[Pearg] IPv6 vs. IPv4 in anti-abuse ("Anti-fraud and abuse" by Theodorakis, Pfeiffenberger and Turner)

Fernando Gont <fgont@si6networks.com> Tue, 19 January 2021 21:30 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 8878A3A17A4 for <pearg@ietfa.amsl.com>; Tue, 19 Jan 2021 13:30:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id wHQpX16Zceuk for <pearg@ietfa.amsl.com>; Tue, 19 Jan 2021 13:30:28 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA87E3A179E for <pearg@irtf.org>; Tue, 19 Jan 2021 13:30:25 -0800 (PST)
Received: from [IPv6:2800:810:464:2b9:5caf:a279:f542:e8f7] (unknown [IPv6:2800:810:464:2b9:5caf:a279:f542:e8f7]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id A8658284EE5; Tue, 19 Jan 2021 21:30:22 +0000 (UTC)
To: "pearg@irtf.org" <pearg@irtf.org>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <d965bbc6-9a8c-b807-75ac-22090fc196ac@si6networks.com>
Date: Tue, 19 Jan 2021 17:44:48 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/Yl18b9F7gnt_EaKxOJythX92rvc>
Subject: [Pearg] IPv6 vs. IPv4 in anti-abuse ("Anti-fraud and abuse" by Theodorakis, Pfeiffenberger and Turner)
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jan 2021 21:30:33 -0000


Just bringing this question to the mailing-list as we ran out of time 
for more discussion:

How anti-abuse changes (if it does) when talking about IPv6?

You can certainly assume a user has been assigned a /64, but the user 
could also get anything ranging from /48 to /64... and I'm told some VPS 
providers give their "users" a single IPv6 address (/128).

Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492