Re: 3484bis and privacy addresses
Ray Hunter <v6ops@globis.net> Tue, 27 March 2012 19:05 UTC
Return-Path: <v6ops@globis.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FAAC21E80A1 for <ipv6@ietfa.amsl.com>; Tue, 27 Mar 2012 12:05:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.422
X-Spam-Level:
X-Spam-Status: No, score=-2.422 tagged_above=-999 required=5 tests=[AWL=0.176, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mHh1Hr1UZwIw for <ipv6@ietfa.amsl.com>; Tue, 27 Mar 2012 12:05:51 -0700 (PDT)
Received: from globis01.globis.net (RayH-1-pt.tunnel.tserv11.ams1.ipv6.he.net [IPv6:2001:470:1f14:62e::2]) by ietfa.amsl.com (Postfix) with ESMTP id 6B51621E8089 for <ipv6@ietf.org>; Tue, 27 Mar 2012 12:05:51 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by globis01.globis.net (Postfix) with ESMTP id 714198700DB; Tue, 27 Mar 2012 21:05:47 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at globis01.globis.net
Received: from globis01.globis.net ([127.0.0.1]) by localhost (mail.globis.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OPR-Tr1VlhUK; Tue, 27 Mar 2012 21:05:35 +0200 (CEST)
Received: from Rays-iMac.local (unknown [192.168.0.3]) (Authenticated sender: Ray.Hunter@globis.net) by globis01.globis.net (Postfix) with ESMTPA id 361298700D8; Tue, 27 Mar 2012 21:05:35 +0200 (CEST)
Message-ID: <4F720F7F.2090108@globis.net>
Date: Tue, 27 Mar 2012 21:05:35 +0200
From: Ray Hunter <v6ops@globis.net>
User-Agent: Postbox Express 1.0.1 (Macintosh/20100705)
MIME-Version: 1.0
To: Fernando Gont <fgont@si6networks.com>
Subject: Re: 3484bis and privacy addresses
References: <4F716D5C.40402@innovationslab.net> <4F71F217.7000209@globis.net> <4F71FC03.90403@si6networks.com>
In-Reply-To: <4F71FC03.90403@si6networks.com>
Content-Type: multipart/alternative; boundary="------------030502060503080600040602"
Cc: Brian Haberman <brian@innovationslab.net>, ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2012 19:05:52 -0000
I happen to like your draft. But even in the presence of a mechanism to distribute an advisory address-generation policy (which may or may not not be supported by all end-node implementations for another 10 years) IMHO the proper *default* behavior is still "off" = option A. In other words, default = IPv4-like behavior, at least until we really figure out how to operate all of these fancy new features of IPv6. regards, RayH Fernando Gont wrote: > On 03/27/2012 07:00 PM, Ray Hunter wrote: > >> My take on this is that a set of a few hundred individual persons who >> are worried about privacy are more likely to be able to control their >> own particular machines to correctly override the "default off" setting >> than a single corporate network manager is to be able to guarantee >> overriding a "default on" setting on 100% of 10000 machines attached to >> their network. >> > > Well, that's because we should probably do something like this: > <http://tools.ietf.org/id/draft-gont-6man-managing-slaac-policy-00.txt> > > While I understand the "procedural constraints" (i.e., document in > WGLC), I think that much of the discussion that we're having is because > we have limited choices in a number of areas. Namely: > > 1) Inability to convey address-generation policy in RA messages. > 2) Stable privacy-enhanced addresses > > So we worry about selecting the right default because: > > 1) We have no mechanism to change that default dynamically > 2) If we were to use stable addresses, in msot cases that implies > "privacy-harmful" addresses. > > Thanks, >
- Re: 3484bis and privacy addresses Jong-Hyouk Lee
- 3484bis and privacy addresses Brian Haberman
- Re: 3484bis and privacy addresses JORDI PALET MARTINEZ
- Re: 3484bis and privacy addresses Arifumi Matsumoto
- Re: 3484bis and privacy addresses Basavaraj.Patil
- Re: 3484bis and privacy addresses Tassos Chatzithomaoglou
- Re: 3484bis and privacy addresses Teemu Savolainen
- Re: 3484bis and privacy addresses Francis Dupont
- Re: 3484bis and privacy addresses JORDI PALET MARTINEZ
- Re: 3484bis and privacy addresses Mohacsi Janos
- Re: 3484bis and privacy addresses Tim Chown
- Re: 3484bis and privacy addresses Roland Bless
- RE: 3484bis and privacy addresses Samita Chakrabarti
- RE: 3484bis and privacy addresses Eric Vyncke (evyncke)
- Re: 3484bis and privacy addresses Simon Perreault
- Re: 3484bis and privacy addresses Alex Abrahams
- Re: 3484bis and privacy addresses Tina TSOU
- RE: 3484bis and privacy addresses Wuyts Carl
- Re: 3484bis and privacy addresses Karl Auer
- Re: 3484bis and privacy addresses Karl Auer
- Re: 3484bis and privacy addresses Fernando Gont
- Re: 3484bis and privacy addresses Francis Dupont
- Re: 3484bis and privacy addresses Fernando Gont
- Re: 3484bis and privacy addresses Brian Haberman
- Re: 3484bis and privacy addresses Fernando Gont
- Re: 3484bis and privacy addresses Ray Hunter
- Re: 3484bis and privacy addresses Fernando Gont
- Re: 3484bis and privacy addresses Ray Hunter
- RE: 3484bis and privacy addresses Manfredi, Albert E
- Re: 3484bis and privacy addresses Sander Steffann
- Re: 3484bis and privacy addresses Dominik Elsbroek
- Re: 3484bis and privacy addresses Karl Auer
- RE: 3484bis and privacy addresses STARK, BARBARA H
- RE: 3484bis and privacy addresses Karl Auer
- Re: 3484bis and privacy addresses Brian E Carpenter
- Re: 3484bis and privacy addresses Roger Jørgensen
- Re: 3484bis and privacy addresses Francis Dupont
- Re: 3484bis and privacy addresses jonne.soininen
- Re: Re: 3484bis and privacy addresses Ray Hunter
- Re: 3484bis and privacy addresses Doug Barton
- Re: 3484bis and privacy addresses t.petch
- Re: 3484bis and privacy addresses Alex Abrahams
- Re: 3484bis and privacy addresses Doug Barton
- Re: 3484bis and privacy addresses Mark Andrews
- Re: 3484bis and privacy addresses Fernando Gont
- RE: 3484bis and privacy addresses Dave Thaler
- Re: 3484bis and privacy addresses Ray Hunter
- Re: 3484bis and privacy addresses JINMEI Tatuya / 神明達哉
- Re: 3484bis and privacy addresses james woodyatt
- RE: 3484bis and privacy addresses Tirumaleswar Reddy (tireddy)
- Re: 3484bis and privacy addresses Ray Hunter
- RE: 3484bis and privacy addresses Dave Thaler
- Re: 3484bis and privacy addresses Brian E Carpenter
- RE: 3484bis and privacy addresses Dave Thaler
- Re: RE: 3484bis and privacy addresses Ray Hunter
- RE: RE: 3484bis and privacy addresses Dave Thaler
- Re: 3484bis and privacy addresses Ray Hunter
- RE: 3484bis and privacy addresses Dave Thaler
- Re: 3484bis and privacy addresses Ray Hunter
- RE: 3484bis and privacy addresses Dave Thaler
- RE: 3484bis and privacy addresses Dave Thaler
- Re: RE: 3484bis and privacy addresses Ray Hunter
- Re: 3484bis and privacy addresses Arifumi Matsumoto