IETF Logo Mail Archive

Re: 3484bis and privacy addresses

Ray Hunter <v6ops@globis.net> Tue, 03 April 2012 06:53 UTC

Return-Path: <v6ops@globis.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84ADF11E8073 for <ipv6@ietfa.amsl.com>; Mon, 2 Apr 2012 23:53:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7qvVypQqxVwA for <ipv6@ietfa.amsl.com>; Mon, 2 Apr 2012 23:53:03 -0700 (PDT)
Received: from globis01.globis.net (RayH-1-pt.tunnel.tserv11.ams1.ipv6.he.net [IPv6:2001:470:1f14:62e::2]) by ietfa.amsl.com (Postfix) with ESMTP id 45BE211E8072 for <ipv6@ietf.org>; Mon, 2 Apr 2012 23:53:02 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by globis01.globis.net (Postfix) with ESMTP id 20120870130; Tue, 3 Apr 2012 08:53:01 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at globis01.globis.net
Received: from globis01.globis.net ([127.0.0.1]) by localhost (mail.globis.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HeNiGVoH3C4W; Tue, 3 Apr 2012 08:52:53 +0200 (CEST)
Received: from Rays-iMac.local (unknown [192.168.0.3]) (Authenticated sender: Ray.Hunter@globis.net) by globis01.globis.net (Postfix) with ESMTPA id 321B58700D7; Tue, 3 Apr 2012 08:52:53 +0200 (CEST)
Message-ID: <4F7A9E44.6060905@globis.net>
Date: Tue, 03 Apr 2012 08:52:52 +0200
From: Ray Hunter <v6ops@globis.net>
User-Agent: Postbox Express 1.0.1 (Macintosh/20100705)
MIME-Version: 1.0
To: Dave Thaler <dthaler@microsoft.com>
Subject: Re: 3484bis and privacy addresses
References: <4F716D5C.40402@innovationslab.net> <4F71F217.7000209@globis.net> <9B57C850BB53634CACEC56EF4853FF653B4F1217@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com>
In-Reply-To: <9B57C850BB53634CACEC56EF4853FF653B4F1217@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com>
Content-Type: multipart/alternative; boundary="------------080504030203070807070400"
Cc: Brian Haberman <brian@innovationslab.net>, "ipv6@ietf.org" <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 06:53:05 -0000

I can also live with Brian Carpenter's response.

> In terms of a general default in shipped IPv6 stacks, I prefer
> B, but it has to be qualified:
>
> There MUST be a user option to change this preference.
>
> There SHOULD be a network manager option to change this preference.
>
> The rationale for this is that we need privacy by default in shipped
> products, with the ability for the person deploying the product to
> override this.
>
>      Brian C
>    

Windows may have got it pretty much right for allowing network operators 
to control privacy addresses, and turning them off by default at least 
on servers. But with all due respect, the control mechanism mentioned by 
Dave only covers machines that are members of a (proprietary) Active 
Directory domain: It does not cover guest LANs, outsourced services, 
other operating systems, nor Bring Your Own Device, which are all 
increasing trends in the corporate World.

Network managers need that switch.

Can anyone show me where that's defined in an RFC?

regards,
RayH

Dave Thaler wrote:
>
> I prefer B, and this is what most existing implementations of RFC 3484 
> seem to already do (i.e., they follow the MAY not the SHOULD) whenever 
> privacy addresses are enabled.  I have yet to hear of an 
> implementation of RFC 3484 that actually follows the SHOULD (A) rather 
> than the MAY (B), but maybe someone on this list knows of one.
>
> To respond to Ray's "From the corporate World: option A as default, 
> with local user controlled option to override":
>
> In the corporate world, one requirement we've heard is to disable 
> privacy addresses all together,
>
> not just depreference them.   This is consistent with Brian 
> Carpenter's response.
>
> As such, the Windows implementation of RFC 3484 has always preferred 
> privacy addresses when enabled, and lets the administrator 
> enable/disable them.   Client OS's (Vista, Windows 7, etc.) have them 
> enabled by default, but can be disabled by an enterprise administrator 
> either manually or across the enterprise via Group Policy.   Server 
> OS's (Server 2003, Server 2008, etc.) have them disabled by default, 
> but can be enabled by an administrator.
>
> -Dave
>
> *From:* ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] *On 
> Behalf Of *Ray Hunter
> *Sent:* Tuesday, March 27, 2012 10:00 AM
> *To:* Brian Haberman
> *Cc:* ipv6@ietf.org
> *Subject:* Re: 3484bis and privacy addresses
>
> From the corporate World: option A as default, with local user 
> controlled option to override.
>
> RFC3484 (which references RFC3041) "Temporary addresses" are a menace 
> to fault finding, audit, logging, firewall rules, filtering, QoS 
> matching, conformance: anywhere where an ACL or stable address is used 
> today. Sure we shouldn't use fixed/stable IP literals, but we do. And 
> in many cases there aren't any practical alternatives in today's 
> products, so the IP address is the lowest common denominator used to 
> identify a machine (and dare I say even "a user" in some circumstances).
>
> Also not sure if any DHCPv6 server implementations actually provide 
> DHCPv6 assigned temporary addresses in practice.
>
> My take on this is that a set of a few hundred individual persons who 
> are worried about privacy are more likely to be able to control their 
> own particular machines to correctly override the "default off" 
> setting than a single corporate network manager is to be able to 
> guarantee overriding a "default on" setting on 100% of 10000 machines 
> attached to their network.
>
> regards,
> RayH
>
> Brian Haberman wrote:
>
> <div class="moz-text-flowed">All,
>      The chairs would like to get a sense of the working group on 
> changing the current (defined 3484) model of preferring public 
> addresses over privacy addresses during the address selection 
> process.  RFC 3484 prefers public addresses with the ability (MAY) of 
> an implementation to reverse the preference.  The suggestion has been 
> made to reverse that preference in 3484bis (prefer privacy addresses 
> over public ones). Regardless, the document will allow 
> implementers/users to reverse the default preference.
>
>      Please state your preference for one of the following default 
> options :
>
> A. Prefer public addresses over privacy addresses
>
> B. Prefer privacy addresses over public addresses
>
> Regards,
> Brian, Bob, & Ole
>
> </div>
>
> -- 
> Ray Hunter
> Ray.Hunter@globis.net <mailto:Ray.Hunter@globis.net>
> Globis Consulting BV, Fazantlaan 23, 5613CB Eindhoven NL,
> Registered at the KvK, Eindhoven, under number BV 17098279
> mobile: +31 620 363864
>

v2.20.3 | Report a Bug | By Email