RE: 6MAN Adoption call on draft-gont-6man-deprecate-eui64-based-addresses-00
"Leaf Yeh" <leaf.yeh.sdo@gmail.com> Wed, 27 November 2013 17:42 UTC
Return-Path: <leaf.yeh.sdo@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B61A1ADFA5 for <ipv6@ietfa.amsl.com>; Wed, 27 Nov 2013 09:42:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KZERRfBIYuB2 for <ipv6@ietfa.amsl.com>; Wed, 27 Nov 2013 09:42:11 -0800 (PST)
Received: from mail-pd0-x22b.google.com (mail-pd0-x22b.google.com [IPv6:2607:f8b0:400e:c02::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 719F51ADF8F for <ipv6@ietf.org>; Wed, 27 Nov 2013 09:42:11 -0800 (PST)
Received: by mail-pd0-f171.google.com with SMTP id z10so10323760pdj.2 for <ipv6@ietf.org>; Wed, 27 Nov 2013 09:42:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-type:content-transfer-encoding:thread-index :content-language; bh=Cc7w/E+P404m7rEoUKVYMamymcWnNYH8Q8Zz3Ym8YXE=; b=zzFOXcJfIad0qLCFRzMSPXs6ElAHnvXLYuuSQl0FfYrnz4ICIx5NE+BDOfI5sQ0sNA bnY9AVD0Q6Qq6Negrm8e3HDgQGpcQcdPvP56Bk532EQ/PrT5UB8OG3R7ZXdbysxJWF42 TpFtU43pRFwvQi2Hen5hFxsCKZ8V84oihYC3PEeopjtjOYnA7SslUHCoroo3pK5huQHe iy4tuTnd4DpcTZXZgO85dPY/HPDXYbPcSXlY27aXyk8JxeqGcprNy3REhFIJZrOt8LGr ZDybyRlJwhsNJL87JvFf892PRzzqgk7683dLWpEFJ8gn8wY6JD9lVNZqjIZGA8T3S5o+ vMsg==
X-Received: by 10.68.197.129 with SMTP id iu1mr6285301pbc.139.1385574129885; Wed, 27 Nov 2013 09:42:09 -0800 (PST)
Received: from PC ([218.18.196.70]) by mx.google.com with ESMTPSA id xn12sm51646306pac.12.2013.11.27.09.42.03 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 27 Nov 2013 09:42:09 -0800 (PST)
From: Leaf Yeh <leaf.yeh.sdo@gmail.com>
To: 'Ole Troan' <otroan@employees.org>
References: <F681E049-43A2-4A61-8692-C59A1BF356A6@employees.org> <19211253-FE58-459C-A8D2-46787EB57728@employees.org> <CAA7e52oB9wrzx-4=5-tx0JvuHDyBJ2Ht=VrxykEoFjgAT2_esw@mail.gmail.com> <72381AF1F18BAE4F890A0813768D9928011FE85B@sdcexchms.au.logicalis.com>
In-Reply-To: <72381AF1F18BAE4F890A0813768D9928011FE85B@sdcexchms.au.logicalis.com>
Subject: RE: 6MAN Adoption call on draft-gont-6man-deprecate-eui64-based-addresses-00
Date: Thu, 28 Nov 2013 01:41:57 +0800
Message-ID: <52962ef1.6cf5420a.5627.ffffe56f@mx.google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AQHO5Q8vNyUvXSOWqkaCFZ2O4B0Gn5ou52kAgAaZaQCAAxGysIAAycyA
Content-Language: zh-cn
Cc: '6man WG' <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Nov 2013 17:42:14 -0000
The draft under discussion sounds like a draft only having one sentence, while my reading is ' Nodes SHOULD implement and employ [I-D.ietf-6man-stable-privacy-addresses] as the default scheme for generating stable IPv6 addresses with SLAAC. ' in the case of end-user's GUA for the sake of privacy. I am curious why this sentence (or the relevant topic) can't be included in [I-D.ietf-6man-stable-privacy-addresses]. Best Regards, Leaf -----Original Message----- From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Greg Daley Sent: Wednesday, November 27, 2013 1:23 PM To: 'Jean-Michel Combes'; Ole Troan Cc: 6man Chairs; 6man WG Subject: RE: 6MAN Adoption call on draft-gont-6man-deprecate-eui64-based-addresses-00 Dear WG chairs & 6man, I think that changing the _default_ behaviour away from EUI-64/MAC should be undertaken since we have a number of privacy preserving schemes which are feasible today without it. I've noted and support most of the concerns of Jean-Michel, Ole, Ralph and others regarding operational flexibility. There is a significant advantage in testing a platform with MAC based addressing, and I think that it is useful to retain the capability to use the addresses in some cases (especially for Link-Local, or test scenarios). I do not think that the current draft revision reflects every case, and if it is adopted the treatment for EUI-64 would likely require: 1/ Discussion of EUI-64/MAC behaviour (were it retained in any flavour, with SHOULD NOT be used by default, MAY be used but SHOULD be configurable). 2/ Be clear that any of the (global) privacy preserving addressing schemes (4941, stable and CGA) are equivalent, but defaulting to one for minimum compliance when EUI-64/MAC not in use. 3/ Consideration for Link-Local addresses, and low powered communication schemes. i.e. does not apply to 6lowpan. In sensor networks particularly, there may be no specific end-user tied to a device: so why would we preclude use of a functional address format for the sake of privacy? So my response is that I have no objection to this being adopted as a working-group document, but I'm interested to make sure that the document doesn't go past WG stage without addressing some of the key issues above. Greg Daley gdaley@au.logicalis.com +61 401 772 770 From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Jean-Michel Combes Sent: Tuesday, 26 November 2013 4:14 AM To: Ole Troan Cc: 6man Chairs; 6man WG Subject: Re: 6MAN Adoption call on draft-gont-6man-deprecate-eui64-based-addresses-00 Hi, I don't support the adoption of this document as WG document in its current format. o "Nodes MUST NOT employ IPv6 address generation schemes that embed the underlying hardware address in the Interface Identifier." At first, as Ole said, privacy is policy and I don't see why IETF should dictate its rules to a network admin. If I want to set up an IPv6 node, in _my_ network, using SLAAC with EUI-64, it is my decision (BTW, maybe based on my security policy). IMHO, - "MUST NOT" should be replaced by "SHOULD NOT" - Title should be replaced by "Recommendations for generation of IPv6 IIDs" - Intended status should be replaced by "Informational" o "Nodes SHOULD implement and employ [I-D.ietf-6man-stable-privacy-addresses] as the default scheme" Why should I employ, by default, this method? Why not RFC4941 based one? Why not CGA? Why not a proprietary one? IMHO, this sentence should be replaced by "Nodes SHOULD implement and employ alternative schemes providing a better privacy like [I-D.ietf-6man-stable-privacy-addresses], [RFC4941] and [RFC3972]." Best regards, JMC. 2013/11/21 Ole Troan <otroan@employees.org> <nochair> to give my reasons for the hum against during the meeting. - privacy (and security) are policy. I think it is unlikely that the IETF is prescient enough to get this right for all cases - I think draft-ietf-6man-ipv6-address-generation-privacy-00 is enough to explain the privacy considerations to give implementors and users enough background to make a qualified choice - deprecating EUI-64 based interface-identifiers is way too strong, there are many cases where those are unproblematic to use I do think there is a problem with the IPv6 over Foo documents (e.g. RFC2464) requiring the interface-ids based on EUI-64, and leading to certification tests requiring implementations supporting it. I would be much more supportive of a document that updated those documents stating that there are alternative ways of generating the interface-id, and refer to the generation-privacy document for considerations. it could have text stating that unless there are link-specific considerations, stable privacy addresses should be the default interface-id for addresses larger than link-local scope. cheers, Ole </nochair> > All, > > There was strong support to adopt this draft at the working group meeting in Vancouver. > This is an adoption call to confirm the result of the hum at the meeting. > > Please provide a view with reasons as to whether the WG should adopt this or not. > > This message starts a one week 6MAN Working Group call on adopting: > > Title : Deprecating EUI-64 Based IPv6 Addresses > Author(s) : F. Gont, A. Cooper, D. Thaler, W. Liu > Filename : draft-gont-6man-deprecate-eui64-based-addresses-00 > Pages : 5 > Date : 2013-10-22 > > > http://tools.ietf.org/html/draft-gont-6man-deprecate-eui64-based-addre > sses-00 > > The call ends on November 26th, 2013. > > Regards, > > Bob Hinden & Ole Trøan -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- 6MAN Adoption call on draft-gont-6man-deprecate-e… Ole Troan
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Simon Perreault
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Mark ZZZ Smith
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Erik Nordmark
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Brian E Carpenter
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Lorenzo Colitti
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Ralph Droms
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Jahangir Hossain
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Dan Luedtke
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Brian Haberman
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Ralph Droms
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Lorenzo Colitti
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Brian Haberman
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Scott Brim
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Brian Haberman
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Roger Jørgensen
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Tim Chown
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Arturo Servin
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Lorenzo Colitti
- Re: 6MAN Adoption call on draft-gont-6man-depreca… David Farmer
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Fernando Gont
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Lorenzo Colitti
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Fernando Gont
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Lorenzo Colitti
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Fernando Gont
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Lorenzo Colitti
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Ole Troan
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Simon Perreault
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Ole Troan
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Lorenzo Colitti
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Simon Perreault
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Simon Perreault
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Ralph Droms
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Ralph Droms
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Simon Perreault
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Alissa Cooper
- Re: 6MAN Adoption call on draft-gont-6man-depreca… t.petch
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Fernando Gont
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Tim Chown
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Tim Chown
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Jean-Michel Combes
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Cutler James R
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Brian E Carpenter
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Tina TSOU
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Qiong
- RE: 6MAN Adoption call on draft-gont-6man-depreca… Greg Daley
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Tom Taylor
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Brian Haberman
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Behcet Sarikaya
- RE: 6MAN Adoption call on draft-gont-6man-depreca… Leaf Yeh
- Re: 6MAN Adoption call on draft-gont-6man-depreca… David Farmer
- Re: 6MAN Adoption call on draft-gont-6man-depreca… David Farmer
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Tom Taylor
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Brian Haberman
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Alexandru Petrescu
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Mark ZZZ Smith
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Tom Taylor
- Re: 6MAN Adoption call on draft-gont-6man-depreca… Alexandru Petrescu