Re: 64bit MAC addresses and SLAAC
Alexandre Petrescu <alexandre.petrescu@gmail.com> Thu, 18 June 2020 14:26 UTC
Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5C793A112F for <ipv6@ietfa.amsl.com>; Thu, 18 Jun 2020 07:26:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.671
X-Spam-Level:
X-Spam-Status: No, score=0.671 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UtHIwfVgkWjH for <ipv6@ietfa.amsl.com>; Thu, 18 Jun 2020 07:26:07 -0700 (PDT)
Received: from sainfoin-smtp-out.extra.cea.fr (sainfoin-smtp-out.extra.cea.fr [132.167.192.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55B1D3A1097 for <ipv6@ietf.org>; Thu, 18 Jun 2020 07:26:07 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by sainfoin-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 05IEQ5j9032749 for <ipv6@ietf.org>; Thu, 18 Jun 2020 16:26:05 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id A1D01207B8F for <ipv6@ietf.org>; Thu, 18 Jun 2020 16:26:05 +0200 (CEST)
Received: from muguet2-smtp-out.intra.cea.fr (muguet2-smtp-out.intra.cea.fr [132.166.192.13]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 9667D20712F for <ipv6@ietf.org>; Thu, 18 Jun 2020 16:26:05 +0200 (CEST)
Received: from [10.8.35.150] (is154594.intra.cea.fr [10.8.35.150]) by muguet2-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 05IEQ5tZ022255 for <ipv6@ietf.org>; Thu, 18 Jun 2020 16:26:05 +0200
Subject: Re: 64bit MAC addresses and SLAAC
To: ipv6@ietf.org
References: <e8a25961-5ac9-d35e-77dd-bf86f45cd077@gmail.com> <a17ae9f3-001c-07f6-84f9-a0ca583e6a00@gmail.com> <7AE5B6D0-AB01-4077-A9EF-5BD86F428681@gmail.com> <CAC8QAcdDjQvonke7hytV8pCYsTAjATNi560v_b32jus_jDW8bw@mail.gmail.com> <b43a00f5-c957-923a-cef4-ed541ebdb39a@gmail.com> <a96f1262-d152-dc09-1c2f-b2604ca21890@si6networks.com> <m1jlb8u-0000JDC@stereo.hq.phicoh.net> <d23c967b-29fc-cf94-d51b-70d200ee195f@si6networks.com> <CABNhwV2+pq9fwWA=X4eN064gdtOV628pgaSMmDEyq3ANX6xZxg@mail.gmail.com> <m1jlg0W-0000LDC@stereo.hq.phicoh.net> <CAAcx0vB8WZ+JneWk-TRKVF0PFPoYDZCEYqOCT_sc2W6ZqeeXNw@mail.gmail.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <8890ebb0-3cfc-9040-56e7-f4fa0e211014@gmail.com>
Date: Thu, 18 Jun 2020 16:26:05 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0
MIME-Version: 1.0
In-Reply-To: <CAAcx0vB8WZ+JneWk-TRKVF0PFPoYDZCEYqOCT_sc2W6ZqeeXNw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/XlIRkqVloTfmC91TR82HqV9ycqo>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jun 2020 14:26:09 -0000
Le 18/06/2020 à 08:29, Etienne-Victor Depasquale a écrit : > Philip, > > " I also wonder, a device that cannot afford a couple SHa2 hashes? Then that > device is probably insecure and should not be connect to the internet > anyhow " > > I haven't got any data to make a case.. What I can see is a WSN > scenario, with some features in it, as follows. > > One important operating principle with WSNs is to prolong lifetime. > When a node turns off, its loss may cause network-wide effects, like RPL > DODAG tree re-formation. > > Sensors are output devices, oriented towards their border router for > access to the Internet. > Is it fair to say that they're single-purpose devices, supporting no > (little?) more than a RESTful interface to their data acquisition? > I think so. > > Does it make sense to load sensors with generation of semantically > opaque interface identifiers? > Yes - but only after understanding its impact through a network-scoped > study of WSN lifetime. > > Alternatively: > keep link-layer addresses in IPv6 IIDs, > without allowing unauthorized data collection from the nodes, > by implementing access control to the nodes at the (mains-powered) > border router. The alternative makes sense. Alex > > Etienne > > On Wed, Jun 17, 2020 at 11:54 PM Philip Homburg > <pch-ipv6-ietf-6@u-1.phicoh.com <mailto:pch-ipv6-ietf-6@u-1.phicoh.com>> > wrote: > > > Of course the caveat there with unmanaged network and SOHO and > Mobile > >where manual or DHCPV6 is not possible or viable. > > Why is DHCPv6 not possible? Of course there is the Android problem. > But I doubt that a low power IoT device would share a wifi-link with an > Android device. > > > In those cases SLAAC is preferred, but then we have the crux of > > issue and the decision tree on privacy random IID and its overhead > > if its not necessary versus modified EUI64. > > tree of course the underlying operational impacts of random > > versus stable IID double edged sword operator or individuals > > decision to pick which works best for their use case. In the > > end net-net is what is simplest to deploy and least overhead > > but also meets the desired goal is generally the thought for > > picking the IID generation solution. For that SLAAC wins out in > > that decision for the use case described above. > > A stable, unique pseudo random IID per prefix basically requires one > SHA2-HMAC (or equivalent in SHA3 or other modern hash function) per > prefix. > > I cannot imagine that computing 2 SHA2 hashes has a significant amount > of energy use compared to link attachment and duplicate address > detection. > > This computation is once per prefix, so it becomes an issue if the > devices frequently attaches to new links. In which case tracking > protection > becomes important. > > I also wonder, a device that cannot afford a couple SHa2 hashes? > Then that > device is probably insecure and should not be connect to the internet > anyhow. > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org <mailto:ipv6@ietf.org> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > > > > -- > Ing. Etienne-Victor Depasquale > Assistant Lecturer > Department of Communications & Computer Engineering > Faculty of Information & Communication Technology > University of Malta > Web. https://www.um.edu.mt/profile/etiennedepasquale > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- >
- 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Bob Hinden
- Re: 64bit MAC addresses and SLAAC Behcet Sarikaya
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC otroan
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- RE: 64bit MAC addresses and SLAAC Vasilenko Eduard
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Templin (US), Fred L
- Re: [EXTERNAL] 64bit MAC addresses and SLAAC otroan
- Re: 64bit MAC addresses and SLAAC Bob Hinden
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: 64bit MAC addresses and SLAAC Etienne-Victor Depasquale
- RE: 64bit MAC addresses and SLAAC Templin (US), Fred L
- Re: 64bit MAC addresses and SLAAC Kerry Lynn
- Re: 64bit MAC addresses and SLAAC Bob Hinden
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Gyan Mishra
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: 64bit MAC addresses and SLAAC Gyan Mishra
- Re: 64bit MAC addresses and SLAAC Etienne-Victor Depasquale
- Re: 64bit MAC addresses and SLAAC Ole Troan
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Mark Smith
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Mark Smith
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: [EXTERNAL] 64bit MAC addresses and SLAAC Carsten Bormann
- Re: 64bit MAC addresses and SLAAC Mark Smith
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- RE: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Etienne-Victor Depasquale
- Re: 64bit MAC addresses and SLAAC Mark Smith
- Re: 64bit MAC addresses and SLAAC Etienne-Victor Depasquale
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- RE: 64bit MAC addresses and SLAAC Templin (US), Fred L
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: 64bit MAC addresses and SLAAC otroan
- Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)