IETF Logo Mail Archive

Re: [v6ops] Google Alert - IPv6

Mark Smith <markzzzsmith@gmail.com> Wed, 01 November 2017 01:42 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7923C13F476 for <v6ops@ietfa.amsl.com>; Tue, 31 Oct 2017 18:42:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.496
X-Spam-Level:
X-Spam-Status: No, score=-1.496 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dmT4KvCF1MRl for <v6ops@ietfa.amsl.com>; Tue, 31 Oct 2017 18:42:33 -0700 (PDT)
Received: from mail-ua0-x229.google.com (mail-ua0-x229.google.com [IPv6:2607:f8b0:400c:c08::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 632F0139394 for <v6ops@ietf.org>; Tue, 31 Oct 2017 18:42:33 -0700 (PDT)
Received: by mail-ua0-x229.google.com with SMTP id b11so581659uae.12 for <v6ops@ietf.org>; Tue, 31 Oct 2017 18:42:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=9PeW2zOeVsxxqfa2Nsy30iMBW0K1cn9wSRa6fTjEiX8=; b=cd2S9GgfCrAyQ2PhlODlbZNX/i820GxrDCxuxsV20BYlPzTFsxf9+WBQoJKS6FrjPB KndguwsD1A1szxGORW6NjGjgcANwXVzAPRbk+Ks+KOgtpn64U5UGMFF22pNCqnEW0gLi QRQsWB/gA1EFqlQ3AKECNmVIlO43dRQSRqLg76Rrz/6jLgKXzFtQmpmT5PM+cvre2UX7 7p6PXjJzjUMMJoEOUMVwJUrgSQzu5XZk5A0517j9DlMVIYkfEDOTFQf2CHd07ROOcdGN oFU1xtVGzJXCS+RhLHGld7EYjwWA2ZVuvzpiUe25x+lPAv8RSEbX4rOkq+si34+C44e7 ZQ2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=9PeW2zOeVsxxqfa2Nsy30iMBW0K1cn9wSRa6fTjEiX8=; b=ZPIHe448BW0AMoO/coVL9JmVuQ3KMPW9J4LjD6L5Hmn58EY0IoTIgNcNV2MYDKQpsq l7iRyepmkpr2z/Uhou0CYfsR6MuzByzjTxWoJMDzpMiBwZcgbNAN/sSjEJOy5hgV/yA+ leuIL1b3rAwda/deuFUYUcCFEaAFpn2iuJEfamL+iSB2NFNsGOZRYd7+AhMe/UfmpGDd o0ln2o6cSTxpfU9iepsVC7OMLDGcMx4v/PZm2O9JCQ0gitMz4SeyQmYkQpyr4dziXUn9 NkJzI4CCOmUT8mfS4gtBPD+T85zlEJMD5SI2EzE4c4UDA7vF3DzMFRC72ufreO1N6vpm NLXA==
X-Gm-Message-State: AMCzsaVJRB1Izzkvhs6Lvv+BDN0wJ4zm5OluQksJH25oJBZcOqa09C/G S3ptCpf3kZXzDmIXPvS2dSwXC01eTYwRsNaaPB0=
X-Google-Smtp-Source: ABhQp+QaDuM8Z8NrRo2XI7N1OpmQcq0dnWQ44OLgUttviD7US3rceXhm3kSkV47dXO0LQjq27RhKN6M1N81lHXs/kl4=
X-Received: by 10.176.76.13 with SMTP id l13mr3329398uaf.128.1509500552227; Tue, 31 Oct 2017 18:42:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.159.52.221 with HTTP; Tue, 31 Oct 2017 18:42:31 -0700 (PDT)
Received: by 10.159.52.221 with HTTP; Tue, 31 Oct 2017 18:42:31 -0700 (PDT)
In-Reply-To: <CALx6S37E9TN9SyMQfk3CSx9vWzjBM3bmuhvsyN0tFXGYFz9Mjw@mail.gmail.com>
References: <f403045ef57ac52962055bd88b84@google.com> <20395E98-DA55-447F-BEFE-CB581A88BB78@gmail.com> <alpine.DEB.2.20.1710190655260.31961@uplift.swm.pp.se> <20171019083506.6627a166@echo.ms.redpill-linpro.com> <alpine.DEB.2.20.1710190856530.31961@uplift.swm.pp.se> <787AE7BB302AE849A7480A190F8B93300A056EB5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHw9_iLWAMexrfXwsdB8duGa5ueJMofqVRqNck6DeOzA=KChqA@mail.gmail.com> <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com> <CE4906A4-E0CC-4C3F-A1F8-D2B5BED294D7@employees.org> <EDC5E9C7-F193-40CE-B21C-8E1D91E9E7E3@daveor.com> <C71D6C23-2720-403F-B655-D8156898A137@employees.org> <CALx6S37E9TN9SyMQfk3CSx9vWzjBM3bmuhvsyN0tFXGYFz9Mjw@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Wed, 01 Nov 2017 12:42:31 +1100
Message-ID: <CAO42Z2yXH0sPJYXJ6Nrq0B=UaDK4mC1R2Tds1tFQeBhuVh5meg@mail.gmail.com>
To: Tom Herbert <tom@herbertland.com>
Cc: Ole Troan <otroan@employees.org>, v6ops list <v6ops@ietf.org>, Tore Anderson <tore@fud.no>, Dave O'Reilly <rfc@daveor.com>
Content-Type: multipart/alternative; boundary="f40304361bfe34312a055ce1fc78"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/Lunc6sDIRkrcA2T71IUx1nv8o1s>
Subject: Re: [v6ops] Google Alert - IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Nov 2017 01:42:35 -0000

On 31 Oct. 2017 01:48, "Tom Herbert" <tom@herbertland.com> wrote:

On Mon, Oct 30, 2017 at 2:03 AM, Ole Troan <otroan@employees.org> wrote:
> Hi Dave,
>
>>> Major comment:
>>> 3) The document talks about identifying an individual, and in places a
subscriber endpoint. What it does identify, is the _originating network_.
What you get is the public interface address of the customer CPE. Which
looks like a network from the inside.
>>> Make it very clear that this does not identify individual hosts. And it
might be worth noting that traffic my enter the originating network from
outside. E.g. through VPNs, TOR exits, shared WIFI and whatnot.
>>>
>>
>> Yes, I completely agree.
>>
>> I do address this point in the -01 revision scope section:
>>
>> "Clearly no single solution will address the problem of crime
attribution on the Internet.  Load balancers, proxies and other network
infrastructure may also, intentionally or as a side-effect, obfuscate the
true source of Internet traffic and these problems will continue to exist
with or without the presence of large-scale address sharing technologies
(like Carrier-Grade NAT and A+P).”
>>
>> I wanted to mention the point without getting dragged into details of
all of the possible scenarios where an IP address does not represent an
individual or subscriber endpoint (apart from CGNAT). I was of the opinion
that there is a risk of trying to “boil the ocean” with a  document like
this so I was trying to keep the focus as tightly as possible on the issues
raised by CGNAT.
>>
>> In light of this, do you think this needs to be more explicitly
discussed or clarified?
>
> I think that's fine.
> As long as you make it clear that:
>  - the IP address _never_ identifies an individual.

Ole,

I don't think this is something that can be part of the definition of
an IP address, it's more of a desirable property of how IP addresses
are assigned and used. For instance, a smartphone is given an IP
address and technically identifies the host. But given that there is a
likely one to one correspondence between personal device (and its
address) to an individual user, the IP address of the device
effectively identifies the individual or at least can be used with a
little more information to do so. In this case, the IP address seems
to be Personally Identifiable Information.



The trouble is, unless we hand-cuff devices to people, the binding between
a device and an individual isn't very strong. It is quite easy for a device
to be shared, intentionally or not, with more portable (and therefore
stealable,) devices making the coupling even weaker.

I think attribution of an action is an authentication problem. Machine
identifiers aren't very good analogues for individuals' identify and
authenticity. In the "what you have, what you are, and what you know" group
of authentication factors, I think the "what you have" is the weakest.

There really needs to be something else that supports or proves use of a
device other than an assumption that an IP address is tightly coupled to a
device's owner, and therefore all actions associated with an IP address are
those of the device's owner.

Regards,
Mark.


Tom

>  - it identifies a host, a source network, or the obfuscated result of a
TOR gateway, VPN, another NAT, LB etc, etc...
>
> But never, ever by itself an individual person.
>
> Best regards,
> Ole
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>

_______________________________________________
v6ops mailing list
v6ops@ietf.org
https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email