RE: 3484bis and privacy addresses
Dave Thaler <dthaler@microsoft.com> Fri, 13 April 2012 21:57 UTC
Return-Path: <dthaler@microsoft.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E788111E8149 for <ipv6@ietfa.amsl.com>; Fri, 13 Apr 2012 14:57:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.749
X-Spam-Level:
X-Spam-Status: No, score=-103.749 tagged_above=-999 required=5 tests=[AWL=-0.150, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GjLQjXF8SmCy for <ipv6@ietfa.amsl.com>; Fri, 13 Apr 2012 14:57:29 -0700 (PDT)
Received: from db3outboundpool.messaging.microsoft.com (db3ehsobe003.messaging.microsoft.com [213.199.154.141]) by ietfa.amsl.com (Postfix) with ESMTP id 6F45D11E80C4 for <ipv6@ietf.org>; Fri, 13 Apr 2012 14:57:28 -0700 (PDT)
Received: from mail52-db3-R.bigfish.com (10.3.81.254) by DB3EHSOBE001.bigfish.com (10.3.84.21) with Microsoft SMTP Server id 14.1.225.23; Fri, 13 Apr 2012 21:57:27 +0000
Received: from mail52-db3 (localhost [127.0.0.1]) by mail52-db3-R.bigfish.com (Postfix) with ESMTP id 7F56160096; Fri, 13 Apr 2012 21:57:27 +0000 (UTC)
X-SpamScore: -6
X-BigFish: VS-6(zz1432Nzz1202hzzz2fh2a8h668h839h944hd25h)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC105.redmond.corp.microsoft.com; RD:none; EFVD:NLI
Received-SPF: pass (mail52-db3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=dthaler@microsoft.com; helo=TK5EX14HUBC105.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail52-db3 (localhost.localdomain [127.0.0.1]) by mail52-db3 (MessageSwitch) id 133435424737978_7081; Fri, 13 Apr 2012 21:57:27 +0000 (UTC)
Received: from DB3EHSMHS001.bigfish.com (unknown [10.3.81.233]) by mail52-db3.bigfish.com (Postfix) with ESMTP id 04F3D400B6; Fri, 13 Apr 2012 21:57:27 +0000 (UTC)
Received: from TK5EX14HUBC105.redmond.corp.microsoft.com (131.107.125.8) by DB3EHSMHS001.bigfish.com (10.3.87.101) with Microsoft SMTP Server (TLS) id 14.1.225.23; Fri, 13 Apr 2012 21:57:26 +0000
Received: from TK5EX14MLTW653.wingroup.windeploy.ntdev.microsoft.com (157.54.24.14) by TK5EX14HUBC105.redmond.corp.microsoft.com (157.54.80.48) with Microsoft SMTP Server (TLS) id 14.2.283.4; Fri, 13 Apr 2012 21:57:23 +0000
Received: from TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com ([169.254.4.253]) by TK5EX14MLTW653.wingroup.windeploy.ntdev.microsoft.com ([157.54.24.14]) with mapi id 14.02.0283.004; Fri, 13 Apr 2012 14:57:23 -0700
From: Dave Thaler <dthaler@microsoft.com>
To: Ray Hunter <v6ops@globis.net>
Subject: RE: 3484bis and privacy addresses
Thread-Topic: 3484bis and privacy addresses
Thread-Index: AQHNGUajDaqZ7/kESEaVgy0zYPsEC5aZSPWQ
Date: Fri, 13 Apr 2012 21:57:23 +0000
Message-ID: <9B57C850BB53634CACEC56EF4853FF653B513879@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com>
References: <4F716D5C.40402@innovationslab.net> <4F726C9E.50107@gmail.com> <9B57C850BB53634CACEC56EF4853FF653B5054C1@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <4F83D8D0.5030402@gmail.com> <9B57C850BB53634CACEC56EF4853FF653B508719@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <4F858C32.6060709@globis.net> <9B57C850BB53634CACEC56EF4853FF653B50CBC2@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <4F87D4EA.4040801@globis.net>
In-Reply-To: <4F87D4EA.4040801@globis.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.28]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Cc: "ipv6@ietf.org" <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Apr 2012 21:57:30 -0000
Hi Ray, I appreciate the detailed response. Thanks. > If SA is a temporary address and SB is a public address, then prefer > SA. Similarly, if SB is a temporary address and SA is a public > address, then prefer SB. > > Sessions originated from a server on today's implementations e.g. > Windows server OS currently do NOT use temporary addresses to source > sessions. Windows Server absolutely prefers temporary addresses to source sessions, whenever temporary addresses are enabled. Generation of temporary addresses (which isn't related to RFC 3484) is not enabled by default, but the RFC 3484 implementation in Windows Server definitely prefers temporary addresses over public addresses. > RFC3484 does NOT prefer temporary addresses as default behaviour today. > > The current text does not make a distinction between a server and a client > node, and says a machine should always prefer temporary addresses. Correct. We don't have WG consensus on making such a distinction. And Windows doesn't either (it only makes a distinction on whether RFC 3041 is enabled or disabled, where it's enabled by default on client OSs and disabled by default on server OS's). > If an implementor follows the current text, this would change default > behaviour of some current implementations e.g. Windows Server. As the person responsible for that implementation, I can assure you that's not the case. > Implementations for which application compatibility > considerations outweigh these privacy concerns MAY reverse the sense > of this rule and by default prefer public addresses over temporary > addresses. > > Ah: but now there is a MAY which effectively allows the implementor to do > anything they like if the implementor doesn't think Rule 7 is appropriate. You cannot do "anything you like". You're limited to two behaviors: (a) Prefer public, and (b) Prefer temporary. Both are legal and an implementation can do either one. That was already the case with RFC 3484, nothing new here except which one is the MAY vs the SHOULD. > Now imagine that I (as an end user) buy a machine of brand X that complies > 100% with the RFC3484bis Standards Track document (or update an existing > operating system version that implemented RFC3484 but now implements > RFC3484bis). > > Does the new version use temporary addresses by default? No idea. That was > left up to the individual implementor. Already true with RFC 3484. Left up to the individual implementer. If you want to know, then you want to configure it to use (possibly non-default) values. > Does the new version exhibit the same default behaviour as the previous > version based on RFC3484? No idea. Already true with RFC 3484. If you upgrade an OS, it may or may not choose a different set of RFC 3484-compliant options. If you want to know, then you want to configure it to use (possibly non-default) values. > Does the implementor have any idea what my or my employer's view is on > privacy addresses (either default ON or default OFF)? Nope. Actually the implementor often does due to proprietary mechaniams (like Group Policy or manual configuration or whatever else), but neither RFC 3484 nor 3484bis specifies configuration mechanisms, that's the job of companion docs like the DHCP option doc. The core doc can't mandate a specific mechanism, but needs to work independent of what specific mechanism is being used to configure policy. > Does the implementor have any idea what my or my employer's operational > requirements are? e.g. ACLs? Nope. > Is there a very good chance of taking the incorrect setting as default (in either > direction)? Yes. > > Is there a switch to reverse behaviour: either to turn it on when it should be > off or off when it should be on? > Sure, but the end user or system manager has to dig around in Brand X's > proprietary mechanism to figure out how to change it. > In mobile environments, they may not even have direct management access. Your points here are not about RFC 3484bis per se, they're about a configuration mechanism being standardized. That's being done in parallel. [...] > > No, the prefix policy table is for configuring a specific subset of > > rules (the ones using labels and preference). Configurability for > > other rules isn't part of the "prefix policy table", but is still configurable. > > Yes. That's exactly my problem. As you say, the prefix policy table can only > control a specific subset of the end node's behaviour. > > The current text effectively gives complete freedom for implementors to do > what they like on Rule 7: either Default ON or default OFF. > > So why have Rule 7 at all? Same reason for the other rules. a) there's only two options that are understood enough to reason about: basically prefer privacy, and prefer stability. Having a rule shows the precedence order among such rules in terms of when the difference matters. And we have consensus on that. b) they're implemented and deployed already, so we want to minimize changes from RFC 3484. > The current text also only provides a subset of that freedom to system > managers and end users (the policy table does not effect rule 7). The current text provides freedom to reverse the sense of the rule. The policy table isn't needed for that, the two are both configurable. > Especially for influencing the setting by remote configuration e.g. from a > trusted DHCPv6 server. The prefix policy table could be updated by > DHCPv6 via draft-ietf-6man-addr-select-opt-03, but the behaviour of rule > 7 can't be. Again your comments seem to be about failings with the current draft-ietf-6man-addr-select-opt document, not about RFC 3484bis. I would agree with you here that draft-ietf-6man-addr-select-opt is not ready for WGLC until it addresses more than just the prefix policy table. But that need not hold up RFC 3484bis itself, which just defines the knobs and leaves it for other docs to define a protocol to set the knobs via DHCPv6, SNMP, netconf, CLI, and/or whatever else. > >> Align and package all 3 together, and you have a far better solution. I disagree that we need to hold publication of RFC3484bis for any other protocol documents. We need normative references in the reverse direction, not from RFC3484bis to any protocol document. The WG wants to get RFC3484bis out asap because it actually fixes problems that were in RFC 3484. -Dave
- Re: 3484bis and privacy addresses Jong-Hyouk Lee
- 3484bis and privacy addresses Brian Haberman
- Re: 3484bis and privacy addresses JORDI PALET MARTINEZ
- Re: 3484bis and privacy addresses Arifumi Matsumoto
- Re: 3484bis and privacy addresses Basavaraj.Patil
- Re: 3484bis and privacy addresses Tassos Chatzithomaoglou
- Re: 3484bis and privacy addresses Teemu Savolainen
- Re: 3484bis and privacy addresses Francis Dupont
- Re: 3484bis and privacy addresses JORDI PALET MARTINEZ
- Re: 3484bis and privacy addresses Mohacsi Janos
- Re: 3484bis and privacy addresses Tim Chown
- Re: 3484bis and privacy addresses Roland Bless
- RE: 3484bis and privacy addresses Samita Chakrabarti
- RE: 3484bis and privacy addresses Eric Vyncke (evyncke)
- Re: 3484bis and privacy addresses Simon Perreault
- Re: 3484bis and privacy addresses Alex Abrahams
- Re: 3484bis and privacy addresses Tina TSOU
- RE: 3484bis and privacy addresses Wuyts Carl
- Re: 3484bis and privacy addresses Karl Auer
- Re: 3484bis and privacy addresses Karl Auer
- Re: 3484bis and privacy addresses Fernando Gont
- Re: 3484bis and privacy addresses Francis Dupont
- Re: 3484bis and privacy addresses Fernando Gont
- Re: 3484bis and privacy addresses Brian Haberman
- Re: 3484bis and privacy addresses Fernando Gont
- Re: 3484bis and privacy addresses Ray Hunter
- Re: 3484bis and privacy addresses Fernando Gont
- Re: 3484bis and privacy addresses Ray Hunter
- RE: 3484bis and privacy addresses Manfredi, Albert E
- Re: 3484bis and privacy addresses Sander Steffann
- Re: 3484bis and privacy addresses Dominik Elsbroek
- Re: 3484bis and privacy addresses Karl Auer
- RE: 3484bis and privacy addresses STARK, BARBARA H
- RE: 3484bis and privacy addresses Karl Auer
- Re: 3484bis and privacy addresses Brian E Carpenter
- Re: 3484bis and privacy addresses Roger Jørgensen
- Re: 3484bis and privacy addresses Francis Dupont
- Re: 3484bis and privacy addresses jonne.soininen
- Re: Re: 3484bis and privacy addresses Ray Hunter
- Re: 3484bis and privacy addresses Doug Barton
- Re: 3484bis and privacy addresses t.petch
- Re: 3484bis and privacy addresses Alex Abrahams
- Re: 3484bis and privacy addresses Doug Barton
- Re: 3484bis and privacy addresses Mark Andrews
- Re: 3484bis and privacy addresses Fernando Gont
- RE: 3484bis and privacy addresses Dave Thaler
- Re: 3484bis and privacy addresses Ray Hunter
- Re: 3484bis and privacy addresses JINMEI Tatuya / 神明達哉
- Re: 3484bis and privacy addresses james woodyatt
- RE: 3484bis and privacy addresses Tirumaleswar Reddy (tireddy)
- Re: 3484bis and privacy addresses Ray Hunter
- RE: 3484bis and privacy addresses Dave Thaler
- Re: 3484bis and privacy addresses Brian E Carpenter
- RE: 3484bis and privacy addresses Dave Thaler
- Re: RE: 3484bis and privacy addresses Ray Hunter
- RE: RE: 3484bis and privacy addresses Dave Thaler
- Re: 3484bis and privacy addresses Ray Hunter
- RE: 3484bis and privacy addresses Dave Thaler
- Re: 3484bis and privacy addresses Ray Hunter
- RE: 3484bis and privacy addresses Dave Thaler
- RE: 3484bis and privacy addresses Dave Thaler
- Re: RE: 3484bis and privacy addresses Ray Hunter
- Re: 3484bis and privacy addresses Arifumi Matsumoto