IETF Logo Mail Archive

Re: [Madinas] I-D Action: draft-ietf-madinas-mac-address-randomization-10.txt

CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es> Wed, 21 February 2024 07:18 UTC

Return-Path: <cjbc@it.uc3m.es>
X-Original-To: madinas@ietfa.amsl.com
Delivered-To: madinas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F100DC17C8B0 for <madinas@ietfa.amsl.com>; Tue, 20 Feb 2024 23:18:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.005
X-Spam-Level:
X-Spam-Status: No, score=-7.005 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=it.uc3m.es
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5VAaeC5bCkej for <madinas@ietfa.amsl.com>; Tue, 20 Feb 2024 23:18:37 -0800 (PST)
Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8157C157927 for <madinas@ietf.org>; Tue, 20 Feb 2024 23:18:37 -0800 (PST)
Received: by mail-lj1-x22d.google.com with SMTP id 38308e7fff4ca-2d24a727f78so17792031fa.0 for <madinas@ietf.org>; Tue, 20 Feb 2024 23:18:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=it.uc3m.es; s=google; t=1708499915; x=1709104715; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=B18+85BizqDRhy+Fqwsi35Ua4x5iM51Y513qPPGrtPc=; b=qjesq5m18tCzXEIy6jUcV/OiFGt1f4tbrzAs+QJhZdXEQJmqd2v5lgl/6azq17xjG+ 8UY+UUEfG1KLJGtWiQIA4LrrR2R8qJHnhIMT/AoHxzOYGxzbSyL61g5oruZl2bK1Ghos udstXAArwM29y4Dg/Ltmtr4cMgfKpqAksaHY/Y3lmkefwFkqYzAWPrZUlf18LyJmhl7S fBQxLcHtSfa/RU7jW3bx9E6rY5/NjOfv6Oin0pEs5OVs8XIS+tS4x9dMLrcBUbVXW2O4 4JHT4PBMYVS7j5uu0Jmd+1BKUXzUIQrz8I5rBT9Z11xiLYPX1CKG3kCuCN/lIJXNSnNS H9ew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708499915; x=1709104715; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=B18+85BizqDRhy+Fqwsi35Ua4x5iM51Y513qPPGrtPc=; b=uI2104fIgjTUE+BLUqUWCyYyfiAM7rtPGB8o80yrYWuTLcFyqj7zvQ2oX1OWledoSM LWHKHuMCz76oqx4KDwpTASDXpWTG1P/dSzUOr4wPAwexBsGSuOd4F60LjSTK7QNepK7g 8u3fRhDCuTbU16nbEakjFZb6HABPz/JpVUXfirjZ2ztcYQuHVfPDU2wJr1Sr4YjhnEB6 Ca4eG+nX3uZV78meONPvZTRO5quhsyfDqfKn2Fg/FYh1nVTDcDREVbk8HAOWUBHUDDX3 EB0H1rNqWWYAVgjHJW5KPUZlKcmFq6vYGXBF5By17Ld43avaEQCQDj8YY7PDxZNYMOHQ s1iQ==
X-Gm-Message-State: AOJu0YzsIgH+3lHlpw/TdWEotkDcbNGWz/oJDQBb2eGPbWohSfrEsiry rnOgFzzXX8slxU/IY1uv2FJiqeXTocqls8B731YuVDWqJo6XkzYHFyDbIohgDyj5KYfuKUcKFpd oL5zQQty+tHFNbCd07z3SNe8hJyYnHFTvHPd9qw==
X-Google-Smtp-Source: AGHT+IGbRlSCg2z0KCowju6gJ06O8LYsnx9ySKOv8e0Vc5qs/Xb4YdGHLd5Pw2igCHU2W5ym7UtZpaYjU4p/zNvtS/c=
X-Received: by 2002:a2e:a697:0:b0:2d2:2c3e:70e with SMTP id q23-20020a2ea697000000b002d22c3e070emr8583343lje.4.1708499915333; Tue, 20 Feb 2024 23:18:35 -0800 (PST)
MIME-Version: 1.0
References: <170497095275.13340.12464306135239574020@ietfa.amsl.com> <E8162B32-363A-4B7C-86D6-5D7B2AD1F03E@gmail.com> <CALypLp-2cuBo-4t=Fu6F2y0DqOjsy3_vqhdYfzyJiEraVZi0xQ@mail.gmail.com> <FCE4EEAF-D7BC-49F5-94AA-80D6D9E286B0@gmail.com>
In-Reply-To: <FCE4EEAF-D7BC-49F5-94AA-80D6D9E286B0@gmail.com>
From: CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es>
Date: Wed, 21 Feb 2024 08:18:18 +0100
Message-ID: <CALypLp9usT2b8U4qxjr=QRixvwTHhNwFi6B5i_fZ+HxdK7OpgQ@mail.gmail.com>
To: Bob Hinden <bob.hinden@gmail.com>
Cc: madinas@ietf.org
Content-Type: multipart/alternative; boundary="0000000000008d7e7d0611df2217"
Archived-At: <https://mailarchive.ietf.org/arch/msg/madinas/50USQEjI8rkxI-CEP-JX3iWwmu8>
Subject: Re: [Madinas] I-D Action: draft-ietf-madinas-mac-address-randomization-10.txt
X-BeenThere: madinas@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: MAC Address Device Identification for Network and Application Services <madinas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/madinas>, <mailto:madinas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/madinas/>
List-Post: <mailto:madinas@ietf.org>
List-Help: <mailto:madinas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/madinas>, <mailto:madinas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2024 07:18:42 -0000

Hi Bob, all,

We have just posted a new version addressing your comments.

Thanks!

Carlos

On Sat, Jan 13, 2024 at 8:46 PM Bob Hinden <bob.hinden@gmail.com> wrote:

> Thanks
> Bob
>
>
>
> On Jan 12, 2024, at 12:33 PM, CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es>
> wrote:
>
> Hi Bob,
>
> Sorry, I think I overlooked your previous comment. I'll update the draft
> next week.
>
> Thanks!
>
> Carlos
>
> On Fri, Jan 12, 2024 at 1:38 AM Bob Hinden <bob.hinden@gmail.com> wrote:
>
>> I believe I made similar comments a while back.   Repeating myself.
>>
>> 6. MAC randomization-related activities at the IETF
>>
>> This title is ambiguous (and Section 4 and 5 the same problem).   “at the
>> IETF” sounds like at an IETF meeting and “activities” isn’t clear.
>> Protocols are not “activities”   This should be something like:
>>
>>           MAC randomization in IETF Protocol Standards
>>
>> The text in this section starts with:
>>
>> Several IP address assignment mechanisms such as the IPv6 stateless
>> autoconfiguration techniques (SLAAC) [RFC4862] generate the Interface
>> Identifier (IID) of the address from its MAC address (via EUI64), which
>> then becomes visible to all IPv6 communication peers. This potentially
>> allows for global tracking of a device at L3 from any point on the
>> Internet. Besides, the prefix part of the address provides meaningful
>> insights of the physical location of the device in general, which together
>> with the MAC address-based IID, makes it easier to perform global device
>> tracking.
>>
>>
>> This is wrong and out dated.   RFC 8064 "Recommendation on Stable IPv6
>> Interface Identifiers” published in 2017 formally updated IPv6 IID
>> selection to prefer RFC 7217 IIDs and recommends against embedding stable
>> link-layer address in IPv6 IIDS.
>>
>> This section needs a serious rewrite.
>>
>> Today, I also noted in third paragraph of this section a reference to
>> [RFC4191].  The text is:
>>
>> [RFC4191] identifies and describes the privacy issues associated with
>> embedding MAC stable addressing information into the IPv6 addresses (as
>> part of the IID) and describes some mechanisms to mitigate the associated
>> problems.
>>
>>
>> RFC4191 is "Default Router Preferences and More-Specific Routes”.  This
>> has nothing to do with embedding MAC stable addresss.
>>
>> Bob
>>
>>
>> On Jan 11, 2024, at 3:02 AM, internet-drafts@ietf.org wrote:
>>
>> Internet-Draft draft-ietf-madinas-mac-address-randomization-10.txt is now
>> available. It is a work item of the MAC Address Device Identification for
>> Network and Application Services (MADINAS) WG of the IETF.
>>
>>   Title:   Randomized and Changing MAC Address state of affairs
>>   Authors: Juan Carlos Zuniga
>>            Carlos J. Bernardos
>>            Amelia Andersdotter
>>   Name:    draft-ietf-madinas-mac-address-randomization-10.txt
>>   Pages:   18
>>   Dates:   2024-01-11
>>
>> Abstract:
>>
>>   Internet privacy has become a major concern over the past few years.
>>   Users are becoming more aware that their online activity leaves a
>>   vast digital footprint, that communications are not always properly
>>   secured, and that their location and actions can be easily tracked.
>>   One of the main factors for the location tracking issue is the wide
>>   use of long-lasting identifiers, such as MAC addresses.
>>
>>   There have been several initiatives at the IETF and the IEEE 802
>>   standards committees to overcome some of these privacy issues.  This
>>   document provides an overview of these activities, with the intention
>>   to inform the technical community about them, and help coordinate
>>   between present and future standardization activities.
>>
>> The IETF datatracker status page for this Internet-Draft is:
>>
>> https://datatracker.ietf.org/doc/draft-ietf-madinas-mac-address-randomization/
>>
>> There is also an HTMLized version available at:
>>
>> https://datatracker.ietf.org/doc/html/draft-ietf-madinas-mac-address-randomization-10
>>
>> A diff from the previous version is available at:
>>
>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-madinas-mac-address-randomization-10
>>
>> Internet-Drafts are also available by rsync at:
>> rsync.ietf.org::internet-drafts
>>
>>
>> --
>> Madinas mailing list
>> Madinas@ietf.org
>> https://www.ietf.org/mailman/listinfo/madinas
>>
>>
>> --
>> Madinas mailing list
>> Madinas@ietf.org
>> https://www.ietf.org/mailman/listinfo/madinas
>>
>
>

v2.23.0 | Report a Bug | By Email