IETF Logo Mail Archive

Re: [Madinas] I-D Action: draft-ietf-madinas-mac-address-randomization-10.txt

Bob Hinden <bob.hinden@gmail.com> Wed, 21 February 2024 15:51 UTC

Return-Path: <bob.hinden@gmail.com>
X-Original-To: madinas@ietfa.amsl.com
Delivered-To: madinas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6D3EC1519A7 for <madinas@ietfa.amsl.com>; Wed, 21 Feb 2024 07:51:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EsArLg-FUeDl for <madinas@ietfa.amsl.com>; Wed, 21 Feb 2024 07:51:31 -0800 (PST)
Received: from mail-yw1-x1136.google.com (mail-yw1-x1136.google.com [IPv6:2607:f8b0:4864:20::1136]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE90CC1519A6 for <madinas@ietf.org>; Wed, 21 Feb 2024 07:51:31 -0800 (PST)
Received: by mail-yw1-x1136.google.com with SMTP id 00721157ae682-60495209415so66240587b3.3 for <madinas@ietf.org>; Wed, 21 Feb 2024 07:51:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708530691; x=1709135491; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=1iMUcrIrd9nJDyMv+p5uLRXokWyLUkrAYv+sPYS9UVs=; b=AE5pJdBZZkvFSJyQZqk/Hqkev//sLIbQ1AYZFuNvehW6kuEzZIZOAWAGDOxLguXgMz Py/jIlShc/QylOjx6GtuT8qyDT20gNhicWuf9ZoO8qnO26miScPQ6BzRtZmSaZnKxNwC T47U9rLNfF1y2nGgo5vYpZa7sFa46CY81KLBuVCP0scQkSTVAUsuHeReEjVuUiYsl2Ri Z3rayb43REOZpja+ywf+6r42Qvqms6z+dCQQsS1mxo4HzOYt+tWq6ukenC5kjsIwHEUg 92rLcjo2mnPzmcECqyDXTkgWxEhpIyV6U8syPYEN9MlGncdPbfchVOsPdv+FrScBCpOx ZgXQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708530691; x=1709135491; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=1iMUcrIrd9nJDyMv+p5uLRXokWyLUkrAYv+sPYS9UVs=; b=iDxobEiODJypEjYursdGNnMT97hwu1kQpz5SVQ/ds2TnmPKCU+vL/TfLZPL5yMiRli /Y+4BPNhJJsHhG7meYXXtNEuYIX8tHFhGx24TyKUxHisGUwPekKTdAIW2/YkJJDRoYw1 VfuA67H9Vexw0VvHYr01bCwJ+WsU9CVbPEmcFYrLXDlSWGIsFl9P8Sml/UYYwBmI3y66 91vYRNiXhH5kXw55tdnFw7MbjTvFO6mRLwOw7CPNeZOFiHOJ3ArNtog7bmNyHfvdtQdU ot79PSum1zENSjrOqH8V2gkownhY1EPK5cG0zgkdxreuUWpolud8U8L7DXeAWBRL1WuL K1ww==
X-Forwarded-Encrypted: i=1; AJvYcCWgMnYsszbI9tXp0K/jhZO9EYmFMsybN4+N3UhtvFt//VmTKBlgwfmPseL4l2ZGFlndz6l2HxDM9qb/Sow3/RbH
X-Gm-Message-State: AOJu0Yz6SLh3hzmYNyHW84V9xTGDmuCsumxOLXDMCNCJJPVfwBIJWsv4 BNS00q4XwGY1gajqjr4nzWWUZ4qfJN3IGC+ILRqyK94fD4fOuYDZ
X-Google-Smtp-Source: AGHT+IHJQdEeBgfGMcPyXg++DUC4ZQsoolSag4cbfWh2u8cFCt60ugFNB6DslgtN4tLNgD4fOmwXyA==
X-Received: by 2002:a81:b3c7:0:b0:607:9a30:3428 with SMTP id r190-20020a81b3c7000000b006079a303428mr15394762ywh.36.1708530690731; Wed, 21 Feb 2024 07:51:30 -0800 (PST)
Received: from smtpclient.apple (99-31-208-116.lightspeed.sntcca.sbcglobal.net. [99.31.208.116]) by smtp.gmail.com with ESMTPSA id n3-20020a0de403000000b0060493d50392sm2618637ywe.103.2024.02.21.07.51.30 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Feb 2024 07:51:30 -0800 (PST)
From: Bob Hinden <bob.hinden@gmail.com>
Message-Id: <8723B276-C0C6-4925-B375-80BB2C0720BB@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_0A53168D-4AFB-4820-B7B1-C23C6B951B4B"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
Date: Wed, 21 Feb 2024 07:51:08 -0800
In-Reply-To: <CALypLp9usT2b8U4qxjr=QRixvwTHhNwFi6B5i_fZ+HxdK7OpgQ@mail.gmail.com>
Cc: Bob Hinden <bob.hinden@gmail.com>, madinas@ietf.org
To: CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es>
References: <170497095275.13340.12464306135239574020@ietfa.amsl.com> <E8162B32-363A-4B7C-86D6-5D7B2AD1F03E@gmail.com> <CALypLp-2cuBo-4t=Fu6F2y0DqOjsy3_vqhdYfzyJiEraVZi0xQ@mail.gmail.com> <FCE4EEAF-D7BC-49F5-94AA-80D6D9E286B0@gmail.com> <CALypLp9usT2b8U4qxjr=QRixvwTHhNwFi6B5i_fZ+HxdK7OpgQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3774.400.31)
Archived-At: <https://mailarchive.ietf.org/arch/msg/madinas/1twPIkXkwbNa05Zg62xjnYgVaz4>
Subject: Re: [Madinas] I-D Action: draft-ietf-madinas-mac-address-randomization-10.txt
X-BeenThere: madinas@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: MAC Address Device Identification for Network and Application Services <madinas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/madinas>, <mailto:madinas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/madinas/>
List-Post: <mailto:madinas@ietf.org>
List-Help: <mailto:madinas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/madinas>, <mailto:madinas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2024 15:51:32 -0000

Carlos,

Thanks, I will take a look.

Bob


> On Feb 20, 2024, at 11:18 PM, CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es> wrote:
> 
> Hi Bob, all,
> 
> We have just posted a new version addressing your comments.
> 
> Thanks!
> 
> Carlos
> 
> On Sat, Jan 13, 2024 at 8:46 PM Bob Hinden <bob.hinden@gmail.com <mailto:bob.hinden@gmail.com>> wrote:
>> Thanks
>> Bob
>> 
>> 
>> 
>>> On Jan 12, 2024, at 12:33 PM, CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es <mailto:cjbc@it.uc3m.es>> wrote:
>>> 
>>> Hi Bob,
>>> 
>>> Sorry, I think I overlooked your previous comment. I'll update the draft next week.
>>> 
>>> Thanks!
>>> 
>>> Carlos
>>> 
>>> On Fri, Jan 12, 2024 at 1:38 AM Bob Hinden <bob.hinden@gmail.com <mailto:bob.hinden@gmail.com>> wrote:
>>>> I believe I made similar comments a while back.   Repeating myself.
>>>> 
>>>> 6. MAC randomization-related activities at the IETF
>>>> 
>>>> This title is ambiguous (and Section 4 and 5 the same problem).   “at the IETF” sounds like at an IETF meeting and “activities” isn’t clear.  Protocols are not “activities”   This should be something like:
>>>> 
>>>>           MAC randomization in IETF Protocol Standards
>>>> 
>>>> The text in this section starts with:
>>>> 
>>>> Several IP address assignment mechanisms such as the IPv6 stateless autoconfiguration techniques (SLAAC) [RFC4862] generate the Interface Identifier (IID) of the address from its MAC address (via EUI64), which then becomes visible to all IPv6 communication peers. This potentially allows for global tracking of a device at L3 from any point on the Internet. Besides, the prefix part of the address provides meaningful insights of the physical location of the device in general, which together with the MAC address-based IID, makes it easier to perform global device tracking.
>>>> 
>>>> This is wrong and out dated.   RFC 8064 "Recommendation on Stable IPv6 Interface Identifiers” published in 2017 formally updated IPv6 IID selection to prefer RFC 7217 IIDs and recommends against embedding stable link-layer address in IPv6 IIDS.
>>>> 
>>>> This section needs a serious rewrite.
>>>> 
>>>> Today, I also noted in third paragraph of this section a reference to [RFC4191].  The text is:
>>>> 
>>>> [RFC4191] identifies and describes the privacy issues associated with embedding MAC stable addressing information into the IPv6 addresses (as part of the IID) and describes some mechanisms to mitigate the associated problems.
>>>> 
>>>> RFC4191 is "Default Router Preferences and More-Specific Routes”.  This has nothing to do with embedding MAC stable addresss.
>>>> 
>>>> Bob
>>>> 
>>>> 
>>>>> On Jan 11, 2024, at 3:02 AM, internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> wrote:
>>>>> 
>>>>> Internet-Draft draft-ietf-madinas-mac-address-randomization-10.txt is now
>>>>> available. It is a work item of the MAC Address Device Identification for
>>>>> Network and Application Services (MADINAS) WG of the IETF.
>>>>> 
>>>>>   Title:   Randomized and Changing MAC Address state of affairs
>>>>>   Authors: Juan Carlos Zuniga
>>>>>            Carlos J. Bernardos
>>>>>            Amelia Andersdotter
>>>>>   Name:    draft-ietf-madinas-mac-address-randomization-10.txt
>>>>>   Pages:   18
>>>>>   Dates:   2024-01-11
>>>>> 
>>>>> Abstract:
>>>>> 
>>>>>   Internet privacy has become a major concern over the past few years.
>>>>>   Users are becoming more aware that their online activity leaves a
>>>>>   vast digital footprint, that communications are not always properly
>>>>>   secured, and that their location and actions can be easily tracked.
>>>>>   One of the main factors for the location tracking issue is the wide
>>>>>   use of long-lasting identifiers, such as MAC addresses.
>>>>> 
>>>>>   There have been several initiatives at the IETF and the IEEE 802
>>>>>   standards committees to overcome some of these privacy issues.  This
>>>>>   document provides an overview of these activities, with the intention
>>>>>   to inform the technical community about them, and help coordinate
>>>>>   between present and future standardization activities.
>>>>> 
>>>>> The IETF datatracker status page for this Internet-Draft is:
>>>>> https://datatracker.ietf.org/doc/draft-ietf-madinas-mac-address-randomization/
>>>>> 
>>>>> There is also an HTMLized version available at:
>>>>> https://datatracker.ietf.org/doc/html/draft-ietf-madinas-mac-address-randomization-10
>>>>> 
>>>>> A diff from the previous version is available at:
>>>>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-madinas-mac-address-randomization-10
>>>>> 
>>>>> Internet-Drafts are also available by rsync at:
>>>>> rsync.ietf.org::internet-drafts
>>>>> 
>>>>> 
>>>>> -- 
>>>>> Madinas mailing list
>>>>> Madinas@ietf.org <mailto:Madinas@ietf.org>
>>>>> https://www.ietf.org/mailman/listinfo/madinas
>>>> 
>>>> -- 
>>>> Madinas mailing list
>>>> Madinas@ietf.org <mailto:Madinas@ietf.org>
>>>> https://www.ietf.org/mailman/listinfo/madinas
>>

v2.23.0 | Report a Bug | By Email