draft-gont-6man-managing-privacy-extensions

Fernando Gont <fernando@gont.com.ar> Wed, 30 March 2011 17:13 UTC

Return-Path: <fernando.gont.netbook.win@gmail.com>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ABF593A6BA2 for <ipv6@core3.amsl.com>; Wed, 30 Mar 2011 10:13:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.421
X-Spam-Level:
X-Spam-Status: No, score=-3.421 tagged_above=-999 required=5 tests=[AWL=0.178, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id peC1lbvoIusx for <ipv6@core3.amsl.com>; Wed, 30 Mar 2011 10:13:54 -0700 (PDT)
Received: from mail-bw0-f44.google.com (mail-bw0-f44.google.com [209.85.214.44]) by core3.amsl.com (Postfix) with ESMTP id 6221528C12E for <ipv6@ietf.org>; Wed, 30 Mar 2011 10:13:54 -0700 (PDT)
Received: by bwz13 with SMTP id 13so1224976bwz.31 for <ipv6@ietf.org>; Wed, 30 Mar 2011 10:15:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:message-id:date:from:user-agent :mime-version:to:subject:x-enigmail-version:openpgp:content-type :content-transfer-encoding; bh=/XX+XoJZWDS3gHaImKGPv+Lo8UkqfpCa2sCaZBImuPI=; b=EHYTpYw9E/T92fbqfDOYwowGWVATCPlKMYbgTvmXYdtDPYI3XlAMpwBXhKKcsc+/79 wdANi1fgnufADNtzY3S8UCupfN6ziVXqKjcWZm1QWXoQwgU88iq4IUZt9L1ndu6s5HcS TvIQJgLeQ8VA5frZ7xSJvEkNaIYkhS0z+eZPQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=ePSS33SAQ8K9u2TbIv3JsdDmer9b31pNBT7qqMRcp0Jd+8x/7D7sbyXhdyTOi28Riv KIExPYqgvcxui1vomXpFGqyqgWRzs1iPpn1BerRKQxuVD/E2JsL/EPz6OKL2LrhSHfBZ 0fJwI1HIGcnG4Oyj5ZdL0+N+2ht8w91eYaaGM=
Received: by 10.204.165.193 with SMTP id j1mr1469308bky.11.1301505332840; Wed, 30 Mar 2011 10:15:32 -0700 (PDT)
Received: from [130.129.16.243] (dhcp-10f3.meeting.ietf.org [130.129.16.243]) by mx.google.com with ESMTPS id c11sm213047bkc.14.2011.03.30.10.15.31 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 30 Mar 2011 10:15:31 -0700 (PDT)
Sender: Fernando Gont <fernando.gont.netbook.win@gmail.com>
Message-ID: <4D9361F8.60203@gont.com.ar>
Date: Wed, 30 Mar 2011 14:01:44 -0300
From: Fernando Gont <fernando@gont.com.ar>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: "ipv6@ietf.org" <ipv6@ietf.org>
Subject: draft-gont-6man-managing-privacy-extensions
X-Enigmail-Version: 1.1.1
OpenPGP: id=D076FFF1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Mar 2011 17:13:55 -0000

Folks,

At the 6man wg meeting, the aforementioned I-D was deemed "as a very bad
idea", because of its privacy implications.

My question is: what's the trust model that leads to that conclusion?

I mean, a host doing SLAAC trusts the router about the prefix to be
configured, default route, various network parameters (Hop Count, MTU,
etc.), recursive DNS resolver, etc.

Why do folks consider that for some of this information, the router is
to be trusted, while for other (the SAG bits that our I-D specifies)
shouldn't?

That aside, if a router is deemed as possibly malicious, even without
the SAG bits it could claim that DHCPv6 is needed, and then have the
DHCP server lease an address that embeds the source link-layer address
of the DHCPv6 request...

*And*, as noted in the upcoming version that I had posted, the final
decision on which policy to apply is on de hands of the host (and not
the router).

Thanks,
-- 
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1