IETF Logo Mail Archive

Re: Address privacy

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Mon, 27 January 2020 20:40 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F4E73A0C2C for <ipv6@ietfa.amsl.com>; Mon, 27 Jan 2020 12:40:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.6
X-Spam-Level:
X-Spam-Status: No, score=-9.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=YhQZ0tBr; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=kk6M3MIg
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kjFryCLBq1Ap for <ipv6@ietfa.amsl.com>; Mon, 27 Jan 2020 12:40:14 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43D1F3A0C29 for <ipv6@ietf.org>; Mon, 27 Jan 2020 12:40:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=13622; q=dns/txt; s=iport; t=1580157614; x=1581367214; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=a5kCVfSXRoQevWPKPqBg49yB3cTW8m2nZThjrnKLRik=; b=YhQZ0tBrHqGMApSHalz2SLu+pDSr9G4jqTFjlKBUgyW0Ssu+lv1GuT+M wl97AULZ0+Ia4YLKcA5L1xccy6NcTel2q9GRLKNLoV2HtW/VOKMNBkO/C sIeCFdtIoXlPIqD6LLVUE7p7T4jI97mQwqbqM0F64f9o/SRhOx/p3/qUS I=;
IronPort-PHdr: 9a23:SBFh/RIQulYYljnpd9mcpTVXNCE6p7X5OBIU4ZM7irVIN76u5InmIFeBvKd2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUgMdz8AfngguGsmAXFXnLOPgYjYmNM9DT1RiuXq8NBsdFQ==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CpAAD8SS9e/4YNJK1mHAEBAQEBBwEBEQEEBAEBgWkFAQELAYFTKScFbFggBAsqCoQKg0YDixSCX4lhji6BLoEkA1QJAQEBDAEBGAsKAgEBgUyCdAIXgg0kNgcOAgMNAQEEAQEBAgEFBG2FNwyFXgEBAQECAQEBEBERDAEBLAIJAQQHBAIBCBEBAwEBAQICJgICAh8GCxUCBggCBA4FGweCYgEhAYJKAw4gAQIBC6F8AoE5iGF1gTKCfwEBBYJEgksNC4IMAwaBDioBhR2EN4EGgSYdGoFBP4ERJyCCTD6CG0kBAQOBShYXgnkygiyNYIJ1nkNECoI5h0KKTIQpG4JIjE+LZZdEgiSQBQIEAgQFAg4BAQWBWQooN4EhcBU7KgGCQVAYDZNsgScBCYJChRSFP3QCgSeKICyBBwGBDwEB
X-IronPort-AV: E=Sophos;i="5.70,371,1574121600"; d="scan'208";a="415280005"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 Jan 2020 20:40:13 +0000
Received: from XCH-RCD-008.cisco.com (xch-rcd-008.cisco.com [173.37.102.18]) by alln-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id 00RKeC8T006856 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 27 Jan 2020 20:40:13 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-RCD-008.cisco.com (173.37.102.18) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 27 Jan 2020 14:40:12 -0600
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 27 Jan 2020 14:40:11 -0600
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 27 Jan 2020 14:40:11 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bWJhgrVHQgAsvgXBiwGp3TBnnVbU9dunIIyr4uQ9I5c693UNe1RbO6HL8j3Vs/6Nn4uzkOLStaFnwHmpwBkPk36W4CmO5ja7gyPIJX7sGWSfcANzhaozBJLbW5SjUDXV7X3zRZDxGEnerKkEIcrCV6uY1X7eOLvG5HpYVyizjT4spZrgc2+XmqpOvnZ+GeFaaCc8tjE3LDOihzeqnuOsMYpA28h2fegcrhT9NJ+3ukx5CY7hVyhgEet0BLO1HwygESj8E/Pz5SdS4lefri631Ca2co7qz3/4M6Lo3sewZhyR5f9pN4WszTPngqGJDImhFPTgPCLSEoD7XC55TlvD0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=a5kCVfSXRoQevWPKPqBg49yB3cTW8m2nZThjrnKLRik=; b=EAcB5/0m7wa8m+V88Zh5tGid1Bn3PkzJvAGOICuOJkGSF66ZG3GPHBD8ynENTyZG3oQCAOFj3oxBK2pW62RbWxIZyaHM+SD4JFFQmxsTu0M9lD8+1wORk/5nE714TiVNfn33V5UxbF1a6IyG79HkbRwPZiIdJrilsruEzInmrLCNXeiW217uzyJDt4SuWC0UBRgVFLETeLv1wIucO684TSswj/oDUi1OPvUpxx2oA7KdwL4JqJsRKrGnA4wE7B7tUUwnmbFmkzOO4Ir63qaSEUt6lgPlyjDP9O2xjk8+fsmLBHjuqiN3TZuOwad90vmTldQgRzB6lmD4yKH5MoA+FA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=a5kCVfSXRoQevWPKPqBg49yB3cTW8m2nZThjrnKLRik=; b=kk6M3MIgJNHpKT8DC1Zj8ChifMXfEW1T3A6qds3A08NxSYtsFkqA2ZIJaAydD97Q2nXSIvAxSpzG2w0+devkzoAI1izldMWvSvBHsQvh3raPjgwbsnT5ZcSXzFZAPhP2WL7VH1yQcGd7gtIQ7rlGPmzqFqVpMohBY0BQYCcuqd0=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4029.namprd11.prod.outlook.com (10.255.181.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2665.22; Mon, 27 Jan 2020 20:40:10 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a%3]) with mapi id 15.20.2665.026; Mon, 27 Jan 2020 20:40:10 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
CC: Tom Herbert <tom@herbertland.com>, 6man <ipv6@ietf.org>
Subject: Re: Address privacy
Thread-Topic: Address privacy
Thread-Index: AQHV1INLUhhJ/JZsDEi8Uf6a00CeEqf9YdcAgAABNYCAAAlGAIAAC6WAgACoZvCAALh7gIAAIhCw
Date: Mon, 27 Jan 2020 20:40:10 +0000
Message-ID: <0761F118-D862-42C5-BD32-B37207E9CEB6@cisco.com>
References: <CALx6S36802oDaEgojAPq2c6hM_s1BayidXPh1Sc6RZmZa9UHpQ@mail.gmail.com> <89CDA9FE-6C41-4A5E-B6CD-ECC367DFDABA@employees.org> <1220b074-c7f5-bbc8-2991-a9af66caf8b7@gmail.com> <CALx6S35oHgGDxa6014HB8UCYct0V9hcPFWqhiRM2kCgaPMtyqQ@mail.gmail.com> <MN2PR11MB35650E5E30B8A9B6F685880ED80B0@MN2PR11MB3565.namprd11.prod.outlook.com>, <b9b4f6a9-627c-a3f0-fb01-331232e28417@gmail.com>
In-Reply-To: <b9b4f6a9-627c-a3f0-fb01-331232e28417@gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2.15.172.153]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 28601629-379f-45bf-2bdc-08d7a3691a3e
x-ms-traffictypediagnostic: MN2PR11MB4029:
x-microsoft-antispam-prvs: <MN2PR11MB402917111F554F0D58174D61D80B0@MN2PR11MB4029.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 02951C14DC
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(39860400002)(396003)(366004)(346002)(376002)(189003)(199004)(8936002)(6506007)(66574012)(71200400001)(53546011)(8676002)(2616005)(81156014)(81166006)(316002)(66446008)(186003)(66476007)(66556008)(6916009)(76116006)(36756003)(91956017)(26005)(66946007)(64756008)(6486002)(54906003)(2906002)(7116003)(5660300002)(6512007)(3480700007)(966005)(33656002)(86362001)(478600001)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4029; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IayxztFtzVpHpB60ZIGaXLVmRNt3L95b2IHn37d0iuV5RcCAq5SNANWkw0ZCgIlQGyLIIF6SZRXCrCsRQ4coaejE+8jVOXsMAFTEK5X7aiU/HqjhrQecbV1QA9UGZAS5tfX/5L4d4B31ry9pd/c1XBVuQfO/hIqJ14Ryp4Wim2gSUNrGx6GqGkMSbX5SGY25tOknhXGLzslmW5BpuD43gBMkpchRUKq3YVArCFGpP3vAkzRKXTOgIzzOxAaZc+Krg2G4Bn/0e5HU4UbPx66pK29dpVyBokfDWmHzTbm75h0SD4k4PcUi1dXFaiLpn9/yzslXZs0sBUXNR+32BezXomCn3+lYwndu1/FAcsK6+LfwIqS5n0j4z/OuV6AmssAuTGRnw4vB2jRQ6jGwegc+8zVVMJZR4TVKiCcLy52ZWmT+/vsTsrAQ93vvSbG706LMqwU2sXqnoOQhdUxEu9QXhEmh6ogaiURhUiZrKck/Ra8=
x-ms-exchange-antispam-messagedata: 4odBgAIxCYEY8jr9L8S39o3Ot8OMdXx9520y2SgOVv6NdjR9zs4BCjWx4fOMbefqC/P4xwPItrjoU8O7ObGrw5vN/te20fQ4Mp4aRplfFvi7SpPC4+fTh+0tJehhzJXBZD+G9FBL8UhFsfaJO6lQKQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 28601629-379f-45bf-2bdc-08d7a3691a3e
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jan 2020 20:40:10.2040 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: kVcwyJOjJNpinVg/qjjjQlzP3njPW2o1IBrwRpHgn4VMoWTElu/D5HEgLHLpPc/DVfKLA4JAEYBrbjrU2meZNQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4029
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.18, xch-rcd-008.cisco.com
X-Outbound-Node: alln-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/qYT9bzETaf33_1eykjEyyPDKAxU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jan 2020 20:40:17 -0000

Yes, Brian,

and I must admit it’s encumbered by Cisco IPR but I doubt it’s the reason why it was not used that much. Any clue?


Regards,

Pascal

> Le 27 janv. 2020 à 19:38, Brian E Carpenter <brian.e.carpenter@gmail.com> a écrit :
> 
> On 27-Jan-20 20:43, Pascal Thubert (pthubert) wrote:
>> Hello Tom
>> 
>> This looks similar to the idea of using Mobile IPv6 inside a domain: 
> 
> Yes, we proposed that as long ago as https://tools.ietf.org/html/rfc4864
> 
>   Brian
> 
>> Hosts in the domain get only ULAs buy default. 
>> Hosts that need reach back from outside the domain obtain GUAs from common Home Agent that serves the domain.
>> That GUA becomes their home address. The ULA is the CareOf.
>> The MIP tunnel happens within the domain unbeknownst of the outside
>> 
>> This way:
>> - you get a better aggregation factor for privacy, mixed amongst the other devices in the domain.
>> - the network structure is hidden from the outside observer. It effectively appears as a flat /64.
>> 
>> Cheers,
>> 
>> Pascal
>> 
>>> -----Original Message-----
>>> From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of Tom Herbert
>>> Sent: dimanche 26 janvier 2020 22:35
>>> To: Brian E Carpenter <brian.e.carpenter@gmail.com>
>>> Cc: 6man <ipv6@ietf.org>
>>> Subject: Re: Address privacy
>>> 
>>> On Sun, Jan 26, 2020 at 12:53 PM Brian E Carpenter
>>> <brian.e.carpenter@gmail.com> wrote:
>>>> 
>>>>> On 27-Jan-20 09:20, Ole Troan wrote:
>>>>>> The obvious answer is to put the source address in the encrypted payload. It
>>> does not have to be in the core header.
>>>>> There’s a paper on it somewhere, although I am not sure if that’s where the
>>> idea originated.
>>>> 
>>>> Google "SNA: Sourceless Network Architecture" and "IPv6 source addresses
>>> considered harmful"
>>>> 
>>> 
>>> There's also the possibility of putting location information into a modifiable HBH
>>> option (part of draft-herbert-fast-04). Something like:
>>> 
>>> - End host sends packet with HBH option for location
>>> - First hop in network writes its location into the HBH option. The location
>>> information identifies the hop (e.g. base station in a mobile
>>> network) and is only interpretable in the local network (encrypted for instance).
>>> - Packet is routed to destination with HBH option in tact.
>>> - At the destination, the HBH option is reflected on return packets for a flow.
>>> End host doesn't do anything else than just reflect.
>>> - At the ingress node to the network, the location information is decoded. Given
>>> this, the ingress forwards the packet to the locator node by address translation
>>> of encapsulation.
>>> - At the locator node, i.e. first network hop upstream of destination node, the
>>> encapsulation or translation is undone and packet is forwarded to the final
>>> destination.
>>> 
>>> I think this method was first proposed to ensure consistent routing to the same
>>> backend in L4 load balancing. Obvious downsides are the we need EH to work in
>>> the network and there are changes needed in the hosts.
>>> 
>>> Tom
>>> 
>>>>   Brian
>>>> 
>>>>> 
>>>>> Cheers
>>>>> Ole
>>>>> 
>>>>>> On 26 Jan 2020, at 21:16, Tom Herbert <tom@herbertland.com> wrote:
>>>>>> 
>>>>>> On Sun, Jan 26, 2020 at 11:59 AM Joel M. Halpern
>>> <jmh@joelhalpern.com> wrote:
>>>>>>> 
>>>>>>> Tom, your description is somewhat misleading.
>>>>>>> 
>>>>>>> On the one hand, LISP replies on per-flow state only in the
>>>>>>> mapping entity.  Not at arbitrary places in the network.
>>>>>>> 
>>>>>>> Secondly, if hosts work in terms of identifiers, and the network
>>>>>>> works in temrs of locators, someone has to map them.  You can
>>>>>>> cache (including caching the whole thing), you can ask the host to hold
>>> the cache itself.
>>>>>>> There are other tradeoffs you can make, moving things around.
>>>>>>> But you can't just magically make the problem disappear.
>>>>>> 
>>>>>> Joel,
>>>>>> 
>>>>>> It comes down to how many addresses need to be mapped. It's
>>>>>> intuitive that a higher frequency of address rotation yields more
>>>>>> privacy. But higher frequency of address rotation means more active
>>>>>> addresses in the network. This degenerates to the greatest
>>>>>> frequency of change which would be to give each flow it's own
>>>>>> unique address, and this is also the one case of temporary
>>>>>> addresses where we can quantify the privacy characteristics.
>>>>>> 
>>>>>> However, giving each flow its own address quickly becomes a scaling
>>>>>> and management problem-- we're talking several billions of active
>>>>>> addresses in some provider networks. Hence, I believe we need
>>>>>> mapping functions that are more N:1 than 1:1 (the latter doesn't scale).
>>>>>> Similar, the ability of the network to delegate and map bundles of
>>>>>> uncorrelated addresses to devices would be useful.
>>>>>> 
>>>>>> Tom
>>>>>> 
>>>>>>> 
>>>>>>> Yours,
>>>>>>> Joel
>>>>>>> 
>>>>>>>> On 1/26/2020 2:51 PM, Tom Herbert wrote:
>>>>>>>> On Sun, Jan 26, 2020 at 9:42 AM Michael Richardson
>>>>>>>> <mcr+ietf@sandelman.ca> wrote:
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> Tom Herbert <tom@herbertland.com> wrote:
>>>>>>>>>>> Except that instead of doing it at layer 4, you do it with
>>>>>>>>>>> IPsec, and extrude that /128 to your machine.  This is already
>>>>>>>>>>> a thing :-)
>>>>>>>>>>> 
>>>>>>>>>>>> Another solution I’ve considered is to have a giant anonymity
>>>>>>>>>>>> mesh, with every ISP’s user participating, and forward flows
>>> through this
>>>>>>>>>>>> mesh, treating each customer as an anonymity server.   I think this
>>> is
>>>>>>>>>>> 
>>>>>>>>>>> This is also a thing called Tor.
>>>>>>>>>>> 
>>>>>>>>>> Michael,
>>>>>>>>> 
>>>>>>>>>> Doesn't that require that the users must explicitly configure
>>>>>>>>>> when they want privacy? I think a general solution should be
>>>>>>>>>> transparent to
>>>>>>>>> 
>>>>>>>>> Yes, I agree, it requires explicit configuration.
>>>>>>>>> I agree that this is not a good thing.
>>>>>>>>> 
>>>>>>>>>> the user and "just works" to ensure their privacy. That in fact
>>>>>>>>>> is one of the arguments for NAT. If there is a significantly
>>>>>>>>>> large enough pool of users behind a NAT device, then the
>>>>>>>>>> obfuscation is transparent to the use and seems to be pretty
>>>>>>>>>> good privacy (good enough that law enforcement is concerned
>>>>>>>>>> about NAT). I suppose a similar effect could be achieved with a
>>> transparent proxy.
>>>>>>>>> 
>>>>>>>>> Yes, and I think that more and more LEA will grow ever concerned
>>>>>>>>> about this situation, and it *is* pushing IPv6 adoption.  So, how can we
>>> find a happy medium?
>>>>>>>>> 
>>>>>>>>>> You might want to take a look at draft-herbert-ipv6-prefix-address-
>>> privacy-00.
>>>>>>>>> 
>>>>>>>>> An interesting read. I'm not sure where it goes.
>>>>>>>>> 
>>>>>>>>> I would like Locator/Identifier separation.
>>>>>>>>> I wanted SHIM6. LISP would work, I think.
>>>>>>>>> Then privacy needs don't need to screw up efficient routing at the
>>> edge.
>>>>>>>>> 
>>>>>>>> Hi Michael,
>>>>>>>> 
>>>>>>>> The problem of LISP is that it potentially includes a cache in
>>>>>>>> the operator network that can be driven by downstream untrusted
>>>>>>>> users-- hence there is possibility of DOS attack on the cache
>>>>>>>> (this is the primary reason why LISP hasn't been accepted into Linux).
>>>>>>>> 
>>>>>>>> What we really want is Identifier/Locator routing that neither
>>>>>>>> requires per flow state to be maintained in the network nor
>>>>>>>> relies on caches to get reasonable performance.
>>>>>>>> draft-herbert-ipv6-prefix-address-privacy suggests crypto
>>>>>>>> functions to map identifiers to locators at the edge.
>>>>>>>> 
>>>>>>>> Tom
>>>>>>>> 
>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> --
>>>>>>>>> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software
>>>>>>>>> Works  -= IPv6 IoT consulting =-
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> ----------------------------------------------------------------
>>>>>>>>> ---- IETF IPv6 working group mailing list ipv6@ietf.org
>>>>>>>>> Administrative Requests:
>>>>>>>>> https://www.ietf.org/mailman/listinfo/ipv6
>>>>>>>>> ----------------------------------------------------------------
>>>>>>>>> ----
>>>>>>>> 
>>>>>>>> -----------------------------------------------------------------
>>>>>>>> --- IETF IPv6 working group mailing list ipv6@ietf.org
>>>>>>>> Administrative Requests:
>>>>>>>> https://www.ietf.org/mailman/listinfo/ipv6
>>>>>>>> -----------------------------------------------------------------
>>>>>>>> ---
>>>>>>>> 
>>>>>> 
>>>>>> -------------------------------------------------------------------
>>>>>> - IETF IPv6 working group mailing list ipv6@ietf.org Administrative
>>>>>> Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>>>> -------------------------------------------------------------------
>>>>>> -
>>>>> 
>>>>> --------------------------------------------------------------------
>>>>> IETF IPv6 working group mailing list ipv6@ietf.org Administrative
>>>>> Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>>> --------------------------------------------------------------------
>>>>> 
>>>> 
>>>> --------------------------------------------------------------------
>>>> IETF IPv6 working group mailing list
>>>> ipv6@ietf.org
>>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>> --------------------------------------------------------------------
>>> 
>>> --------------------------------------------------------------------
>>> IETF IPv6 working group mailing list
>>> ipv6@ietf.org
>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email