IETF Logo Mail Archive

Re: Is addressing privacy via NAT really achieving much compared to a privacy goal of anonymity? (Re: [v6ops] A common problem with SLAAC in "renumbering" scenarios)

Ca By <cb.list6@gmail.com> Fri, 22 February 2019 18:06 UTC

Return-Path: <cb.list6@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B285812426A; Fri, 22 Feb 2019 10:06:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id po18h07bDhx9; Fri, 22 Feb 2019 10:06:33 -0800 (PST)
Received: from mail-yw1-xc44.google.com (mail-yw1-xc44.google.com [IPv6:2607:f8b0:4864:20::c44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CFDE1228B7; Fri, 22 Feb 2019 10:06:33 -0800 (PST)
Received: by mail-yw1-xc44.google.com with SMTP id c67so1158277ywa.7; Fri, 22 Feb 2019 10:06:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=aNDeqzhCOxFGcWsyrPaCcfCXIwIHTJNeg2ZWyLqQLsM=; b=SEtrzFKlCTa7fOCgT5GCISWG7uuFAovFxJQYpgDa9wk5T8cnCa2O1+ksA58DoropXR ZPUUnN2fPyXrgcafw+vjKxS7Pp+M5FgRfoLqXjErDwfrnm2v5PS83ZPVNW403G7UWQ8y IHnV63tgcL/7aYxNYe2KMldJaO+HhPtumQEed7nO9lVbePwqxQBp8qpxA1efPRJ1qKDm Lcs1XrXwCckbIEDSSZB2H0obzjJcl8lU6qsB255ivx1eJZbD2iNMx3HW0O0UnlLGDhL6 vknWQ66easYh596eYwJdINgvgLlicbftxW8gdGhnBFphS6hoj/Oo85PTTo8MauLSGeLs V7hw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=aNDeqzhCOxFGcWsyrPaCcfCXIwIHTJNeg2ZWyLqQLsM=; b=SjIniQoIlkbiQJmJS0OYw8kjf+kwXMpRYsGrLqcvwSfoMe4CPK5eW0sTTQ4Sndlzof rnxMl//X0zoBKonPNzVwLQhT2NmBgUQ3kDkp8BYsawxspbI4hjtf8w+jnrgEI+3Za+K8 FIcACPF0J2Ws7GS4w3p2mPc91rjF7PJfOgJbJnjXzk2YBOPKYHx+L6/iAwp87DVE/t6P ZR5vtU0hHB4EoKzOYCL81PUjMoNaIXIJ2Xi0w2vZmHfL08g1NcdYeJZwFa4qDZ10jmqL 6nWJCy9nI7b/pw/J6XzEYHSUnPJ1llvyJO8q/fjivt/0+KtVhGq7Ix0YcgyJJOuZr4+W r1OA==
X-Gm-Message-State: AHQUAuYv0h/pm+3EZdK2EPZCvSE8NkRsclJNp7haqPrBdq4HOupTecmy jfK0mVLnnX6WE9Sl8JQNRECVHJWSrC8kAvy1kPo=
X-Google-Smtp-Source: AHgI3IYJ26cEQRxCN8B5W0zXe/LNw2u+iMHkwKQPGpoLg0UFsVN/0sN9F1Jr4/c7BkjBQXwsoZbAGAbpniY7bUTZbxE=
X-Received: by 2002:a0d:c4c2:: with SMTP id g185mr4275703ywd.31.1550858792388; Fri, 22 Feb 2019 10:06:32 -0800 (PST)
MIME-Version: 1.0
References: <6D78F4B2-A30D-4562-AC21-E4D3DE019D90@consulintel.es> <B6E2EC33-EEAF-40D0-AFCC-BDAFA9134ACD@consulintel.es> <20190220113603.GK71606@Space.Net> <28fbc2c305c640c9afb3704050f6e8d7@boeing.com> <20190220213107.GS71606@Space.Net> <019c552eb1624d348641d6930829fd1f@boeing.com> <CAKD1Yr0HBG+rhyFWg9zh0t3mW486Mjx9umjn+CRqAZg4z9r0dg@mail.gmail.com> <20190221073530.GT71606@Space.Net> <CAO42Z2wmB2W52b4MZ2h9sW5E9cQKm-HRjyf--q8C26jezS7LXQ@mail.gmail.com> <a73818d31db7422b99a524bc431b00ed@boeing.com> <CAO42Z2z9-48Gbb_Exf+oWUqDO=axSLpZBtqeDcxkAoFq5OziGw@mail.gmail.com> <CALx6S3624hnGauG1HaSWPMvQw0t2Q5R3gb8W4R8w3kuK7dcrWQ@mail.gmail.com> <CAO42Z2wOyTDrp5FNnBZ6KMOPT86o6n8rWRhXWdtSU_AOR9mV2A@mail.gmail.com> <CALx6S37FQVx=Hw3yLGfg-SkCwECc1JZkbcsqxrYLw6Pw5izdfw@mail.gmail.com>
In-Reply-To: <CALx6S37FQVx=Hw3yLGfg-SkCwECc1JZkbcsqxrYLw6Pw5izdfw@mail.gmail.com>
From: Ca By <cb.list6@gmail.com>
Date: Fri, 22 Feb 2019 11:06:20 -0700
Message-ID: <CAD6AjGSsh7GvmrWpn_ZT--KRf=vMUR5awcUe=uhGdKP_w8fW9Q@mail.gmail.com>
Subject: Re: Is addressing privacy via NAT really achieving much compared to a privacy goal of anonymity? (Re: [v6ops] A common problem with SLAAC in "renumbering" scenarios)
To: Tom Herbert <tom@herbertland.com>
Cc: "6man@ietf.org" <6man@ietf.org>, IPv6 Operations <v6ops@ietf.org>, Mark Smith <markzzzsmith@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000006acd2b05827f73d3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/phClZOjOrCGgo2zAwJCYUf6u5OU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 18:06:36 -0000

On Fri, Feb 22, 2019 at 10:12 AM Tom Herbert <tom@herbertland.com> wrote:

> On Thu, Feb 21, 2019 at 11:35 PM Mark Smith <markzzzsmith@gmail.com>
> wrote:
> >
> > Hi Tom,
> >
> > On Fri, 22 Feb 2019 at 10:04, Tom Herbert <tom@herbertland.com> wrote:
> > >
> > > On Thu, Feb 21, 2019 at 2:46 PM Mark Smith <markzzzsmith@gmail.com>
> wrote:
> > > >
> > > > On Fri, 22 Feb 2019 at 08:53, Manfredi (US), Albert E
> > > > <albert.e.manfredi@boeing.com> wrote:
> > > > >
> >
> > <snip>
> >
> > > >
> > > > So I think there's commonly a big different between works and works
> > > > well. NAT may work, however compared to stateless IPv6 (and IPv4)
> > > > forwarding, it doesn't work anywhere as near as well.
> > > >
> > > Mark,
> > >
> > > I agreee with that with one exception. I believe that NAT/IPv4 can
> > > offer better privacy in addressing than IPv6 given current addess
> > > allocation methods.
> > >
> >
> > So I don't think addressing privacy via NAT is really all that
> > valuable if there are many other ways, some quite easy, to uniquely
> > identify an anonymity desiring end-point/end-user, whose effectiveness
> > aren't impacted at all by NAT.
> >
> > For example, this website is coming over IPv4 for me, and I'm using
> > IPv4+NAPT. If IPv4+NAPT was that effective at anonymity, I shouldn't
> > be able to tracked.
> >
> > https://amiunique.org/
> >
> > Yet it is saying I can be with both Chrome and Firefox on Fedora 29 in
> > Incognito/Private windows mode on this host. It says the same about my
> > Android 9 phone with Chrome in Incognito mode.
> >
> > Going into the detail of how, they don't seem to be using IP address
> > at all for any identification, it is all browser attributes.
> >
> > We have IPv6 temporary addresses, which makes using addresses harder
> > to use to identify a node. I think that is a lot better than nothing.
>
> Mark,
>
> Yes, but by that same rationale a simple substitution cipher is better
> than nothing in cryptography!
>
> What pretty much any conversation about privacy in addressing seems to
> lacking is a quantitative description of privacy and any empiracal
> data on the impact that privacy mechanisms, like those defined in
> RFC4941, have had. You might say it "makes using addresses harder to
> use to identify a node". But then the obvious question is _how_ much
> harder? Is this really protecting anyone's privacy, or it is just a
> minor inconvenience to attackers and only giving users a false sense
> of security?
>
> The irony is that CGN seems to have the best supporting evidence for
> being a mechanism that impacts privacy, but it was never even intended
> to be a privacy mechanism. The evidence is in the form of concerns
> form law enforcement that the privacy side effect is too strong and
> impedes their investigations
> (https://www.theregister.co.uk/2017/10/18/europol_cgnat/).
>
> So I don't think "Is addressing privacy via NAT really achieving much
> compared to a privacy goal of anonymity?" is the right question. The
> right question to ask is "Is addressing privacy via any IETF defined
> mechanism achieving much compared to a privacy goal of anonymity?"
>
> Tom
>



1.  Network service providers cannot provide address anonymity.  LEA
requirements in the USA and many jurisdictions simply do not allow it, so
who is the customer of such a standard?  Who would make and deploy it?

2. Network address annonimity today is generally provided via Tor.  How
could the ietf provide something better than existiting tor solutions,
knowing that it will not be baked into the network — meaning it must be
over the top.

3. CGN is not private. It throw off per session logs of every transaction,
so this is a full click stream archived ... with varing levels of
intentional monetization and security from hackers.



> > However, I don't see how IPv6 NAT would improve it much, and it
> > introduces the other drawbacks of NAT.
> >
> > Regards,
> > Mark.
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > > Tom
> > >
> > > > Regards,
> > > > Mark.
> > > >
> > > >
> > > >
> > > > > Bert
> > > >
> > > > _______________________________________________
> > > > v6ops mailing list
> > > > v6ops@ietf.org
> > > > https://www.ietf.org/mailman/listinfo/v6ops
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email