Re: draft-ietf-6man-rfc4941bis-01
"Bernie Volz (volz)" <volz@cisco.com> Mon, 25 March 2019 13:27 UTC
Return-Path: <volz@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1868B120381 for <ipv6@ietfa.amsl.com>; Mon, 25 Mar 2019 06:27:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.503
X-Spam-Level:
X-Spam-Status: No, score=-14.503 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=eWZ7lRV4; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=iEIemu0U
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qiq7p9Bz9r5Y for <ipv6@ietfa.amsl.com>; Mon, 25 Mar 2019 06:27:38 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1B751203E7 for <6man@ietf.org>; Mon, 25 Mar 2019 06:27:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4144; q=dns/txt; s=iport; t=1553520457; x=1554730057; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=R6jZKIROcaXT0uetlwNvUMucOv7PFYl1QT7KmH4ZC4Q=; b=eWZ7lRV4uuf8lV4sL4faF15/c5Yubb10gp7dSgj7EhOjO65AtYGB6boZ eDGRS3GzFcZ7SeXYTAhmNJz9sQ/ejPDZw4M/ZZX0ARijwMUfFM1nzG/zm LdB6ejAt06SDdUwYtsi6Rom8SiKYbLakRq+z+yaGhJUSRLV9iYTTIStsa 4=;
IronPort-PHdr: 9a23:vYVw/xZviqNUccPzlL8tkmH/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el20QKbRp3VvvRDjeee87vtX2AN+96giDgDa9QNHwQAld1QmgUhBMCfDkiuMvnufQQxHd9JUxlu+HToeUU=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ANAADs1Zhc/5FdJa1jGwEBAQEDAQEBBwMBAQGBUQYBAQELAYE9UANodAQLJwqEBINHA4RSilaCV5cMgS6BJANUDQEBIwmEQAIXhHoiNAkNAQEDAQEJAQMCbRwMhUoBAQEDASMRDAEBNwEPAgEIDgoCAiYCAgIwFRACBA4FgyIBgV0DDQgBAgyjBAKKFHGBL4J4AQEFgTUCgRCCNhiCDAMFgQskAYsxF4F/gTgfgkw+gmEBAQIBgUgWgwoxgiaKG4JYi2WMQQkCh2GLVhmCAoV8jACMM4RujSUCBAIEBQIOAQEFgU04gVZwFWUBgkGCCoNuhRSFP3IBgSeMMSqBBAGBHgEB
X-IronPort-AV: E=Sophos;i="5.60,269,1549929600"; d="scan'208";a="248963442"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 25 Mar 2019 13:27:37 +0000
Received: from XCH-ALN-017.cisco.com (xch-aln-017.cisco.com [173.36.7.27]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id x2PDRarc015694 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 25 Mar 2019 13:27:37 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-017.cisco.com (173.36.7.27) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 25 Mar 2019 08:27:36 -0500
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 25 Mar 2019 08:27:35 -0500
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 25 Mar 2019 09:27:35 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=R6jZKIROcaXT0uetlwNvUMucOv7PFYl1QT7KmH4ZC4Q=; b=iEIemu0UJQXBVhi2gQe6gPufMHCHuooUfYLw1UtgDH+B5K+bXfr+d9zXt8l25jOXVnnWPQebwjLxZSumnOcwFu/jjT7TEHXQfokRY5heG+0lFbj9OmNIyD95QGBkzu4AullerHmzdQ3AvjCMCwt5T/5xuij8vujr0MbyVbjKo1Q=
Received: from BN8PR11MB3601.namprd11.prod.outlook.com (20.178.219.23) by BN8PR11MB3793.namprd11.prod.outlook.com (20.178.221.204) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1730.16; Mon, 25 Mar 2019 13:27:34 +0000
Received: from BN8PR11MB3601.namprd11.prod.outlook.com ([fe80::6490:fc00:ad84:5469]) by BN8PR11MB3601.namprd11.prod.outlook.com ([fe80::6490:fc00:ad84:5469%3]) with mapi id 15.20.1730.019; Mon, 25 Mar 2019 13:27:34 +0000
From: "Bernie Volz (volz)" <volz@cisco.com>
To: Fernando Gont <fgont@si6networks.com>
CC: "6man@ietf.org" <6man@ietf.org>
Subject: Re: draft-ietf-6man-rfc4941bis-01
Thread-Topic: draft-ietf-6man-rfc4941bis-01
Thread-Index: AQHU4ucj+wzW+xU0V0Od7LXSIurCTaYcMFOA///jzYA=
Date: Mon, 25 Mar 2019 13:27:33 +0000
Message-ID: <6E9EE461-EC11-4F56-A292-4C658EB78248@cisco.com>
References: <19B35304-FBF4-46B2-B7B6-925A7A8A22D9@cisco.com> <f0f3e2b2-b931-c804-da3f-d4bf0540fdc6@si6networks.com>
In-Reply-To: <f0f3e2b2-b931-c804-da3f-d4bf0540fdc6@si6networks.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.17.0.190309
authentication-results: spf=none (sender IP is ) smtp.mailfrom=volz@cisco.com;
x-originating-ip: [173.38.117.66]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d1afad36-ed67-4998-358b-08d6b125a40d
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:BN8PR11MB3793;
x-ms-traffictypediagnostic: BN8PR11MB3793:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <BN8PR11MB3793D1D63577B32FBA086F90CF5E0@BN8PR11MB3793.namprd11.prod.outlook.com>
x-forefront-prvs: 0987ACA2E2
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(376002)(366004)(39860400002)(346002)(396003)(189003)(199004)(85644002)(6436002)(25786009)(99286004)(2616005)(6486002)(229853002)(3846002)(66066001)(53936002)(446003)(11346002)(6306002)(6246003)(82746002)(6116002)(97736004)(105586002)(106356001)(305945005)(7736002)(83716004)(71190400001)(71200400001)(6512007)(14444005)(102836004)(26005)(6506007)(76176011)(68736007)(53546011)(186003)(8676002)(81166006)(81156014)(36756003)(478600001)(6916009)(58126008)(256004)(5660300002)(4326008)(2906002)(86362001)(14454004)(486006)(316002)(8936002)(33656002)(476003); DIR:OUT; SFP:1101; SCL:1; SRVR:BN8PR11MB3793; H:BN8PR11MB3601.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: g9DPpssA/NXq/MrQNnY7gHd/6YPkfoiThFd+CQRhluXYui9XPZxgzU5otmuUnVs8dt6QveQdNCYEbBio1Od8uqCr7zRp5jjANuLN5mbh0oCLK6nUkl/mForV/Vj8/p8ZtvRxH/xBvDZ9PTLB0RsK2rD1PBEYrO7LMc1YVeYgnrFaSlSFOXLUs2eXi6fuoosCFbzzbL10FFKbzwcpfsnhsw3L8AdUEVPIb2uCa3TmvoIEYE3KjyqQpKAN/HAAKDCM+kFVKnfLv4R4GI128+WFO0yzo21fiNNIcY8kdorGV44+ThyUHHQSeCjHk/UKEzbS5twsruDFvX3SU+4yq0EdFFkrMh/1PiPNSM3nBjQbLlVHbCg+jzvHxCYDzVX+5cZozUWMvRf6lDsEYJFnMh9IKmZr50TOGtozdbJpCd96Qho=
Content-Type: text/plain; charset="utf-8"
Content-ID: <AE458E0DD261F941BE19DD23CC34A52D@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: d1afad36-ed67-4998-358b-08d6b125a40d
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Mar 2019 13:27:34.1667 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR11MB3793
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.27, xch-aln-017.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/t0minIXlDqXQVJJ7hOmTwAJuwdk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2019 13:27:40 -0000
Hi:
Your proposed text looks reasonable
P.S.: I'm not sure whether a DHCPv6 server might impose limits on the
number of temporary addresses that may be leased to a client,.. in which
case SLAAC would be a better option from a privacy point of view.
That's a matter of server policy and not something that the standards would document. But yes, there are severs that impose (configurable) limits on the number (though the defaults are likely to be very generous and would not be likely to cause practical issues - certainly haven't heard of any).
- Bernie
On 3/25/19, 7:08 AM, "Fernando Gont" <fgont@si6networks.com> wrote:
Hi, Bernie,
On 25/3/19 09:45, Bernie Volz (volz) wrote:
> Fernando:
>
> Please update reference for DHCPv6 from RFC3315 to RFC8415 in next
> revision. There may need to be updates to reference appropriate new
> section numbers.
Will do. Thanks!
> Regarding:
>
> “One way to avoid having a stable non-changing address is to use DHCPv6
> [RFC3315 <https://tools.ietf.org/html/rfc3315>] for obtaining addresses.
> Section 12 of [RFC3315] <https://tools.ietf.org/html/rfc3315#section-12>
> discusses the use of DHCPv6 for the assignment and management of
> "temporary addresses", which are never renewed and provide the same
> property of temporary addresses described in this document with regards
> to the privacy concern.”
>
>
> They can be renewed; typically they would not be but they can be. For
> example, may be needed if existing connection using the temporary
> address as source needs to be maintained. Section 13.2 states:
>
>
> “One of the most important properties of a temporary address is to make
> it difficult to link the address to different actions over time. So, it
> is NOT RECOMMENDED for a client to renew temporary addresses, though
> DHCP provides for such a possibility (see Section 21.5
> <https://tools.ietf.org/html/rfc8415#section-21.5>).”
How about updating the aforementioned text as follows:
“One way to avoid having a stable non-changing address is to use DHCPv6
[RFC8415] for obtaining addresses. Section 13.2 of [RFC8415]
discusses the use of DHCPv6 for the assignment and management of
"temporary addresses", that can provide the same property of temporary
addresses described in this document with regards to the privacy concern.”
?
P.S.: I'm not sure whether a DHCPv6 server might impose limits on the
number of temporary addresses that may be leased to a client,.. in which
case SLAAC would be a better option from a privacy point of view.
Thanks!
Cheers,
--
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- draft-ietf-6man-rfc4941bis-01 Bernie Volz (volz)
- Re: draft-ietf-6man-rfc4941bis-01 Fernando Gont
- Re: draft-ietf-6man-rfc4941bis-01 Bernie Volz (volz)