Re: draft-gont-6man-managing-privacy-extensions-00.txt
Doug Barton <dougb@dougbarton.us> Sun, 13 March 2011 00:49 UTC
Return-Path: <dougb@dougbarton.us>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 938183A6A9D for <ipv6@core3.amsl.com>; Sat, 12 Mar 2011 16:49:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.581
X-Spam-Level:
X-Spam-Status: No, score=-2.581 tagged_above=-999 required=5 tests=[AWL=0.018, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QbMQO2U2bmv1 for <ipv6@core3.amsl.com>; Sat, 12 Mar 2011 16:49:02 -0800 (PST)
Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by core3.amsl.com (Postfix) with ESMTP id B3B8C3A6A84 for <ipv6@ietf.org>; Sat, 12 Mar 2011 16:49:01 -0800 (PST)
Received: (qmail 24320 invoked by uid 399); 13 Mar 2011 00:50:17 -0000
Received: from router.ka9q.net (HELO doug-optiplex.ka9q.net) (dougb@dougbarton.us@75.60.237.91) by mail2.fluidhosting.com with ESMTPAM; 13 Mar 2011 00:50:17 -0000
X-Originating-IP: 75.60.237.91
X-Sender: dougb@dougbarton.us
Message-ID: <4D7C14C7.4020508@dougbarton.us>
Date: Sat, 12 Mar 2011 16:50:15 -0800
From: Doug Barton <dougb@dougbarton.us>
Organization: http://SupersetSolutions.com/
User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.15) Gecko/20110304 Thunderbird/3.1.9
MIME-Version: 1.0
To: Christian Huitema <huitema@microsoft.com>
Subject: Re: draft-gont-6man-managing-privacy-extensions-00.txt
References: <7111FC5F-BC3F-4242-9C3F-037E79894749@gmail.com> <alpine.DEB.1.10.1103091212570.7942@uplift.swm.pp.se> <4D77CBB9.1080702@gmail.com> <233b01cbdef5$8e214550$aa63cff0$@com> <25B3D469-F3DA-4A1D-A462-FEB71FA69485@gmail.com> <091D1284-99E4-450E-8AFF-7D4C6310D760@apple.com> <78B923726E7D59429936580CF127E943A13E758C27@eu1rdcrdc1wx032.exi.nxp.com> <262f01cbdf5d$607c69f0$21753dd0$@com> <4D7C0EE5.2080405@gont.com.ar> <22F6318E46E26B498ABC828879B08D4F0C2420@TK5EX14MBXW653.wingroup.windeploy.ntdev.microsoft.com>
In-Reply-To: <22F6318E46E26B498ABC828879B08D4F0C2420@TK5EX14MBXW653.wingroup.windeploy.ntdev.microsoft.com>
X-Enigmail-Version: 1.1.2
OpenPGP: id=1A1ABC84
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "ipv6@ietf.org" <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Mar 2011 00:49:03 -0000
On 03/12/2011 16:44, Christian Huitema wrote: >> It doesn't. The I-D aims at allowing routers specify which policy they want hosts to employ when generating their IPv6 addresses. > > Uh? I definitely don't want to give the router at Starbucks the means to specify the privacy configuration of my laptop. > > I understand that corporation want to enforce policies so PC and routers are easier to manage, but we have to be careful. If we define that policy as part of the address configuration standard, then it will apply everywhere, not just in the corporate network where the laptop is managed. That seems a terrible idea. > > If we want policy options to be applied safely, they have to be propagated by trusted mechanism, where the host can verify the authority of the policy source. Anything else is abuse waiting to happen. Please consider this my periodic repetition of support for what Christian is saying here, along with my periodic repetition of opposition to (further) modifying RA/SLAAC to do things that DHCP can/does do, or should be doing. And to state publicly something that I discussed in private, I'm completely unsympathetic to the viewpoint that "we need to show to the auditors that we tried to prevent hosts from doing bad things" in the absence of rigorous security steps to _actually_ prevent them. Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/
- draft-gont-6man-managing-privacy-extensions-00.txt Ran Atkinson
- Re: draft-gont-6man-managing-privacy-extensions-0… Mikael Abrahamsson
- Re: draft-gont-6man-managing-privacy-extensions-0… huabing yu
- Re: draft-gont-6man-managing-privacy-extensions-0… Mikael Abrahamsson
- Re: draft-gont-6man-managing-privacy-extensions-0… RJ Atkinson
- Re: draft-gont-6man-managing-privacy-extensions-0… Brian E Carpenter
- Re: draft-gont-6man-managing-privacy-extensions-0… james woodyatt
- Re: draft-gont-6man-managing-privacy-extensions-0… RJ Atkinson
- Re: draft-gont-6man-managing-privacy-extensions-0… Joel M. Halpern
- Re: draft-gont-6man-managing-privacy-extensions-0… Mark Smith
- Re: draft-gont-6man-managing-privacy-extensions-0… Mark Smith
- Re: draft-gont-6man-managing-privacy-extensions-0… Mark Smith
- Re: draft-gont-6man-managing-privacy-extensions-0… Brian E Carpenter
- RE: draft-gont-6man-managing-privacy-extensions-0… Dan Wing
- Re: draft-gont-6man-managing-privacy-extensions-0… Ran Atkinson
- Re: RE: draft-gont-6man-managing-privacy-extensio… Cameron Byrne
- Re: draft-gont-6man-managing-privacy-extensions-0… james woodyatt
- RE: draft-gont-6man-managing-privacy-extensions-0… Paul Chilton
- RE: draft-gont-6man-managing-privacy-extensions-0… Dan Wing
- RE: draft-gont-6man-managing-privacy-extensions-0… Dan Wing
- RE: draft-gont-6man-managing-privacy-extensions-0… Christian Huitema
- Re: draft-gont-6man-managing-privacy-extensions-0… Doug Barton
- Re: draft-gont-6man-managing-privacy-extensions-0… Thomas Narten
- Re: draft-gont-6man-managing-privacy-extensions-0… Mark Townsley
- Re: draft-gont-6man-managing-privacy-extensions-0… Mark Townsley
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Scott W Brim
- Re: draft-gont-6man-managing-privacy-extensions-0… sthaug
- RE: draft-gont-6man-managing-privacy-extensions-0… Christian Huitema
- Re: draft-gont-6man-managing-privacy-extensions-0… Brian E Carpenter
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- RE: draft-gont-6man-managing-privacy-extensions-0… Christian Huitema
- Re: draft-gont-6man-managing-privacy-extensions-0… Doug Barton
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Mark Smith
- Re: draft-gont-6man-managing-privacy-extensions-0… Ole Troan
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Brian E Carpenter
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- RE: draft-gont-6man-managing-privacy-extensions-0… Christian Huitema
- Re: draft-gont-6man-managing-privacy-extensions-0… sthaug
- Re: draft-gont-6man-managing-privacy-extensions-0… Brian Haley
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Mohacsi Janos
- Re: draft-gont-6man-managing-privacy-extensions-0… Yu Hua bing
- Re: draft-gont-6man-managing-privacy-extensions-0… Rémi Després
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Fernando Gont
- Re: draft-gont-6man-managing-privacy-extensions-0… Mark Smith