IETF Logo Mail Archive

Re: Running code - IPv6 mDNS MacBook Pro privacy (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)

Alexandre Petrescu <alexandre.petrescu@gmail.com> Wed, 31 October 2018 14:41 UTC

Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52ECB130E27 for <ipv6@ietfa.amsl.com>; Wed, 31 Oct 2018 07:41:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.631
X-Spam-Level:
X-Spam-Status: No, score=-2.631 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FOMtbysVmmqa for <ipv6@ietfa.amsl.com>; Wed, 31 Oct 2018 07:41:36 -0700 (PDT)
Received: from sainfoin-smtp-out.extra.cea.fr (sainfoin-smtp-out.extra.cea.fr [132.167.192.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2283A128D68 for <ipv6@ietf.org>; Wed, 31 Oct 2018 07:41:35 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by sainfoin-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id w9VEfU1f016634; Wed, 31 Oct 2018 15:41:30 +0100
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id D00A7201A73; Wed, 31 Oct 2018 15:41:30 +0100 (CET)
Received: from muguet1-smtp-out.intra.cea.fr (muguet1-smtp-out.intra.cea.fr [132.166.192.12]) by pisaure.intra.cea.fr (Postfix) with ESMTP id BC1BC2019CD; Wed, 31 Oct 2018 15:41:30 +0100 (CET)
Received: from [10.8.34.184] (is227335.intra.cea.fr [10.8.34.184]) by muguet1-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id w9VEfU9Z006754; Wed, 31 Oct 2018 15:41:30 +0100
Subject: Re: Running code - IPv6 mDNS MacBook Pro privacy (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)
To: David Schinazi <dschinazi.ietf@gmail.com>
Cc: tte@cs.fau.de, pch-ipv6-ietf-6@u-1.phicoh.com, ipv6@ietf.org
References: <37ba23b3-df19-9c2a-bdbe-ba7a99d72d05@si6networks.com> <0d6008a4-337b-2ccb-2d9f-837f786eca65@gmail.com> <bfa4397a-aa7a-1184-4147-4cbfbfd13603@si6networks.com> <8C587906-F0EE-4A61-9046-2BFAC52588C0@isc.org> <E8DE18B5-94FC-411C-A310-E49A382E0079@thehobsons.co.uk> <e0fa8fad1b4249c9af79788323b0a922@boeing.com> <3A03A073-72E2-43A8-90A4-5C29DF445361@thehobsons.co.uk> <27fdbd71125842d888c5136684bf6e7b@boeing.com> <9A4368D6-E4B1-474C-9838-B584AF6D70C8@thehobsons.co.uk> <m1gHUMI-0000I6C@stereo.hq.phicoh.net> <20181030151848.3kme3w2ml5p35bxc@faui48f.informatik.uni-erlangen.de> <f7aa95ee-053e-fe20-4c3e-3028f4c69701@gmail.com> <CAPDSy+70ZVAe4t+nuMRTJTkWdh1kJ7ESFeN4jrGGrsLtm_-osw@mail.gmail.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <e4cab4ba-0d41-6b2c-671b-346f0db08e17@gmail.com>
Date: Wed, 31 Oct 2018 15:41:30 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <CAPDSy+70ZVAe4t+nuMRTJTkWdh1kJ7ESFeN4jrGGrsLtm_-osw@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------6045CDB1BE03CFF6B8526143"
Content-Language: fr
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/iiU_G0aMa-4sjNEZzlhHwlOKb88>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2018 14:41:39 -0000

In IPv4 that person's name is not a problem (the IP address is behind NAT).

Alex


Le 31/10/2018 à 15:37, David Schinazi a écrit :
> Hello Alexandre,
>
> The DNSSD working group is working on privacy-preserving service 
> discovery, to avoid your device name and service list being disclosed 
> to everyone on link. If this is of interest, please join us Thursday 
> afternoon session 1:
> https://datatracker.ietf.org/meeting/103/materials/agenda-103-dnssd-01
>
> That said, this is independent of IPv4/IPv6/IPv6-only-bit. The problem 
> will be solved at the DNSSD layer, not inside IPv4 or IPv6.
>
> David
>
> On Wed, Oct 31, 2018 at 5:50 AM Alexandre Petrescu 
> <alexandre.petrescu@gmail.com <mailto:alexandre.petrescu@gmail.com>> 
> wrote:
>
>
>
>     Le 30/10/2018 à 16:18, Toerless Eckert a écrit :
>>     [...]
>>     I am not aware of any IP protocol version specific optimization options
>>     for mDNS. If there are common ways to make mDNS less chatty without
>>     slowing down discovery, they should be defined independently of the
>>     v6only flag discussion.
>
>     True.  I think the IPv6 version of mDNS is probable more chatty
>     than the IPv4 version, in some cases.  But even then, removing the
>     IPv4 mDNS could only save battery, compared to IPv4+IPv6 versions
>     of mDNS.
>
>     As a side note, it is possible to improve other aspects of the
>     IPv6 version of mDNS only and not care about the IPv4 version. 
>     One could ask Apple to make an improvement for the IPv6 version of
>     mDNS with respect to privacy: stop putting the MacBook Pro owner's
>     name in the mDNS request, because anybody on the link can see it
>     and attach it to the global address.
>
>     One would not ask Apple to do that for IPv4, because IPv4 is not
>     worth the effort, and because there is no privacy risk there (the
>     IP address is behind NAT).
>
>
>
>     Alex
>
>>     Confounding the situation like you propoose is like "make ipv4 service
>>     discovery less chatty to a point that it may break because it doesn't
>>     matter if ipv6 is running" - and thats not a correct approach given how
>>     the service in question may be ipv4 only.
>>
>>     There may be optimization options to prefer IPv6 over IPv4 discovery
>>     for dual-stack cases, maybe there is something already defined, but
>>     that could only be IMHO through timing - e.g.: look for service
>>     first via IPv6 and only try IPv4 adfter some short timeout. But that
>>     too would better be defined independently of the ipv6only flag
>>     discussion because its IMHO useful independent of the flag.
>>
>>     Cheers
>>          Toerless
>>
>>>     --------------------------------------------------------------------
>>>     IETF IPv6 working group mailing list
>>>     ipv6@ietf.org <mailto:ipv6@ietf.org>
>>>     Administrative Requests:https://www.ietf.org/mailman/listinfo/ipv6
>>>     --------------------------------------------------------------------
>>     --------------------------------------------------------------------
>>     IETF IPv6 working group mailing list
>>     ipv6@ietf.org <mailto:ipv6@ietf.org>
>>     Administrative Requests:https://www.ietf.org/mailman/listinfo/ipv6
>>     --------------------------------------------------------------------
>>
>
>     --------------------------------------------------------------------
>     IETF IPv6 working group mailing list
>     ipv6@ietf.org <mailto:ipv6@ietf.org>
>     Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>     --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email