Re: Last Call: <draft-ietf-6man-stable-privacy-addresses-06.txt> (A method for Generating Stable Privacy-Enhanced Addresses with IPv6 Stateless Address Autoconfiguration (SLAAC)) to Proposed Standard
Fernando Gont <fgont@si6networks.com> Sat, 27 April 2013 23:34 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D278521F9921 for <ipv6@ietfa.amsl.com>; Sat, 27 Apr 2013 16:34:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.5
X-Spam-Level:
X-Spam-Status: No, score=-2.5 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DaDlDsTtzMto for <ipv6@ietfa.amsl.com>; Sat, 27 Apr 2013 16:34:38 -0700 (PDT)
Received: from web01.jbserver.net (web01.jbserver.net [IPv6:2a00:d10:2000:e::3]) by ietfa.amsl.com (Postfix) with ESMTP id 9B4F921F98DA for <ipv6@ietf.org>; Sat, 27 Apr 2013 16:34:38 -0700 (PDT)
Received: from 26-174-16-190.fibertel.com.ar ([190.16.174.26] helo=[192.168.1.113]) by web01.jbserver.net with esmtpsa (TLSv1:DHE-RSA-CAMELLIA256-SHA:256) (Exim 4.80.1) (envelope-from <fgont@si6networks.com>) id 1UWEd7-0001Hr-Fe; Sun, 28 Apr 2013 01:34:09 +0200
Message-ID: <517C606A.1070204@si6networks.com>
Date: Sat, 27 Apr 2013 20:34:02 -0300
From: Fernando Gont <fgont@si6networks.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5
MIME-Version: 1.0
To: Hosnieh Rafiee <ietf@rozanak.com>
Subject: Re: Last Call: <draft-ietf-6man-stable-privacy-addresses-06.txt> (A method for Generating Stable Privacy-Enhanced Addresses with IPv6 Stateless Address Autoconfiguration (SLAAC)) to Proposed Standard
References: <20130412153453.14361.46272.idtracker@ietfa.amsl.com> <72EABFA7-B3E7-4FEF-BABD-4296243AABDC@cdt.org> <6.2.5.6.2.20130427082657.0b4bbbb0@resistor.net> <000001ce4367$8720f6a0$9562e3e0$@rozanak.com> <6.2.5.6.2.20130427112650.0ccb2e60@resistor.net> <000601ce437c$4e5322c0$eaf96840$@rozanak.com>
In-Reply-To: <000601ce437c$4e5322c0$eaf96840$@rozanak.com>
X-Enigmail-Version: 1.4.6
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
Cc: 'Alissa Cooper' <acooper@cdt.org>, ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Apr 2013 23:34:44 -0000
Hosnieh, On 04/27/2013 04:20 PM, Hosnieh Rafiee wrote: > I do not think repeating what I explained before will be of much help. I > never received any responses from my last discussions with Fernando so I am > not going to continue that discourse. FWIW, I responded to your messages. However, most of them did not really have to do with this document. > I agree with the part where he focuses on an algorithm for IID generation, > but this will have no effect on privacy so claiming to solve the privacy > problem by keeping the same IID for a node in a same network is not true. Please read: Dupont, F., Savola, P. 2004. RFC 3041 Considered Harmful. IETF Internet-Draft (draft-dupont-ipv6-rfc3041harmful-05.txt), work in progress. Escudero, A. 2002. PRIVACY EXTENSIONS FOR STATELESS ADDRESS AUTOCONFIGURATION IN IPV6 - ‘REQUIREMENTS FOR UNOBSERVABILITY. RVK02, Stockholm. Available at: http://web.it.kth.se/~aep/PhD/docs/paper3-rvk2002.pdf > This means that if I do not use a mobile node, I will generate the same IP > address until I receive another prefix from the router. If you are a single node on a givn network, changing your address doesn't help much. > He claims this is > good for printers or nodes that need a fixed IP address. I never claimed this. And discussion gets a little bit weird when you argue that people claimed things they didn't. > He believes that > having a different IID from the same router prefix does not help with the > privacy. If you read draft-ietf-6man-stable-privacy-addresses, you'll realize that this method is not meant to be a substitution of RFC4941. We just note that, in some scenarios, it might be good enough. > But I strongly disagree with this. During the time that the node > has the same IID, I as an attacker can easily track this node and, gain > enough information about this node, for later when the node comes with a > different router prefix, I have more chance to correlate this node with the > previous data I obtained from it while it had the IID with previous router > prefix. Not sure what you mean. Please elaborate. > About having the same IID for some nodes, I think that this is really > related to the network policy and has nothing to do to with standards but Is > more a deployment issue. We do care about deployment, don't we? > Currently some network administrators themselves > consider this issue so there is no need to tell them how to do this. huh? Thanks, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- Last Call: <draft-ietf-6man-stable-privacy-addres… The IESG
- Last Call: <draft-ietf-6man-stable-privacy-addres… The IESG
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… SM
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… SM
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… SM
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Fernando Gont
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Fernando Gont
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… SM
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Christian Huitema
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Fernando Gont
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Brian E Carpenter
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Mark Smith
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Fernando Gont
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Fernando Gont
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Philipp Kern
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Fernando Gont
- Re: Re: Last Call: <draft-ietf-6man-stable-privac… Sujing Zhou
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Sujing Zhou
- Re: Last Call: <draft-ietf-6man-stable-privacy-ad… Fernando Gont
- RE: Last Call: <draft-ietf-6man-stable-privacy-ad… Hosnieh Rafiee
- Re: Re: Last Call: <draft-ietf-6man-stable-privac… Sujing Zhou