Review of draft-ietf-6man-rfc4941bis-01
Christian Huitema <huitema@huitema.net> Fri, 29 March 2019 09:01 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 997951203FC for <ipv6@ietfa.amsl.com>; Fri, 29 Mar 2019 02:01:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wDnX8mduc1QZ for <ipv6@ietfa.amsl.com>; Fri, 29 Mar 2019 02:01:48 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB8601203CE for <ipv6@ietf.org>; Fri, 29 Mar 2019 02:01:47 -0700 (PDT)
Received: from xsmtp03.mail2web.com ([168.144.250.223]) by mx64.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1h9nOS-0006HG-Kz for ipv6@ietf.org; Fri, 29 Mar 2019 10:01:45 +0100
Received: from [10.5.2.17] (helo=xmail07.myhosting.com) by xsmtp03.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1h9nON-0000vx-Cd for ipv6@ietf.org; Fri, 29 Mar 2019 05:01:40 -0400
Received: (qmail 1834 invoked from network); 29 Mar 2019 09:01:37 -0000
Received: from unknown (HELO [31.133.128.127]) (Authenticated-user:_huitema@huitema.net@[31.133.128.127]) (envelope-sender <huitema@huitema.net>) by xmail07.myhosting.com (qmail-ldap-1.03) with ESMTPA for <bob.hinden@gmail.com>; 29 Mar 2019 09:01:37 -0000
To: IETF IPv6 Mailing List <ipv6@ietf.org>, draft-ietf-6man-rfc4941bis@ietf.org, "6man@ietf.org" <6man@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
From: Christian Huitema <huitema@huitema.net>
Openpgp: preference=signencrypt
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= mQENBFIRX8gBCAC26usy/Ya38IqaLBSu33vKD6hP5Yw390XsWLaAZTeQR64OJEkoOdXpvcOS HWfMIlD5s5+oHfLe8jjmErFAXYJ8yytPj1fD2OdSKAe1TccUBiOXT8wdVxSr5d0alExVv/LO I/vA2aU1TwOkVHKSapD7j8/HZBrqIWRrXUSj2f5n9tY2nJzG9KRzSG0giaJWBfUFiGb4lvsy IaCaIU0YpfkDDk6PtK5YYzuCeF0B+O7N9LhDu/foUUc4MNq4K3EKDPb2FL1Hrv0XHpkXeMRZ olpH8SUFUJbmi+zYRuUgcXgMZRmZFL1tu6z9h6gY4/KPyF9aYot6zG28Qk/BFQRtj7V1ABEB AAG0J0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PokBOQQTAQIAIwUC UhFfyAIbLwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEJNDCbJVyA1yhbYH/1ud6x6m VqGIp0JcZUfSQO8w+TjugqxCyGNn+w/6Qb5O/xENxNQ4HaMQ5uSRK9n8WKKDDRSzwZ4syKKf wbkfj05vgFxrjCynVbm1zs2X2aGXh+PxPL/WHUaxzEP7KjYbLtCUZDRzOOrm+0LMktngT/k3 6+EZoLEM52hwwpIAzJoscyEz7QfqMOZtFm6xQnlvDQeIrHx0KUvwo/vgDLK3SuruG1CSHcR0 D24kEEUa044AIUKBS3b0b8AR7f6mP2NcnLpdsibtpabi9BzqAidcY/EjTaoea46HXALk/eJd 6OLkLE6UQe1PPzQC4jB7rErX2BxnSkHDw50xMgLRcl5/b1a5AQ0EUhFfyAEIAKp7Cp8lqKTV CC9QiAf6QTIjW+lie5J44Ad++0k8gRgANZVWubQuCQ71gxDWLtxYfFkEXjG4TXV/MUtnOliG 5rc2E+ih6Dg61Y5PQakm9OwPIsOx+2R+iSW325ngln2UQrVPgloO83QiUoi7mBJPbcHlxkhZ bd3+EjFxSLIQogt29sTcg2oSh4oljUpz5niTt69IOfZx21kf29NfDE+Iw56gfrxI2ywZbu5o G+d0ZSp0lsovygpk4jK04fDTq0vxjEU5HjPcsXC4CSZdq5E2DrF4nOh1UHkHzeaXdYR2Bn1Y wTePfaHBFlvQzI+Li/Q6AD/uxbTM0vIcsUxrv3MNHCUAEQEAAYkCPgQYAQIACQUCUhFfyAIb LgEpCRCTQwmyVcgNcsBdIAQZAQIABgUCUhFfyAAKCRC22tOSFDh1UOlBB/94RsCJepNvmi/c YiNmMnm0mKb6vjv43OsHkqrrCqJSfo95KHyl5Up4JEp8tiJMyYT2mp4IsirZHxz/5lqkw9Az tcGAF3GlFsj++xTyD07DXlNeddwTKlqPRi/b8sppjtWur6Pm+wnAHp0mQ7GidhxHccFCl65w uT7S/ocb1MjrTgnAMiz+x87d48n1UJ7yIdI41Wpg2XFZiA9xPBiDuuoPwFj14/nK0elV5Dvq 4/HVgfurb4+fd74PV/CC/dmd7hg0ZRlgnB5rFUcFO7ywb7/TvICIIaLWcI42OJDSZjZ/MAzz BeXm263lHh+kFxkh2LxEHnQGHCHGpTYyi4Z3dv03HtkH/1SI8joQMQq00Bv+RdEbJXfEExrT u4gtdZAihwvy97OPA2nCdTAHm/phkzryMeOaOztI4PS8u2Ce5lUB6P/HcGtK/038KdX5MYST Fn8KUDt4o29bkv0CUXwDzS3oTzPNtGdryBkRMc9b+yn9+AdwFEH4auhiTQXPMnl0+G3nhKr7 jvzVFJCRif3OAhEm4vmBNDE3uuaXFQnbK56GJrnqVN+KX5Z3M7X3fA8UcVCGOEHXRP/aubiw Ngawj0V9x+43kUapFp+nF69R53UI65YtJ95ec4PTO/Edvap8h1UbdEOc4+TiYwY1TBuIKltY 1cnrjgAWUh/Ucvr++/KbD9tD6C8=
Message-ID: <97eb8994-c56e-beba-98d5-19d9f2de3e0d@huitema.net>
Date: Fri, 29 Mar 2019 10:01:37 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Subject: Review of draft-ietf-6man-rfc4941bis-01
X-Originating-IP: 168.144.250.223
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.50)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5sH1ePvbowtmwUWqBCFYr+x602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO0+c5LB5+AaOnyUGHzplYThs1ujulqUFmMITHM77eiVifx3EUFKTbKEVOO0WEg29hs7i TvJ2/ZGzVWB9scFAaCdIFaUvXN+CI+RGy3Me16pBmePYa3CQqb9L6x2mHOMrWx/TBCf6oYXAWGet lavcAjD9ytQxIHf9lN5jjLJaPK8l4YBmPrqPoeRXD34azf1rYZv5uZUEePrXZkexHL9EC3AAJAfA 9MMVcQ9WVjD1q+Rbd9IPG/DQ2p+GU04sTuYFs91jhnM/Mbva2XLV/LIEzaKyLm0zESXAkIAT8ZKA DvsGI5uh86ZVnyOrYkLMWyEaRt9fxN2oReTDHAyOynaY0CmHJLVH4DfVNbPXJmiLfub/IRFsicyJ MEhQFtD8PLoiniWmsFByBoXAuCZEyg59LM/9rUJrEbVA84BZVscMTXpbpuxXJTL417vaJWq5kk+j cuidX4Ts4xdG+C13IyWeZaJBrjpxewrCys4Ygrw8BIFOPwUimsNGvJJilSn4u6QSZHeKoll/dXQt m3eAHIc7YMIs95DGoDQyh90npG6wuAU16Y3oZJdQ0WXQEIKhyt8GANo5bn0tFTz4SVUdCy2MVE6+ P+NMWgh0hdHFCOgNkMJ392PNDpgLsd6Ddd/s7VM53tGWQiV0zRVsA5SL7kYV1JnAMgFPp7+h3kLe NmBV53UGinWeQs/VeYMipemDbPt00lkyYfkNZJPwcPJVGQB+C79RXxKF5tPxTxfD0dMN+t5ZP6zO upSxHMPsAHfGhZAC/IAhemhJdBSJkER04dYNqSf7G3ch6MdB0XuALpEgtIRSdxZ/cxSnpMWdGZZ8 NIOHnN40eTXlWiUAYdLmsJdAoPJHNvQfAjIDptXbNSradnS0Zqm0mOdPl1LeUTNmkYtBTuxv0/1e /nzlq13wYTxncOSJHdsd+cwIgRT6euCWiMrA+4FHNKsiy9wMVtQ6ai8zTQ==
X-Report-Abuse-To: spam@quarantine9.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/tr2kXLwHXIyUbskBTo1Xl24Hd7s>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Mar 2019 09:01:55 -0000
This is my review of draft-ietf-6man-rfc4941bis-01, as promised in the WG session. I think the draft is almost ready, but I would like to see a couple of changes: 1) Simplify the IID generation spec by treating the "hash based" generation as just an alternative PNRG. 2) Discuss the temporary address life time and what to do when "quickly" reconnecting to the network that the node just left. 3) Simplify the discussion of the DNS reverse tree by just stating that temporary addresses should not be registered in that tree, and that applications subject to address control should just use static address. I would also like to discuss the use case of "different temporary addresses for different application contexts", but I suspect this would have to be done in a different draft. Detailed comments follow. Section 2.1 discusses a list of ways users and devices can be tracked. I assume this is intended to motivate the need for temporary addresses, but I when reading it I was wandering how much text we really need here. For example, there is a discussion of web cookies, but no discussion of other tracking techniques such as finger printing. But then, there is no way to provide an extensive list of such tracking methods, you would need to write a book. The real point is that addresses allow "chained tracking": tracker uses a cookie to link a newly appearing address to an existing identity; the address now becomes a tracked address; tracker now uses the tracked address to correlate activities. Defeating that requires frequent address rotation. Maybe we should say something about this requirement. Section 2.2 discusses the use of the same address in multiple contexts, when the same node is used as client and as server. Then, there are p2p connections such as web RTC, which have properties of clients or servers. The consequence there is the need for multiple temporary addresses per host, so as to not need sharing an address between multiple contexts. This leads to "one address per service", or maybe "one address per container". Do we really want to discuss that, or should we just keep the motivation to a minimum, and concetrate on how to acquire temporary addresses? Typo "Peseudo-Random" in section 3.2. I am not sure that we need to distinguish between generating IID with a PRNG (section 3.2.1) and with a hash function (section 3.2.2). At some level, the hash function is just a different way to build a PNRG. In both cases, you get a random string of bits, and then you have to use DAD and test for uniqueness. But then, if my purpose is to use a hash function as a PNRG, then hash(random secret, counter++) would work just as well as the complex generation presented in 3.2.1. My suggestion is to combine the two sections, and present the hash as just an alternative way to obtain random numbers, e.g. on devices that do not have access to a good PRNG. Section 3.3 discusses generation of temporary addresses. The trigger event appears to be, learning a new prefix in a new RA. That's fine, but that's not the only case: another trigger could be, bringing up an application that requires a separate address context. Section 3.3 discusses the life time of addresses. There is a related question of intermittent connectivity. Suppose a node oscillates between two access points A and B. Should it get a new set of addresses each time it goes back to A, or just reuse the address it was using a few seconds before? This relates to address life time, and to connection strategies. It also has potential implications, e.g. rogue RA triggering hosts to reuse an old address in a new context and enabling tracking. Section 4 describes the potential need for registration of a PTR record for the temporary address. That seems really counter productive. I wonder about the statement that "Some servers refuse to grant access to clients for which no DNS name exists." Isn't it the case that applications in that category should just use the non-temporary address? SMTP MTA for example may want to do that; I don't know many other applications with that constraint. -- Christian Huitema
- Review of draft-ietf-6man-rfc4941bis-01 Christian Huitema
- Re: Review of draft-ietf-6man-rfc4941bis-01 Fernando Gont
- Re: Review of draft-ietf-6man-rfc4941bis-01 Christian Huitema
- Re: Review of draft-ietf-6man-rfc4941bis-01 Fernando Gont