Re: [Spud] Fwd: New Version Notification for draft-herbert-transports-over-udp-00.txt

["Scharf, Michael (Nokia - DE)" <michael.scharf@nokia.com>]

> We assume that strong security must be applied, so unlike MP-TCP the
> transport headers are encrypted and the only information sent in plain
> text is the session identifier (serving as an SPI) and DTLS headers.
> In the case of a connection surviving across NAT remapping an attacker
> could observe that the connection has been remapped, but that reveals
> no new information about the connection than it had previously except
> that the it was remapped by an intermediate device. That does
> potentially reveal information about the NAT device, for instance it
> could probably ascertain the timeout, but I don't know how useful that
> would be in and it could probably be determined by other means.

I am not sure who would care so much about the NAT device. But, e.g., what about the privacy impact on users of cascaded NATs or some form of onion routing (e.g. TOR-like)?

(Disclaimer: I am not an expert for those, so I apologize if I miss something here.)

> But even given that, yes, I would prefer that anything that identifies
> flows on the network (UDP tuples, session identifiers, flow labels) is
> periodically rotated to reduce the ability of intermediate nodes to
> track my flows over long periods of time. The protocol to negotiate a
> new session identifier can be implemented in the encrypted portion of
> the packet. To change the UDP tuple a client can pick a different
> ephemeral source port (in userspace sockets implementation this would
> close one socket and create a new and do a connect without explicit
> bind).

Well, "periodic rotation" rotation can mean a lot, including 10 years or so. What order of magnitude would you suggest? 

Michael