64 prefix assignment (i.e. assignment to link or
host), all the IIDs come from within e.g. a /120 within an assumed /64
address space.

Regards,
Mark.



>
> Tom
>
> > Remove that boundary, and it won't suddenly be considered, and I expect
> will
> > be lost. I think ISP would be likely to inadvertently sacrifice customer
> > addressing privacy and security to retain IPv4 addressing methods and
> > practices because of their much more than a decade of familiarity with
> them.
> >
> > So /64 might not be a "MUST" or even a "SHOULD" to give the ability to a
> > host to have its own globally unique address to send IPv6 packets with.
> > However, from an address security and privacy perspective, probably not a
> > MUST, but I would certainly say a strong SHOULD.
> >
> > The IETF may not be able to dictate what operators do (and I agree with
> > that). However, the IETF is in a strong position to signal and emphasise
> > what's best to do (hence, BCPs). Default for parameters are the signals
> that
> > provide the properties that the IETF design to and for are those signals.
> >
> > Regards,
> > Mark.
> >
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
> >
>

v2.23.0 | Report a Bug | By Email