Re: [v6ops] Alissa Cooper's Discuss on draft-ietf-v6ops-unique-ipv6-prefix-per-host-12: (with DISCUSS)
Alexandre Petrescu <alexandre.petrescu@gmail.com> Sat, 14 October 2017 10:00 UTC
Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82286132CE7 for <v6ops@ietfa.amsl.com>; Sat, 14 Oct 2017 03:00:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.632
X-Spam-Level:
X-Spam-Status: No, score=-2.632 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6QtyFZBXe0Go for <v6ops@ietfa.amsl.com>; Sat, 14 Oct 2017 03:00:17 -0700 (PDT)
Received: from oxalide-smtp-out.extra.cea.fr (oxalide-smtp-out.extra.cea.fr [132.168.224.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56C831323B4 for <v6ops@ietf.org>; Sat, 14 Oct 2017 03:00:17 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by oxalide-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id v9EA0F8S153978 for <v6ops@ietf.org>; Sat, 14 Oct 2017 12:00:15 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 5BD18201497 for <v6ops@ietf.org>; Sat, 14 Oct 2017 12:00:15 +0200 (CEST)
Received: from muguet2.intra.cea.fr (muguet2.intra.cea.fr [132.166.192.7]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 52579201348 for <v6ops@ietf.org>; Sat, 14 Oct 2017 12:00:15 +0200 (CEST)
Received: from [132.166.84.71] ([132.166.84.71]) by muguet2.intra.cea.fr (8.15.2/8.15.2/CEAnet-Intranet-out-1.4) with ESMTP id v9EA0EF2025972 for <v6ops@ietf.org>; Sat, 14 Oct 2017 12:00:14 +0200
To: v6ops@ietf.org
References: <150781642636.16695.9645155481311700959.idtracker@ietfa.amsl.com> <CAKD1Yr2vW2Ngh=q2D84Vpmv9XbAkF5Cxu=Emq3pMV4wROQ-0Vw@mail.gmail.com> <CALx6S34QE40N0a4J=+q8vrkEB1Rue_LG129CHqgDhiSOmCptww@mail.gmail.com> <1584986D-0585-4D38-8127-8AC23EDC6154@consulintel.es> <CALx6S350+MSd--fCOPL9vnaf0BGUf5rHX5q+84MvvvOOJ6pQ9w@mail.gmail.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <104fc972-7c80-c519-b8ea-e287b13d198a@gmail.com>
Date: Sat, 14 Oct 2017 12:00:14 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <CALx6S350+MSd--fCOPL9vnaf0BGUf5rHX5q+84MvvvOOJ6pQ9w@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/6tRwMJr0KFvsZffaSdRWSeb4THE>
Subject: Re: [v6ops] Alissa Cooper's Discuss on draft-ietf-v6ops-unique-ipv6-prefix-per-host-12: (with DISCUSS)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Oct 2017 10:00:20 -0000
Le 12/10/2017 à 19:16, Tom Herbert a écrit : > > > On Thu, Oct 12, 2017 at 9:50 AM, JORDI PALET MARTINEZ > <jordi.palet@consulintel.es <mailto:jordi.palet@consulintel.es>> wrote: > > If the prefix to a residential customer is NON-persistent (the ISP > changes it every “x” minutes or hours or whatever), then I think > there is no need to further extend the privacy measures to how each > /64 is used during that time. > > Jordi, > > How are you going to explain to a user that is exercising their right of > free speech to criticize their government that they need to carefully > schedule their private communications around some arbitrary time > schedule established by their provider (which is likely demanded by the > very government they are criticizing?). Maybe the user exercising these rights can have an ability to impose her own schedule to the network, and not vice-versa. Alex > > IMO, if anonymity and privacy are rights on the Internet, which I'm > assuming they are, then those rights should be not be limited by some > window in time or other arbitrary constraints. > > Tom > > Otherwise we end-up demanding the same for every single /128 address … > > According to my IPv6 survey, which has answers from 1512 ISPs > worldwide, 63% provide “persistent” prefixes to residential users. > > So, I believe is sufficient for an ISP to offer the choice for the > user to “don’t have” a persistent prefix, or may depending on > country laws, on the other way around. > > Pushing to deploy IPv6 with NON-persistent prefixes is shooting our > own foot, unless, as Fred mention, at the same time we provide a > dynamic/secure DNS protocol that is widely implemented. > > Regards, > Jordi > > > -----Mensaje original----- > De: v6ops <v6ops-bounces@ietf.org <mailto:v6ops-bounces@ietf.org>> > en nombre de Tom Herbert <tom@herbertland.com > <mailto:tom@herbertland.com>> > Responder a: <tom@herbertland.com <mailto:tom@herbertland.com>> > Fecha: jueves, 12 de octubre de 2017, 18:39 > Para: Lorenzo Colitti <lorenzo@google.com <mailto:lorenzo@google.com>> > CC: "v6ops@ietf.org <mailto:v6ops@ietf.org> WG" <v6ops@ietf.org > <mailto:v6ops@ietf.org>>, Alissa Cooper <alissa@cooperw.in > <mailto:alissa@cooperw.in>>, > <draft-ietf-v6ops-unique-ipv6-prefix-per-host@ietf.org > <mailto:draft-ietf-v6ops-unique-ipv6-prefix-per-host@ietf.org>>, > <draft-ietf-v6ops-unique-ipv6-prefix-per-host.all@ietf.org > <mailto:draft-ietf-v6ops-unique-ipv6-prefix-per-host.all@ietf.org>>, > <v6ops-chairs@ietf.org <mailto:v6ops-chairs@ietf.org>>, The IESG > <iesg@ietf.org <mailto:iesg@ietf.org>> > Asunto: Re: [v6ops] Alissa Cooper's Discuss on > draft-ietf-v6ops-unique-ipv6-prefix-per-host-12: (with DISCUSS) > > > > On Thu, Oct 12, 2017 at 9:08 AM, Lorenzo Colitti > <lorenzo@google.com <mailto:lorenzo@google.com>> wrote: > > On Thu, Oct 12, 2017 at 10:53 PM, Alissa Cooper > <alissa@cooperw.in <mailto:alissa@cooperw.in>> wrote: > > If an operator assigns the same unique prefix to the same host > every time the > host connects to the network, the unlinkability benefits of > using IPv6 privacy > extensions are completely negated. > > > They are only negated if the remote party knows that the prefix > assignment policy is static. Otherwise, at best the remote party can > know that a particular subnet is sparsely (and perhaps infrequently) > populated. > > > It seems reasonable to me for this document to normatively > RECOMMEND that operators assign a different unique prefix to a > returning host > > > It seems to me that the privacy implications are the same as > for a residential network, where the prefix also identifies the user > (or the home). Do we currently normatively recommend that ISPs > assign different prefixes every time a home network reconnects? The > downside of such a recommendation is that it makes it harder for > residential users to run servers, access their network remotely, and > survive brief network outages. I'm not sure that's something we > want, is it? > > > > > > > Lorenzo, > > There are multiple use cases to consider. Persistence is needed > for servers and remote access, but the opposite may be true if you > want anonymity and privacy. If one wishes to be anonymous on the > Internet then likely would want every connection to use a different > source address. The source address should be untraceable back the > user, and given two such addresses it should be impossible for a > third party to draw any correlation between them other than they > belong to the same service provider. Basically, what you'd want are > addresses that only share a short provider prefix but all the rest > of the bits are seemingly random and not topological. This is one of > the things that identifier-locator can provide. > > Tom > > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org <mailto:v6ops@ietf.org> > https://www.ietf.org/mailman/listinfo/v6ops > <https://www.ietf.org/mailman/listinfo/v6ops> > > > > > > > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org <mailto:v6ops@ietf.org> > https://www.ietf.org/mailman/listinfo/v6ops > <https://www.ietf.org/mailman/listinfo/v6ops> > > > > > ********************************************** > IPv4 is over > Are you ready for the new Internet ? > http://www.consulintel.es > The IPv6 Company > > This electronic message contains information which may be privileged > or confidential. The information is intended to be for the exclusive > use of the individual(s) named above and further non-explicilty > authorized disclosure, copying, distribution or use of the contents > of this information, even if partially, including attached files, is > strictly prohibited and will be considered a criminal offense. If > you are not the intended recipient be aware that any disclosure, > copying, distribution or use of the contents of this information, > even if partially, including attached files, is strictly prohibited, > will be considered a criminal offense, so you must reply to the > original sender to inform about this communication and delete it. > > > > > > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops >
- [v6ops] Alissa Cooper's Discuss on draft-ietf-v6o… Alissa Cooper
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Alexandre Petrescu
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Lorenzo Colitti
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… JORDI PALET MARTINEZ
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Fred Baker
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Tom Herbert
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… JORDI PALET MARTINEZ
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… JORDI PALET MARTINEZ
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Tom Herbert
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Ted Lemon
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Lorenzo Colitti
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Alexandre Petrescu
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Van De Velde, Gunter (Nokia - BE/Antwerp)
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [v6ops] Alissa Cooper's Discuss on draft-ietf… Warren Kumari