Re: [v6ops] I-D Action: draft-link-v6ops-6mops-00.txt
Tom Herbert <tom@herbertland.com> Tue, 05 March 2024 19:15 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FFC7C151986 for <v6ops@ietfa.amsl.com>; Tue, 5 Mar 2024 11:15:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W5PI0xU-rP4I for <v6ops@ietfa.amsl.com>; Tue, 5 Mar 2024 11:15:34 -0800 (PST)
Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85B61C151992 for <v6ops@ietf.org>; Tue, 5 Mar 2024 11:15:33 -0800 (PST)
Received: by mail-ed1-x529.google.com with SMTP id 4fb4d7f45d1cf-564647bcdbfso7045292a12.2 for <v6ops@ietf.org>; Tue, 05 Mar 2024 11:15:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland.com; s=google; t=1709666132; x=1710270932; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=MeIsmVroyx38kENKcuNoG+zDbfjVVP60X09oZO22B58=; b=RI9hY4e2mZT0Zo6FNeYI9zibun5BEaws3pGSOnV0s7r4vbvIJfhfFyBHQ8XVsSmh6u Ldm8Ff719lcEiSEYsBy3511zcrko7cC7Lf8Vi36DZLC1YO1LthwZn0Ct3biUltYo/asP LlzRp2sUENv10S2Z0GzFFb1BO2D25ps/7szyYQIaTWBxwPF8WKJgCO7yAR+pUtm/z6J2 6vaXcM8d9x1gwS5HHQK7HidC0FctEayJxm6Wpv5ITBmriBm0fenl5qZgjJSMRMWCGL0F rF5Zgneoo/jPSH6fbwfrvp9ZnaeIZnZFgentnVRccQSThL4SEZqx3Q2wdm8ET4yRC5k1 GXww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709666132; x=1710270932; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MeIsmVroyx38kENKcuNoG+zDbfjVVP60X09oZO22B58=; b=hYHBWhsMK12gDnzJk+8KMCpUBcXQ5lyw6KRqS3vsrT1l6Co//MaOcnRxp8URTo2AMN XKYJW1IeAmW1TiCXppdIEZ+PAWXWGJiRMsJrB6IYLeBEu27xsgNTypFMArAvB3wi2+Q7 5+/IljSHxsA0yzhiUISzbL0HszpPWQBE8WquA7+20Zvw8xfZjV6dvYvyTP0AW3qC27zn fbb31BUUfhbTvbVbxnTF+3HqmxpjvlfUwZDdPOS0aOihdWIeVi0LTxozjieLV0R1LfiV 3F0OKXSw05nRL+OCf+DgjU9px1VgNzIE6uSztupIN9exm1W1ZLr+C/h4d8iE4ulnd6gX EtXw==
X-Forwarded-Encrypted: i=1; AJvYcCVlG9O6ZHlEzkG4OXrOAOyTyy8lD44AeH3JhhXnSGlv6FUlAxlmiKcbdHK7ys6dz6ljI6JRQ8gcmbZ+IZ0vVw==
X-Gm-Message-State: AOJu0Yzsj58JJbeVKDALdTxsU2+QDSq67EDmy8cBZhGrr6AiLO8kgxFD +pv0qs0WLPmdGnr7eEtMVIN2VL6vx5koXvCEk741QtiWfF0Y6OuTtYHvllsvakxUfwzriQEIro0 bKHa9s/zZkfyuNVKyCkbzz8+q8ZPSkONlaISfZzs2Moy+Ku4gcQ==
X-Google-Smtp-Source: AGHT+IEgcc9c0FFlllclzL8mJjx/mJ+N3/nrfPR5+DXWfCgj+NPWBk6F9BlnK2PvbbVqDDxClZrb9SnosaOQ/hVGV48=
X-Received: by 2002:a05:6402:1e87:b0:565:1460:8447 with SMTP id f7-20020a0564021e8700b0056514608447mr9277120edf.28.1709666131742; Tue, 05 Mar 2024 11:15:31 -0800 (PST)
MIME-Version: 1.0
References: <170955522053.39685.10398176610934575947@ietfa.amsl.com> <d5cfd59b-6657-a212-66b4-5c907ee2a5b7@gmail.com> <CAFU7BARE6_ZDngaN5J4z4hUakFx+=6PUViS79dHByaSOgHmfdw@mail.gmail.com> <1973baa4-f6ed-696a-2935-952cb2806b00@gmail.com>
In-Reply-To: <1973baa4-f6ed-696a-2935-952cb2806b00@gmail.com>
From: Tom Herbert <tom@herbertland.com>
Date: Tue, 05 Mar 2024 11:15:20 -0800
Message-ID: <CALx6S36t7rRPe4u+OrgTWhmfn_9DhBFTJRMPA=g7=1YFnXCauw@mail.gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: Jen Linkova <furry13@gmail.com>, IPv6 Operations <v6ops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/6AL7_2EEB_7RbUjxe2VguysKjk4>
Subject: Re: [v6ops] I-D Action: draft-link-v6ops-6mops-00.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2024 19:15:38 -0000
On Tue, Mar 5, 2024 at 11:04 AM Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: > > On 05-Mar-24 14:29, Jen Linkova wrote: > > On Tue, Mar 5, 2024 at 12:17 PM Brian E Carpenter > > <brian.e.carpenter@gmail.com> wrote: > >> This draft is an excellent start. > > > > Thank you! > > > >> The security considerations seem a bit short. > > > > It's a side effect of the draft submission deadline ;) Will be fixed in -01 ;) > > > >>> This document does not introduce any privacy considerations > >> > >> Are we sure about that? For example, some people (not me) will claim > >> that the privacy benefits of NAT are lost for the IPv6-only hosts. > > > > If we compare the proposed design with a dual-stack approach, the > > privacy considerations are the same: > > - if the destination is a dual-stack (or IPv6-only) IPv6 will be used > > in both cases; > > - if the destination is IPv4-only, the traffic will go through NAT44 > > (dual-stack) or NAT64 (IPv6-mostly) > > > > Would adding a text that privacy considerations are inherited from a > > dual-stack design? > > What I realised when considering your question is that we have no generic > reference for IPv6 privacy considerations. RFC 7721 is specific to address > generation, RFC 7824 is specific to DHCPv6, RFC 8065 is specific to adaptation > layers, and that's about it. So I guess it is reasonable to say that "mostly" > adds no new privacy risks compared to dual stack, but the "only" hosts avoid > all IPv4-related risks and may benefit from IPv6-related protections such as > temporary addresses. > > The NAT lovers will disagree though, because they believe that NAT is a > privacy feature. Brian, It's less about being a NAT lover, but more just realizing that CGNAT offers better privacy in addressing that IPv6 without NAT (this has been confirmed by LE, https://www.internetsociety.org/blog/2018/03/cgn-ipv6-fighting-online-crime/). Tom > > Brian > > > > >> Is there any interaction with site policies (dis)allowing temporary > >> addresses? Any interaction with randomized MAC addresses? > > > > It's all existing in any other IPv6 deployment, right? Nothing > > specific to IPv6-mostly. I didn't consider enumerating all IPv6 > > privacy implications, but maybe I should.. > > > >> On 05-Mar-24 01:27, internet-drafts@ietf.org wrote: > >>> Internet-Draft draft-link-v6ops-6mops-00.txt is now available. > >>> > >>> Title: IPv6-Mostly Networks: Deployment and Operations Considerations > >>> Author: Jen Linkova > >>> Name: draft-link-v6ops-6mops-00.txt > >>> Pages: 16 > >>> Dates: 2024-03-04 > >>> > >>> Abstract: > >>> > >>> This document discusses an deployment scenario called "an IPv6-Mostly > >>> network", when IPv6-only and IPv4-enabled endpoints coexist on the > >>> same network (network segment, VLAN, SSID etc). > >>> > >>> The IETF datatracker status page for this Internet-Draft is: > >>> https://datatracker.ietf.org/doc/draft-link-v6ops-6mops/ > >>> > >>> There is also an HTML version available at: > >>> https://www.ietf.org/archive/id/draft-link-v6ops-6mops-00.html > >>> > >>> Internet-Drafts are also available by rsync at: > >>> rsync.ietf.org::internet-drafts > >>> > >>> > >>> _______________________________________________ > >>> I-D-Announce mailing list > >>> I-D-Announce@ietf.org > >>> https://www.ietf.org/mailman/listinfo/i-d-announce > >>> > >> > >> _______________________________________________ > >> v6ops mailing list > >> v6ops@ietf.org > >> https://www.ietf.org/mailman/listinfo/v6ops > > > > > > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops
- Re: [v6ops] I-D Action: draft-link-v6ops-6mops-00… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-link-v6ops-6mops-00… Jen Linkova
- Re: [v6ops] I-D Action: draft-link-v6ops-6mops-00… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-link-v6ops-6mops-00… Tom Herbert
- Re: [v6ops] I-D Action: draft-link-v6ops-6mops-00… Mark Smith