IETF Logo Mail Archive

Re: Disabling temporary addresses by default?

Gyan Mishra <hayabusagsm@gmail.com> Thu, 30 January 2020 16:52 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4322212016E for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 08:52:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aYejxlam3uiP for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 08:52:45 -0800 (PST)
Received: from mail-il1-x12a.google.com (mail-il1-x12a.google.com [IPv6:2607:f8b0:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9C3512018D for <ipv6@ietf.org>; Thu, 30 Jan 2020 08:52:44 -0800 (PST)
Received: by mail-il1-x12a.google.com with SMTP id f70so3636407ill.6 for <ipv6@ietf.org>; Thu, 30 Jan 2020 08:52:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=z98/H/rYIFVhV6KL48na3PFLi7sMsVUfniBYjs21T9U=; b=u3MMi+2x4iX7xL6iyQv9JG7EZqF7ThzpAq4eatQW42GpeS51yZ6dfFAJ4Q4ZgrqNFd 01Msslt0cdi9V7iegVhb7DsykAJddssAlVLg3wp+oPwdovY5qJsaXA8FNhO7xnVsJvPc wnZBzqrEXebpresfIMQma5tzGA1pzulPSZv8NPCWuK7Pt5BVUOhKVQY/hRiybtOFiZIu xxKYb3NK+X6Jrj3udNjS4F+WMcvHkhneiEGgVNosIqCuEFZq6/OnHpTxEllDtoUIeRht ru1M5TVfDBxGS59QlCBzGj02feCDSSubeCWs1j/mllXTnHHBPkzdFl2F8OM+IDEMCczv OxAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=z98/H/rYIFVhV6KL48na3PFLi7sMsVUfniBYjs21T9U=; b=mAMe8Bot6vmSHnmG4Obbm+t5VKi3hA7Q3Hc5D0Ldv66yJqL7zYWve19YsvWKfo9wY0 J0R8l8lYh4jtRQW6mVIz79wjxHBYWbmRGUIce0HMb8dGtWtJr0hTqtKedvmyqKED84g9 fI6KbBOACe3emOlz8TWDy5OpXXirToz4cNHbAifwM08N+RtyoyojHZBjH0TWfLuD+8lq MAT/895CtJ5Pk0ImJWmTWvWKxB9h0Oc57K+sisU8ZTVVcH+KDcTJY10jh1NxcqWyexL1 D+zyrn+k2QQQThV6e+meCZ9iuyIq5Vh4k+XQKsX0MbUjZ7LcS5qSsmez0VKFdgkplWnl 7R3g==
X-Gm-Message-State: APjAAAXpY3Uq0yHOb07H0DNY3mG2s3z01HTWChexEqv45/Nij/9z2IWJ BcUq6nA//CBhHeZ2HSn+hbpIEaW3hXIBvCUiKk4Lps0T
X-Google-Smtp-Source: APXvYqzJKvCHsFkBgd6GCrYM03gHgvGdoI61lN8j0G8oqYoyg4Sv2D22mgHhWjyYUTWL2HmuS0i+st/2eNmlGoPAdFc=
X-Received: by 2002:a92:4e:: with SMTP id 75mr5179984ila.276.1580403163868; Thu, 30 Jan 2020 08:52:43 -0800 (PST)
MIME-Version: 1.0
References: <CAKD1Yr11_SSUkCBuQ3-h+eRg0LPZQdhe+h7f0YZy9TiyRWj6mw@mail.gmail.com> <751D59E0-F60B-4FE1-840F-3FEAB82F618F@huitema.net> <c058863d-9e29-3ddb-a020-0ebadef26ad4@si6networks.com> <CABNhwV0KsKN7LQY2D-BJkCtvB40oZCT65EmOCr0oE56c9g7-aQ@mail.gmail.com> <CAKD1Yr05GqFr1r018qHZev8SB6Gd=zm_45TtuShQH_5PVkXpKw@mail.gmail.com> <90119933-89cf-dbc3-2e7e-434229f38840@foobar.org>
In-Reply-To: <90119933-89cf-dbc3-2e7e-434229f38840@foobar.org>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Thu, 30 Jan 2020 11:52:15 -0500
Message-ID: <CABNhwV09uiOMG7M5rtktW4S5FeF5DGdDHaaiUD_FES=bHErxMg@mail.gmail.com>
Subject: Re: Disabling temporary addresses by default?
To: Nick Hilliard <nick@foobar.org>
Cc: 6man WG <ipv6@ietf.org>, Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002f319e059d5e49c3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/afj3m7wxGgkBL4jisbPbb4Gh6W8>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jan 2020 16:52:47 -0000

On Wed, Jan 29, 2020 at 6:26 AM Nick Hilliard <nick@foobar.org> wrote:

> Lorenzo Colitti wrote on 29/01/2020 11:13:
> > But don't enterprises care about not leaking the habits of their
> employees?
>
> This is only a problem in SLAAC environments where privacy addresses are
> turned off.  In DHCP environments, the network operator can change
> endpoint addresses by policy if this is what they want to do.
>

   Gyan> Enterprises fall into a totally different camp altogether as far
as “employee” privacy as that is non existent as all traffic is monitored
to be business related traffic to the extent of web content blocking which
most all companies implement.   The use of temporary addresses does not
make sense for enterprises to employ as operations stability and 99.99999%
available and MTTR( mean time to recovery) is of utmost importance.  By
disabling the temporary address - simplified the enterprise network
troubleshooting tremendously as only a single “stable” random address
exists at all times.  As far as temporary address and “long lived”
connections for enterprise business critical applications that can all be
solved by disabling the temporary address.

RFC 4941bis should have verbiage to that extent something like this below:

Enterprise networks have different requirements for privacy as far as cross
site address tracking correlation, or IID leaking concerns that exist when
connected to the internet.  For enterprises availability and operational
stability and MTTR(mean time to recovery) is of utmost importance.  The
temporary address due to the complexity added with the N= Preferred / Valid
addresses that get generated complicates operations ability to resolve
network issue with the number of active addresses.  It is recommended that
enterprises disable the temporary address as privacy from and end user
privacy standpoint, address correlation is a requirement for IT security.

By adding this text we can exclude “enterprise” from the equation ; thus
the finalized options N=Preferred/ Valid option that Fernando put together
need only address end user privacy when connected directly to the
internet.  Since end user at home broadband or connected to the internet at
a hotspot don’t have to worry as much about business critical applications
that are revenue generating and millions of $$ lost as a result of an
outage.  So the “long lived” connections discussion although it can exist
in a home network, the impact is not the same as with an enterprise.   So
from my standpoint, VPN, ssh or your TV STB disconnecting with “long lived”
connections is not as big a deal as “ip address identity theft”.

I will reply to Fernando’s options separately as if everyone agrees  that
enterprise can be pulled out of the equation it does make it easier to come
up a solution that is truly geared towards “end user” privacy and address
correlation and “ip address identity theft” to commit crimes by address
spoofing your public IP.  This does allow us to play more with the N=
numbers and maybe tweak the default to maximum for end user privacy.

>
> Nick
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
-- 

Gyan  Mishra

Network Engineering & Technology

Verizon

Silver Spring, MD 20904

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

v2.23.0 | Report a Bug | By Email