IETF Logo Mail Archive

Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>

Fernando Gont <fgont@si6networks.com> Fri, 20 May 2016 22:43 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F7EC12D65F for <ipv6@ietfa.amsl.com>; Fri, 20 May 2016 15:43:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.309
X-Spam-Level:
X-Spam-Status: No, score=-0.309 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_03_06=1.592, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E5Bu1Lbw_kJJ for <ipv6@ietfa.amsl.com>; Fri, 20 May 2016 15:43:04 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4275412D140 for <ipv6@ietf.org>; Fri, 20 May 2016 15:43:04 -0700 (PDT)
Received: from [100.92.233.6] (unknown [152.206.74.203]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 66D748011B; Sat, 21 May 2016 00:42:44 +0200 (CEST)
Subject: Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>
To: Lorenzo Colitti <lorenzo@google.com>
References: <20160428004904.25189.43047.idtracker@ietfa.amsl.com> <89CA2C18-AE61-4D40-8997-221201835944@gmail.com> <CAJE_bqdZ_D7jsDdWQ2FJpLH9cXveYfcye0W2J_mSi-7bYBrOKA@mail.gmail.com> <B849F263-9F99-48E8-B903-8FE7D2CDF277@cooperw.in> <CAJE_bqd1AWOuwvQcGzHg+dAWoump29g14HEA1BoVErXDXSMxaw@mail.gmail.com> <573BCFD0.8090801@si6networks.com> <CAKD1Yr3heGg1GjhU1VghMHfg08q6RuK6Ls4M==ppgg6Eg1G_Wg@mail.gmail.com>
From: Fernando Gont <fgont@si6networks.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <573F419F.8080602@si6networks.com>
Date: Fri, 20 May 2016 12:55:59 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <CAKD1Yr3heGg1GjhU1VghMHfg08q6RuK6Ls4M==ppgg6Eg1G_Wg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/pDNHY9zaUdmRx7igf1FLLDHcQ3Q>
Cc: IPv6 List <ipv6@ietf.org>, "privsec-program@iab.org" <privsec-program@iab.org>, 神明達哉 <jinmei@wide.ad.jp>, Bob Hinden <bob.hinden@gmail.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 May 2016 22:43:05 -0000

On 05/18/2016 09:00 PM, Lorenzo Colitti wrote:
> On Wed, May 18, 2016 at 11:13 AM, Fernando Gont <fgont@si6networks.com
> <mailto:fgont@si6networks.com>> wrote:
> 
>     No. My take is that the concern is flawed. Please read
>     draft-gont-predictable-protocol-ids, and even RFC4941, which talks at
>     length about security and privacy issues regarding reusing identifiers
>     in different context, for different scopes, etc.
> 
> 
> Fernando, please stop arguing that a random MAC address is a
> "predictable ID". That statement is false and continuing to argue for it
> is not helping this document advance.

I simply referenced a draft. When I referred to embedding MAC addresses
in IPv6 IIDs, I said "improper" IDs, rather than "predictable".

Reusing IDs in different layers for different scopes, etc., is a bad
thing. It just takes some else making the same bad decision, an now an
attacker can correlate traffic because you and other guy thought that
embedding an identifier from a lower layer in your own protocol, in a
different context, with a different scope, for a different purpose.

Brian noted, just as an example, the ability to correlate IPv6 and IPX
traffic. But this is obviously just an example that shows why something
that might seem benign in some environment may show up as being a real
bad idea.

The fact that you'd be wasting 18 bits of entropy in your IIDs (if you
generate them by embedding a MAC address -- even if randomized) is yet
another datapoint that you're doing the wrong thing: an indication that
you're trying to combat the symptom, rather than the disease.

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email