Re: [Pidloc] PIdLoc Webex

Dino Farinacci <> Fri, 07 December 2018 19:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E5C71130E96 for <>; Fri, 7 Dec 2018 11:46:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id sFHbPvM3tNAQ for <>; Fri, 7 Dec 2018 11:46:05 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::12c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0E62A1200D7 for <>; Fri, 7 Dec 2018 11:46:05 -0800 (PST)
Received: by with SMTP id a6so8837883itl.4 for <>; Fri, 07 Dec 2018 11:46:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=l8Um04/TC6rFlFBQtzmhTQmVmAzOkdTE2ggOvaHJlJE=; b=A2ub8oC/5sXrNMttivpZnzWDu0LXeiDCkOF4u9pSC43MJsdB6F0FP9Ot1x4iZ9V3cd xIXzzfTWMtlQ+nB6tIyb7za8qk12KsQMncliU3UQXijCQ4166dtdy4onrPPNo4KlJKCd Z0i53kwzOoo4lFZotE6Igg9MKURyA1id4lCB6xGWHzAL1BazMUG4cJhMDH+jT0xPO4d6 f/WijK1M+4sMVs/uurk0rAqP04WwM7tCAbIOb3w/nFr3GgP1YArF7HEzODw0OYWV2Yg0 +UM3br9JrwdWVeJ3NtqqwqyWFM971n0EDG+vBSTULIA6uTWdrUgosHAqpGF7QwdodFpI Dbcg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=l8Um04/TC6rFlFBQtzmhTQmVmAzOkdTE2ggOvaHJlJE=; b=tjN+3NnBteFVm5p8aMJRCWTyeLf4ZMxbY2NSXGSt8+h5xzLkdjMGP4B/7u/f+99utJ gD8tGFqyKoY9jcnuzKUx8KmOUTcvDWuK7JnUXTQ+rJHpwNFa89fBeBCvt3wW+1/cBYrZ 5rmkANx+gp0m9M2MuiP41SW8kA5AAWswmii/6lQoAQhsvVMFDBFqJHJD5K/azx3nbgYv nAn4ht9ZfijIZ+V4WTe785SKrfeu6R25jvWy+zdKAVt3eiS6WSlocg/K6N+2smGKIyHP 6dD2lF3CN5gsg8WaI8AJ4SjNmkOrBTNhGo+Fp5PA/h8kyti5d0QVIIWa4RAFVN6mz5t2 DoTw==
X-Gm-Message-State: AA+aEWbN1tX/nR8SWqFlOGT3AEI7+BAFCs1tKETQ0egUoOnnaUrzxIAg CKkaZyFEHaSYoLdoz0Bsudg=
X-Google-Smtp-Source: AFSGD/Wi8vJ836jlQOfY3PRLyN02YGdzaMk6W3uySP1CXyIZo4L2cIWtKRC1pCuVR3lYjeQDZ2DpDw==
X-Received: by 2002:a02:7e5d:: with SMTP id h90mr3097664jac.106.1544211964285; Fri, 07 Dec 2018 11:46:04 -0800 (PST)
Received: from [] ([]) by with ESMTPSA id u126sm2071949ita.1.2018. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 07 Dec 2018 11:46:03 -0800 (PST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Dino Farinacci <>
In-Reply-To: <>
Date: Fri, 7 Dec 2018 11:45:56 -0800
Cc:, RJ Atkinson <>, Saleem Bhatti <>, Shunsuke Homma <>, Behcet Sarikaya <>, Luigi Iannone <>,,
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <FRAPR01MB0801A22EEC0D55414EFFEC2ED1D00@FRAPR01MB0801.DEUPRD01.PROD.OUTLOOK.DE> <FRAPR01MB0801CDFD28647B7A02D700D2D1D00@FRAPR01MB0801.DEUPRD01.PROD.OUTLOOK.DE> <FRAPR01MB0801A452C8111F16940D4D65D1D10@FRAPR01MB0801.DEUPRD01.PROD.OUTLOOK.DE> <FRAPR01MB080121A9C90A6F78BBD7E4B7D1AF0@FRAPR01MB0801.DEUPRD01.PROD.OUTLOOK.DE> <> <> <> <> <> <> <> <> <> <> <> <>
To: Tom Herbert <>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
Subject: Re: [Pidloc] PIdLoc Webex
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 07 Dec 2018 19:46:07 -0000

Sorry, looking at the entire network, and how it works, scales, and what the cost of privacy is critical to evaluate. Just looking at it from the app end-systesm isn't looking at the details to *really* make the entire system work.


> On Dec 7, 2018, at 11:31 AM, Tom Herbert <> wrote:
> On Fri, Dec 7, 2018 at 11:08 AM Dino Farinacci <> wrote:
>>> Yes, the network should assign ephemeral addresses. Scaling this so
>>> that hosts can use a different address per connection is the problem
>>> that ensues.
>> For the outer (or only header), you cannot get assigned ephemeral addresses. They need to be provider-assigned addresses so routing deeper in the network can aggregate such addresses into coarser prefixes.
>> And note ISPs want to use uRPF so another reason for provider-assigned addresses. The best way to solve the *entire* problem is to tunnel with encryption from a point inside the ISP. Then the outer addresses are coarsified and the inner addresses are obfuscated.
>> You could solve some of the problem with ILA but you need to keep translating the packet as it goes to the destination. And that will be hard to debug since it breaks traceroute.
> You are convoluting the behavior of internal network operations with
> the externally visible behavior. Think of it this way, we have end
> hosts and we have Internet servers. The desired property wrt privacy
> is that any host can use an untrackable source address per connection
> to talk to any Internet servers. Servers on the Internet should not be
> able to draw any correlation between any two flows, nor should they be
> able to deduce geographic location with any accuracy. End hosts and
> server only see these assigned addresses. They don't know about
> mapping systems, underlays, encapsulation, or what the addresses mean
> other. All they know is that the addresses than they identify a
> communicating node and are routable in IP packets over the Internet to
> some service provider. It is up to the network provider to support
> this using mechanisms that scale, but the details of that are not
> relevant to privacy as long as the desired external behavior is met
> and privacy is maintained.
> Tom
>> Dino