Re: [v6ops] Some questions on draft-rafiee-v6ops-iid-lifetime
"Hosnieh Rafiee" <ietf@rozanak.com> Fri, 25 October 2013 22:55 UTC
Return-Path: <ietf@rozanak.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6659F21F9FF9 for <v6ops@ietfa.amsl.com>; Fri, 25 Oct 2013 15:55:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[AWL=0.002, BAYES_00=-2.599, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A-HwRae5v3QA for <v6ops@ietfa.amsl.com>; Fri, 25 Oct 2013 15:55:36 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by ietfa.amsl.com (Postfix) with ESMTP id 8F7B521F8411 for <v6ops@ietf.org>; Fri, 25 Oct 2013 15:55:32 -0700 (PDT)
Received: from kopoli (g231250140.adsl.alicedsl.de [92.231.250.140]) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis) id 0M6BzW-1VssCn3Dys-00yThG; Fri, 25 Oct 2013 18:55:14 -0400
From: Hosnieh Rafiee <ietf@rozanak.com>
To: fred@cisco.com
References: <201310221245.r9MCj1n09532@ftpeng-update.cisco.com>
In-Reply-To: <201310221245.r9MCj1n09532@ftpeng-update.cisco.com>
Date: Sat, 26 Oct 2013 00:55:04 +0200
Message-ID: <008901ced1d5$434e5790$c9eb06b0$@rozanak.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQGR/c6oFX+mvk/6gDLEuSjOLB4jLpp/ouWQ
Content-Language: en-us
X-Provags-ID: V02:K0:QRjc/Rjev/SiGgIV02hL0PJoE8b9UjFD9GGt3sOeXZ+ 9PMxc8jNBp6PNUD0Z6dHyIheCoLMFjwGy0QU2ZGfSNCH/8f8xO sUaTm1vXYrc1+Pl/CT6JnlVS+0kFslgbnb44d3UUHSKVbCWKkh L9q2aP0BXtXGwjczmIXTnJ66/CG3Q1LBCYQgd2X1DjENjPyG9l QPom5zn0Gx3UVrjqNSnVuEvPgfIa6ul7qrsO0pwcTvbuK9M9p0 vo0x6K5LSpyaUHPCYvxpzylHSvnE+r66ySjOhwHrIhDXuikLA1 9nnkSyX+YhRckSiDVifwZCGJT8KJVTCicMYfxdZhl/xo0d4zXn p/mxXQqCK73HNOq3SKcU=
Cc: v6ops@ietf.org, v6ops-chairs@tools.ietf.org, Erik Nordmark <nordmark@sonic.net>
Subject: Re: [v6ops] Some questions on draft-rafiee-v6ops-iid-lifetime
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Oct 2013 22:55:45 -0000
Hi Fred, Actually the content of this draft (http://tools.ietf.org/html/draft-rafiee-v6ops-iid-lifetime ) was presented in IETF 87 as a part of ra-privacy. Some people during that meeting thought that it is better to make this draft more generate and separate it from ra-privacy; http://tools.ietf.org/html/draft-rafiee-6man-ra-privacy (this draft also does nothing with security and it address the problems with RFC 4941 and also deprecating EUI-64 in RFC 4941. The draft "deprecated IID" that is new and contain most of the section that is already explained in ra-privacy could improve this existing draft) So, iid lifetime draft, as you already know, does nothing with security but it is a way of maintaining privacy and try to avoid sacrificing user's connectivity in IPv6 networks. This draft, first, compares the current mechanisms available for the lifetime of an IID and then offer a new mechanism for the mentioned purpose (privacy and connectivity) > > 1) Please provide a succinct problem statement for your draft. What > problem/issue is this draft discussing? What operational problems does the > proposal address in real life networks? We tried to have a short problem statement at the end of Introduction. But we are open to suggestions if you or anybody else think that there is a need for expanding this section. > > 2) Where does this draft or presentation fits into v6ops' current charter > (http://datatracker.ietf.org/wg/v6ops/charter/)? Citing specific a section(s) > of the charter is preferable. It might fit to number 4 and the rest of the explanation. Why we think it can fit? It is because IPv6 addresses are public and at least at the moment our computer connect to internet using its own unique IP address. I guess this will open new issues for privacy and security. The reason is the initial attack on node's security and privacy is to recon the node. So, when your node has a fix IID, then the attacker has better possibility to attack this node. Now the purpose of this draft is only to give information to the implementers that they can improve the privacy and security of their mechanisms. It also provide a way for privacy-aware-applications to use a same framework which can also control the total number of IID and not generate the IID themselves. This means they do not need to have any information about IP layer while at the same time they can ensure their users that their application is privacy-aware > 3) Who is this draft's audience? Privacy-aware implementers > 4) Have any operators expressed interest in this draft or its problem space, > either via review or other discussion? I guess I have already answered this > 5) Is this draft pursuing discussion in any other WGs? If so, please list them > here, along with rationale for the interaction with multiple WGs in parallel. Please check the recordings of ra-privacy (lifetime section) and the mailing list discussion about ra-privacy after IETF 87 > 6) Is any protocol work being recommended in the draft? It is actually in informational track that gives the choice for implementers. I am also in the process of implementing it for Linux. Thank you again, -----------smile---------- Hosnieh . success is a journey, not a destination.. You cannot change your destination overnight, but you can change your direction ... Focus on the journey
- Re: [v6ops] Some questions on draft-rafiee-v6ops-… Hosnieh Rafiee
- Re: [v6ops] Some questions on draft-rafiee-v6ops-… Fred Baker (fred)
- Re: [v6ops] Some questions on draft-rafiee-v6ops-… Hosnieh Rafiee