IETF Logo Mail Archive

Re: Address privacy (was: Re: RFC4941bis: consequences of many addresses for the network)

Gyan Mishra <hayabusagsm@gmail.com> Sun, 26 January 2020 03:32 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3A7912001E for <ipv6@ietfa.amsl.com>; Sat, 25 Jan 2020 19:32:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.756
X-Spam-Level:
X-Spam-Status: No, score=-0.756 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mVo6exVA3LZl for <ipv6@ietfa.amsl.com>; Sat, 25 Jan 2020 19:32:30 -0800 (PST)
Received: from mail-io1-xd2b.google.com (mail-io1-xd2b.google.com [IPv6:2607:f8b0:4864:20::d2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF81F12007C for <ipv6@ietf.org>; Sat, 25 Jan 2020 19:32:30 -0800 (PST)
Received: by mail-io1-xd2b.google.com with SMTP id i11so6257482ioi.12 for <ipv6@ietf.org>; Sat, 25 Jan 2020 19:32:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Gjdxb9VAQALZ1WgebFd70C7jB7iiwqUKF6BhFggaxEs=; b=PLdZ6uv91Z1NTmtYQ1kygi4JHIIp55lO67c0Ga5v9W4mbd5mQYStVa0sPdk8ACzKlc p18Y3eviWlIomxlaSFXKbuIrhF4Y4uUoxc8h3AzwyXFrIWYmvQFu5azThM7DgWETyONy dPIa50O508Gs0qOU1GjAqz/Ds51DJDXhATWWAU0zc7PE6u3wktPODzBBC3f4VvlFVVmc w3Vd5mHsTBLgGA+kQYfmHuxMmw2CV5Xnyteap58/VVaGqiQOxJPttWw6naKph2Qc5LEE uzApSTRb1YbI4OzphkLEnK6Io54YJeAZYnfLX7wRk9p+mUzYHChXjtDlGl2OoltN2dsA 4b6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Gjdxb9VAQALZ1WgebFd70C7jB7iiwqUKF6BhFggaxEs=; b=k59zY5OQxAD8i5O4SQWt/T0Jquf+PdZNSBHRzufB0g1ezGC3vehDNOYj4tDTU210M+ jY+wF/51EtKcz0GiZN+W4nyinFIullNz28kHPtFChmLP3rIHfE5Sx9IdS8V0iOHGwsmY wlhR1BDOaiW3Ie4PG2y8I976BW9s1goN0EzUp9pfep3EBDw+Az1mEZj8CxuF8598X8CT PyX6pNwBCX5K3vdrDKw9BKRq/FZ5aKRgt1zE87yLOunngJsSq0obqYMvHHBtZZyQGHl8 ulHph5RWQfgtRjT4u+JsMi/CyKuwM24ccZ105DRXTTCCOCyQN6yL2B7VqGyciXQDEhjZ pisw==
X-Gm-Message-State: APjAAAWo9jgxoyPFGMfbbVHF3vYXfssbQv6yKwP6zBmIjzcNyEWytnVF Jm1xcuacu/GzK2i9ymRCmHVK1IKcTNYqrFuL9mI=
X-Google-Smtp-Source: APXvYqy3G5l/eQC5hc5t1P9U+3iyeMxz0eYBbzHTxVx8xM7iHpezhpD5mXvjfxtFI7i/jC+TYZDUN14xo4MCpCtpXaU=
X-Received: by 2002:a02:13c2:: with SMTP id 185mr8621861jaz.0.1580009549925; Sat, 25 Jan 2020 19:32:29 -0800 (PST)
MIME-Version: 1.0
References: <CALx6S34rybXdES7=3EJffpPUrZ+D6rBffk9yJUoMQfsT-BLShQ@mail.gmail.com> <B013092B-33DA-4636-BC07-1D054DCBC8BE@puck.nether.net> <CABNhwV0C7pgYXstVqkOXUebrMifZux=UT8QadqPCHs7EHopLwg@mail.gmail.com>
In-Reply-To: <CABNhwV0C7pgYXstVqkOXUebrMifZux=UT8QadqPCHs7EHopLwg@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Sat, 25 Jan 2020 22:32:19 -0500
Message-ID: <CABNhwV1bNmXR+F_3h8jnvevggzQfCGvkVTKqQrYVy8d3Q2KHzw@mail.gmail.com>
Subject: Re: Address privacy (was: Re: RFC4941bis: consequences of many addresses for the network)
To: Jared Mauch <jared@puck.nether.net>
Cc: 6man WG <ipv6@ietf.org>, Christian Huitema <huitema@huitema.net>, Michael Richardson <mcr+ietf@sandelman.ca>, Tom Herbert <tom@herbertland.com>
Content-Type: multipart/alternative; boundary="000000000000f710ce059d02a32e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/sTr-PJHFeqbzKSrQqVbqxOK8-N0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Jan 2020 03:32:34 -0000

End user privacy comes into play when connected to the internet.  I would
think privacy concerns from an end user prospective is “data privacy” and
any attacks from viruses or malware or port scan attack.  Most desktop are
windows based and Microsoft has default Windows firewall and windows
defender for virus and malware protection.  Also we transaction should be
done with https as a best practice for end users to protect personal
information.  All broadband routers have NAT built where internal hosts sit
on a private RFC 1918 lan typically 192.168.1.0/24 and port forwarding
rules are required for access from the outside to inside.  All broadband
routers have built in firewalls these days although most users don’t enable.

So give the above basic SOHO network security out of the box for all
homeowners on their home broadband internet connection, what additional
security is gained my making this IPv6 address private and untraceable via
a regeneration of a temporary address.


Kind regards,

Gyan

On Sat, Jan 25, 2020 at 10:07 PM Gyan Mishra <hayabusagsm@gmail.com> wrote:

> O’Reilly is a famous author that has written many books on networking
> technology and had written this draft on criminal attribution
> characteristics of IPv6 address assignment.
>
> He is talking about how RFC 4941 privacy extension temporary address user
> privacy requirements directly impacts law enforcement   in tracking down
> criminal activity using the web and/or any cyber crimes.
>
> After reading this you really have to think hard as to why as to why users
> connected to the internet require privacy of their IPv6 address so it
> cannot be tracked,
>
> All electronic commerce is secure and so why does you IPv6 address have to
> be private so it’s untraceable.
>
> Other then criminal intent and not leaving an IPv6 trail that can be
> traced to the criminal activity of the perpetrators by law enforcement I
> cannot think of a reason for IPv6 address privacy.
>
> Please enlightened me.
>
> Analysis of the Crime Attribution Characteristics of Various IPv6 Address
> Assignment Techniques
> draft-daveor-ipv6-crime-attribution-00
> Abstract
> <https://tools.ietf.org/id/draft-daveor-ipv6-crime-attribution-00.html#rfc.abstract>
>
> The migration from IPv4 to IPv6 is intended to fix a large number of
> problems with IPv4 that have been identified through many years of global
> use, not least of which is the shortage of available IPv4 addresses. One of
> the challenges with IPv4 that has not, apparently, been adequately
> considered is the crime attribution characteristics of IPv6 technologies.
>
> The challenge of crime attribution on the Internet is an important one and
> a careful balance needs to be struck between the needs of law enforcement,
> the rights of crime victims and the right to privacy of the vast majority
> of Internet users who have no involvement in any sort of criminality.
>
> The purpose of this document is to consider the crime attribution
> characteristics of various IPv6 address assignment techniques.
>
> https://tools.ietf.org/id/draft-daveor-ipv6-crime-attribution-00.html
>
>
> On Sat, Jan 25, 2020 at 7:18 PM Jared Mauch <jared@puck.nether.net> wrote:
>
>> I'm not convinced that I get more privacy by using the privacy addresses
>> and more than encoding my emails with rot13.
>>
>> The industry has far more advanced ways to fingerprint users. The data
>> done by https://amiunique.org/ folks as well as others make it clear
>> that IP addresses aren't the means of tracking that I believe the concerns
>> that introduced privacy addresses were attempting to solve.
>>
>> Sent from my iCar
>>
>> On Jan 25, 2020, at 3:53 PM, Tom Herbert <tom@herbertland.com> wrote:
>>
>> "Using temporary address alone may not be sufficient to prevent all
>> forms of tracking. It is however quite clear that some usage of
>> temporary addresses is necessary to improve user privacy."
>>
>> It's intuitive that temporary addresses improve privacy. But the
>> question quickly becomes _how_ do temporary addresses improve privacy,
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
> --
>
> Gyan  Mishra
>
> Network Engineering & Technology
>
> Verizon
>
> Silver Spring, MD 20904
>
> Phone: 301 502-1347
>
> Email: gyan.s.mishra@verizon.com
>
>
>
> --

Gyan  Mishra

Network Engineering & Technology

Verizon

Silver Spring, MD 20904

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

v2.23.0 | Report a Bug | By Email