IETF Logo Mail Archive

Re: [tcpm] New Version Notification for draft-williams-exp-tcp-host-id-opt-03.txt

"Eggert, Lars" <lars@netapp.com> Tue, 13 May 2014 16:30 UTC

Return-Path: <lars@netapp.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E7341A0126 for <tcpm@ietfa.amsl.com>; Tue, 13 May 2014 09:30:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.553
X-Spam-Level:
X-Spam-Status: No, score=-2.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2yLS2W0dwC78 for <tcpm@ietfa.amsl.com>; Tue, 13 May 2014 09:30:33 -0700 (PDT)
Received: from mx11.netapp.com (mx11.netapp.com [216.240.18.76]) by ietfa.amsl.com (Postfix) with ESMTP id A40D41A00DD for <tcpm@ietf.org>; Tue, 13 May 2014 09:30:33 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.97,1044,1389772800"; d="asc'?scan'208";a="122859856"
Received: from vmwexceht01-prd.hq.netapp.com ([10.106.76.239]) by mx11-out.netapp.com with ESMTP; 13 May 2014 09:30:27 -0700
Received: from SACEXCMBX01-PRD.hq.netapp.com ([169.254.2.246]) by vmwexceht01-prd.hq.netapp.com ([10.106.76.239]) with mapi id 14.03.0123.003; Tue, 13 May 2014 09:30:27 -0700
From: "Eggert, Lars" <lars@netapp.com>
To: Joe Touch <touch@isi.edu>
Thread-Topic: [tcpm] New Version Notification for draft-williams-exp-tcp-host-id-opt-03.txt
Thread-Index: AQHPZIO1u/26rztc9k+fT3iqOb4u6Jsq/h4AgA3Y3ICABcuAAIAAhgQAgAAVGoA=
Date: Tue, 13 May 2014 16:30:26 +0000
Message-ID: <48454865-68C8-4F93-BF64-D9F05C53DB6A@netapp.com>
References: <20140430142220.21274.18191.idtracker@ietfa.amsl.com> <53610C3B.6070006@akamai.com> <B98116CE-28AA-4A50-87F3-EF90967CCBBC@netapp.com> <53614C68.8040301@mti-systems.com> <536CEA0D.1040101@akamai.com> <6605BCC3-034D-417C-8B6D-F701F4585887@netapp.com> <537236EC.4090908@isi.edu>
In-Reply-To: <537236EC.4090908@isi.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.122.105.28]
Content-Type: multipart/signed; boundary="Apple-Mail=_91ED03DA-F428-4901-84B8-23B1B730CD3D"; protocol="application/pgp-signature"; micalg="pgp-sha1"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tcpm/v9y3ZRUP_GGoIvZ4M9ISbxOJ8i8
Cc: "tcpm@ietf.org" <tcpm@ietf.org>
Subject: Re: [tcpm] New Version Notification for draft-williams-exp-tcp-host-id-opt-03.txt
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 May 2014 16:30:35 -0000

Hi,

On 2014-5-13, at 17:14, Joe Touch <touch@isi.edu> wrote:
> It would be more useful for the iETF to take positions on devices that undermine its architecture (e.g., NATs) and protocols that are deployed against current technical advice (CUBIC).

We're getting off-topic here, but what "current technical advice" is Cubic violating? 

It's not an IETF standard, and it's on by default in Linux and that's not so nice, but it doesn't seem to be have serious flaws (anymore). So while I wish there was an ID we could progress (and I have it on my list to talk to Injong and get his OK for someone else to carry the torch), I think you're overstating things.

>> and that we are taking engineering steps to protect privacy. (See http://www.ietf.org/blog/2013/11/ for example.)
> 
> The IESG Chair's report on the conclusion of community discussion specifically addressed the use of this document to block other docs:

The text you quoted is entirely about what ADs should and should not do *during IESG processing*. I'm not an AD (anymore), and I am certainly free to make this argument as an individual *during a call for WG adoption*.

>> Having middleboxes tag flows with options that make identifying individuals easier goes directly against that stated goal.
> 
> First, we're talking about use of this option by middleboxes and endpoints that already change host IDs (not personal IDs).

Sure. But I don't see why this is relevant.

In some sense CGNs - as problematic as they are - actually increase privacy, because more users share an IP address. This document is about counteracting this increased privacy. And since we don't know by what mechanism these host IDs get set, and given that the document talks about potentially quite large ID namespace (32bits), you could actually identify things at a finer granularity than hosts.

> Second, this mechanism can easily be used to obfuscate the identification hosts, to re-group them in alternate ways.

How and by whom? Even if hosts end up setting it, it'll get stripped out or rewritten by an ISP middlebox that can set it based on subscriber information and current connection context.

> Finally, I sincerely hope this draft's process doesn't become the poster child of the process fears raised by the IESG Chair in approving perpass and recommending it as BCP.

So I actually hope it does. In my view, the reason that the text you quoted was entirely about the IESG process was to not have late surprises happen to stuff that are already WG documents or in IETF last call.

But that's not the case here. This is not a WG document, and using the BCP - that we have IETF consensus on - as an argument to not *start* problematic work is entirely reasonable. If not, what *can* we use that consensus BCP for? Feeling good about ourselves without actually doing anything?

Lars

v2.23.0 | Report a Bug | By Email