IETF Logo Mail Archive

Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>

Fernando Gont <fgont@si6networks.com> Sun, 22 May 2016 20:24 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71E1412D52A for <ipv6@ietfa.amsl.com>; Sun, 22 May 2016 13:24:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ke996HCDTUMz for <ipv6@ietfa.amsl.com>; Sun, 22 May 2016 13:24:24 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2AEF12D58F for <ipv6@ietf.org>; Sun, 22 May 2016 13:24:23 -0700 (PDT)
Received: from [100.68.225.77] (unknown [152.206.104.203]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 0B1DD80D8B; Sun, 22 May 2016 22:24:20 +0200 (CEST)
Subject: Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>
To: 神明達哉 <jinmei@wide.ad.jp>, Ole Troan <otroan@employees.org>
References: <20160428004904.25189.43047.idtracker@ietfa.amsl.com> <89CA2C18-AE61-4D40-8997-221201835944@gmail.com> <CAJE_bqdZ_D7jsDdWQ2FJpLH9cXveYfcye0W2J_mSi-7bYBrOKA@mail.gmail.com> <B849F263-9F99-48E8-B903-8FE7D2CDF277@cooperw.in> <CAJE_bqd1AWOuwvQcGzHg+dAWoump29g14HEA1BoVErXDXSMxaw@mail.gmail.com> <573BCFD0.8090801@si6networks.com> <CAJE_bqfKUbO7C6LnxOOUCVBU9e679_=159Yu6Ti0zhOGDuw98Q@mail.gmail.com> <A1111BEA-C14C-4574-9214-3D9B5500FEA1@cooperw.in> <CAKD1Yr23S4yHM=31VXTJq7t11P3__GEbbRhM0c085gBjQEGi-Q@mail.gmail.com> <19ae94cd-849f-0622-54bc-42cbad51368a@gmail.com> <CAKD1Yr1YN6SnUNp0HKqTNg6G0egkLveCOTG_7pHo9Zq3OFP4=g@mail.gmail.com> <a65c2157-044e-6207-314e-833313e5d458@gmail.com> <CAKD1Yr0e3NuLCFK2N35FymoQmx4UUH-83rkQxtUB1RJbwNzY9A@mail.gmail.com> <E13EFAE7-2191-4B19-957D-B7DBA78B6C78@employees.org> <CAJE_bqczeopdc2qRU2aiY9-+6zS3oKzhJVPWQyQHJ-k46Nr5KQ@mail.gmail.com>
From: Fernando Gont <fgont@si6networks.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <574210D2.9030903@si6networks.com>
Date: Sun, 22 May 2016 16:04:34 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <CAJE_bqczeopdc2qRU2aiY9-+6zS3oKzhJVPWQyQHJ-k46Nr5KQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/ufBUJb7aiWG_IFCniZQlFMqhOOA>
Cc: 6man WG <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 May 2016 20:24:34 -0000

Jinmei,

On 05/20/2016 12:04 PM, 神明達哉 wrote:
>>> Thus, I'm continuing to run my laptop with only an RFC4941
>>> address for a few days to see whether it has any negative impact
>>> at all. So far, so good.
>>> 
>>> Excellent! Now, if we can only make this draft stop saying that
>>> that you SHOULD NOT do that...  :-)
>> 
>> Everything has to be read in context. My reading of this document
>> is that it says what an implementation SHOULD do _iff_ a stable IID
>> is to be generated. It says nothing about what to do if a stable
>> IID is not required.
>> 
>> I find the current text quite clear on that, but clearly you
>> don't.
> 
> It's not clear to me either.  I commented on this exact point in my 
> first response to the last call.  Its followup discussion actually 
> confused me further: 
> http://www.ietf.org/mail-archive/web/ipv6/current/msg24391.html
> 
> In this discussion, I suggested "clarifying that this recommendation 
> is only for environments where address stability is needed".

FWIW, that's fine with me (including Lorenzo's suggestion of
"OPTIONAL"). The only thing I tried to note is that saying so goes
beyond the original intent of this ID: we were just improving stable
addresses, without saying any word regarding whether you should use
them, whether they are optional, or whatever.


>  The 
> response to that part of comment refers to a paragraph of the 
> introduction section:
> 
> The recommendations in this document apply only in cases where 
> implementations otherwise would have configured a stable IPv6 IID 
> containing a link layer address.  That is, this document does not 
> change any existing recommendations concerning the use of temporary 
> addresses as specified in [RFC4941], nor does it introduce any new 
> requirements regarding when stable addresses are to be configured. 
> Thus, the recommendations in this document simply improve the 
> security and privacy properties of stable addresses.
> 
> At least to me, this is not the same as "this recommendation is only 
> for environments where address stability is needed".

We were not saying that because the current specs say/assume that they
are always needed, and "changing" that was ging one step further. That
said, I'm not opposed to this document going that step further.


>  So I tried to 
> understand the actual intent with followup questions, but the 
> subsequent discussions only introduced more confusion for me
> (because of discussions on other points like whether using
> randomized link-layer address is "extremely bad").

That's orthogonal. Again, please read:
draft-gont-predictable-numeric-ids-00



>> Would it help with some sort of clearer applicability statement in 
>> this document? Can you propose text?
> 
> I've been unwilling to propose text as I didn't even understand the 
> authors' actual intent, but if it's actually that "it says what an 
> implementation SHOULD do _iff_ a stable IID is to be generated", I'd 
> suggest revising the above paragraph as follows:

Yes, that's the intent of this I-D (but please note my comment above
regarding the *current* specs assumming stable addresses are always there).



> The recommendations in this document apply only in cases where 
> implementations otherwise would have configured a stable IPv6 IID 
> containing a link layer address.  For example, this document does not
> change any existing recommendations concerning the use of temporary
> addresses as specified in [RFC4941], nor do the recommendations apply
> to cases where the link layer address is not stable (e.g., it is
> periodically randomized) in the first place, nor does it introduce
> any new requirements regarding when stable addresses are to be
> configured.

The root of this problem is reusing a link-yaer ID at layer-3. THat's
bad, and we have to recommend against that.

Brian already provided an example of IPv6/IPX traffic correlation... and
there could be other protocols reusing the MAC address which, even if
randomized, allows for correlation.

REusing IDs a different places, ifor different scopes, etc., is bad, and
is the root of all of this. Please check:
draft-gont-predictable-numeric-ids-00



> If the intent of this document is really just that it applies iff a 
> stable IID is to be generated and does not make any judgment on,
> e.g., use of randomized link-layer addresses, this proposed text
> shouldn't be a problem for anyone. 

We don't care about what you do at layer-2. Randomie as much as you
want. Just don't include layer-2 IDs in layer-3 IIDs.



> To be clear, I'm not particularly an advocator of the use of 
> randomized link-layer addresses.

I'm fine with layer-2 adddr randomization. Could even consider myself
and advocator of that (in a number of scenarios). HOwever, I'm against
reusing numeric IDs in different places, for the reasons stated above.

Thughts?

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email