Re: RFC4941, temp-addr only, etc. (Fwd: New Version Notification for draft-gont-6man-non-stable-iids-00.txt)
Mark Smith <markzzzsmith@gmail.com> Sun, 29 May 2016 02:30 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6741D12D17C for <ipv6@ietfa.amsl.com>; Sat, 28 May 2016 19:30:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.197
X-Spam-Level:
X-Spam-Status: No, score=-2.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hUOCAWY_xBIq for <ipv6@ietfa.amsl.com>; Sat, 28 May 2016 19:30:48 -0700 (PDT)
Received: from mail-vk0-x22c.google.com (mail-vk0-x22c.google.com [IPv6:2607:f8b0:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EEA912B062 for <6man@ietf.org>; Sat, 28 May 2016 19:30:48 -0700 (PDT)
Received: by mail-vk0-x22c.google.com with SMTP id d127so26792086vkh.2 for <6man@ietf.org>; Sat, 28 May 2016 19:30:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=3OwlFZH7fu6oLL489tahe7jX6CjroJ5wV7GEnXLOW5Y=; b=rYkzk6EL5rdVAXJagSCU+H3Fe8F1iyQzEMvl73YPd5sjC+OjBXu+X0ErlXriwTtgzV ytQdDaCTSNgGzzdVRATFI+HNCUaP4WbCjm5pmtEp5PYBO8M2BiobyvFQqOGLiJH8OTS3 kvrv7wBkRVJPRBYt7ieUnDduigCUFAIBdbrDKTXJIhLzmr0yuulfLI6nIRSrnJhaHIf8 vaXwVni1w0mozv9k5oqYc05R9HFxIzZsswA0STb8QI3nUgR4I7ohg25SFurTykkTLwuW OeZtsqpcXRjRgvJLYX82uYlvIxoBfvK/iw4X49FgkSZTINFaVeHo9KQYTcYcwXxydlYC TkzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=3OwlFZH7fu6oLL489tahe7jX6CjroJ5wV7GEnXLOW5Y=; b=aEKs6/1+sbd6Ie5SVJKCy97+rF0PSrj3bZD+Ju/CjehaxtnVC7HqercC26eYy5vhER 4QNiZTJohonsH2GMEFWGgqoGHXxoPNZmtC87sOSg+oOkYTfKvsy+gy1Nb/RMzVQbP6Pa WfDbbrnUwBRxUBI+5Lrs//XnC2n/dbC5qacUJi/0ozfHfnKq8vq6v7O/qDRhaFg+myqd umF5IymOIYNVYPyUZzJrK8gFr5BF84Nwq3PGarYKn5DVDHQf+cP/dt31bJ8nayIsIqqy Zhclmk5aDR5GMBVyuMu917Gg0i+JCwwe+lQBLqHUVPU9IWNKVmNAH8RMBCITfFNiDbxH BRYw==
X-Gm-Message-State: ALyK8tJqbFVz45mOdJks/BJc0BDhlRGDgueof8T0R7bXmqWot9ibEXkFuigBzgCBb5tv5Hc8KxC4HAQjvmbryQ==
MIME-Version: 1.0
X-Received: by 10.31.72.66 with SMTP id v63mr7469256vka.29.1464489047366; Sat, 28 May 2016 19:30:47 -0700 (PDT)
Received: by 10.176.3.168 with HTTP; Sat, 28 May 2016 19:30:47 -0700 (PDT)
Received: by 10.176.3.168 with HTTP; Sat, 28 May 2016 19:30:47 -0700 (PDT)
In-Reply-To: <CAKD1Yr3gR6rdV=d7NpqzF-K+f=DCOTU0RccJPiMZoLh80yOt-w@mail.gmail.com>
References: <20160523150736.10739.56619.idtracker@ietfa.amsl.com> <57431E27.8090209@si6networks.com> <CAKD1Yr37A61zBeqQ4TDbHTwyVbnm35OC4ez-LGC7zvOuHt9iVg@mail.gmail.com> <CAO42Z2xFRN9khnvhP7Rd=rrrPexF=t841J8HbzRkYn1XqbfewQ@mail.gmail.com> <CAKD1Yr1AiQVdEt4V=stCfWO2Ayn+q2ztZwOp5s3YDpPpUQU7xA@mail.gmail.com> <CAO42Z2xVx66ayPmKTQ=guYjAcudkfCnSOm5p4XQh_dYoBRCHdg@mail.gmail.com> <CAKD1Yr1qpQXMS=Ep2RK_Aj+RuNB8OxxMxSepu7TZ+Boqvh4w=g@mail.gmail.com> <CAO42Z2z1L4+HiSAw8eoL9pS2bY5DJDLA7YvkhSxm9GRYpVBbFw@mail.gmail.com> <CAKD1Yr3gR6rdV=d7NpqzF-K+f=DCOTU0RccJPiMZoLh80yOt-w@mail.gmail.com>
Date: Sun, 29 May 2016 12:30:47 +1000
Message-ID: <CAO42Z2zEX1vRLeM5HknL3bjW4svvAeiSRWqWumO_zg6xDXmb=A@mail.gmail.com>
Subject: Re: RFC4941, temp-addr only, etc. (Fwd: New Version Notification for draft-gont-6man-non-stable-iids-00.txt)
From: Mark Smith <markzzzsmith@gmail.com>
To: Lorenzo Colitti <lorenzo@google.com>
Content-Type: multipart/alternative; boundary="001a114e005472381d0533f1ed77"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/pWCOW9FprQjp4fLe25qJuk0B4ME>
Cc: Fernando Gont <fgont@si6networks.com>, 6man@ietf.org, 神明達哉 <jinmei@wide.ad.jp>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 May 2016 02:30:50 -0000
On 27 May 2016 12:51 PM, "Lorenzo Colitti" <lorenzo@google.com> wrote: > > On Fri, May 27, 2016 at 12:00 PM, Mark Smith <markzzzsmith@gmail.com> wrote: >>> >>> A simple algorithm would seem to be: >>> If you don't support, or don't want to use, DNA, then every link is a new link and you start off with no IP addresses. So you form a link-local address, send an RS, etc. etc. starting from scratch. >> >> >> That is significantly reducing the robustness of e.g. TCP connections, as they won't survive that event because their address will change. > > > Most mobile devices close all TCP connections every time a network disconnects, anyway. My laptop running general purpose Linux doesn't. Servers don't. I think that is the insight. I don't think you're considering any other types of device in this discussion, meaning you won't be seeing where stable addresses that have increased privacy properties (compared to EUI-64s, but not in comparison with RFC4941s - which don't meet the stability requirement) are beneficial. >The reason for this is that if the device switches to a different network, the TCP connections are dead anyway (because the IP address changes) and apps just get stuck. Keeping the connection alive is only useful if you think that there's a very high chance of reconnecting to the same network soon, and you either have no other network in the meantime, or you think you're going to reconnect so soon that it doesn't make sense to re-establish a connection on another network. > >>> >>> If you support and want to use DNA, then you use DNA with the same MAC address as you had before. >> >> >> The issue with DNA is that it seems to be relying on the MAC address and therefore the Link-Local address of the on-link routers being stable for as the link remains operating. If routers were changing their MAC addresses periodically too, then DNA will fail. It seems you've been arguing for no stable L2 and/or L3 addresses on any device, so that would have to mean that routers don't have them either. > > > Actually, I don't expect that routers will need random MAC addresses. I think it depends on the type of router. Service provider or corporate/enterprise router I'd agree. Residential router, I'd disagree, unless there are any significant drawbacks. First thought is new random MACs on boot. The privacy enhancement would be both periodically changing MAC addresses in WiFi SSID announcements, and no disclosure of the router NIC manufacturer. I'll look to find time to do this on my residential router in the next few weeks. Regards, Mark.
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Fernando Gont
- RFC4941, temp-addr only, etc. (Fwd: New Version N… Fernando Gont
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Fernando Gont
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Dale W. Carder
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… joel jaeggli
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Dale W. Carder
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Brian E Carpenter
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Lorenzo Colitti
- Re: RFC4941, temp-addr only, etc. (Fwd: New Versi… Mark Smith