IETF Logo Mail Archive

Re: [v6ops] Google Alert - IPv6

Dave O'Reilly <rfc@daveor.com> Thu, 02 November 2017 17:01 UTC

Return-Path: <rfc@daveor.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCD0513F74C for <v6ops@ietfa.amsl.com>; Thu, 2 Nov 2017 10:01:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=daveor.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LzdXaCgbCJbC for <v6ops@ietfa.amsl.com>; Thu, 2 Nov 2017 10:01:42 -0700 (PDT)
Received: from vps.ftrsolutions.com (vps.ftrsolutions.com [5.77.39.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C8B513B262 for <v6ops@ietf.org>; Thu, 2 Nov 2017 10:01:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=daveor.com; s=default; h=To:References:Message-Id:Content-Transfer-Encoding:Cc:Date: In-Reply-To:From:Subject:Mime-Version:Content-Type:Sender:Reply-To:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe :List-Post:List-Owner:List-Archive; bh=RlGWT3G9/RKohz5LOefwGzUNfw6tOZWVF5L0WIdZzQ8=; b=XPr3EfWZvB2D9waJddTe0VUCLD EWUwpCrMwzqpk2mHPapWoAdSYCdX2FWXU5bn6SOWWay39h5IvdsT6JzqY4lyXnQ71AMJa1dIdk/tU X03lm7ocXRLrtBZ1b69Ip8GdT3a/fbGsTURtNEHBIKHpbSSqIx00B405H9lfaJvHyZmA=;
Received: from [83.103.212.135] (port=62258 helo=[172.16.102.121]) by vps.ftrsolutions.com with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.89) (envelope-from <rfc@daveor.com>) id 1eAIs8-0002hB-Dp; Thu, 02 Nov 2017 17:01:40 +0000
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Dave O'Reilly <rfc@daveor.com>
In-Reply-To: <CALx6S37E9TN9SyMQfk3CSx9vWzjBM3bmuhvsyN0tFXGYFz9Mjw@mail.gmail.com>
Date: Thu, 02 Nov 2017 17:01:40 +0000
Cc: Ole Troan <otroan@employees.org>, "v6ops@ietf.org" <v6ops@ietf.org>, Tore Anderson <tore@fud.no>
Content-Transfer-Encoding: quoted-printable
Message-Id: <2A3259DF-AB23-468C-B737-01B876812C62@daveor.com>
References: <f403045ef57ac52962055bd88b84@google.com> <20395E98-DA55-447F-BEFE-CB581A88BB78@gmail.com> <alpine.DEB.2.20.1710190655260.31961@uplift.swm.pp.se> <20171019083506.6627a166@echo.ms.redpill-linpro.com> <alpine.DEB.2.20.1710190856530.31961@uplift.swm.pp.se> <787AE7BB302AE849A7480A190F8B93300A056EB5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHw9_iLWAMexrfXwsdB8duGa5ueJMofqVRqNck6DeOzA=KChqA@mail.gmail.com> <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com> <CE4906A4-E0CC-4C3F-A1F8-D2B5BED294D7@employees.org> <EDC5E9C7-F193-40CE-B21C-8E1D91E9E7E3@daveor.com> <C71D6C23-2720-403F-B655-D8156898A137@employees.org> <CALx6S37E9TN9SyMQfk3CSx9vWzjBM3bmuhvsyN0tFXGYFz9Mjw@mail.gmail.com>
To: Tom Herbert <tom@herbertland.com>
X-Mailer: Apple Mail (2.3124)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - vps.ftrsolutions.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - daveor.com
X-Get-Message-Sender-Via: vps.ftrsolutions.com: authenticated_id: dave@daveor.com
X-Authenticated-Sender: vps.ftrsolutions.com: dave@daveor.com
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/VzIPGqoGMvW1WNb3Y4BZyE9Ton0>
Subject: Re: [v6ops] Google Alert - IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Nov 2017 17:01:44 -0000

Two questions getting slightly conflated here. 

1. Whether an IP address represents a specific device (it doesn’t in most cases) or individual (it doesn’t without corroborating evidence from some other source)
2. Whether an IP address is judged (legally) to be personally identifying information (it is, in the EU at least)

I don’t think I have much more to contribute on these points apart from what I have already put in the emails just sent.

daveor

> On 30 Oct 2017, at 14:48, Tom Herbert <tom@herbertland.com> wrote:
> 
> On Mon, Oct 30, 2017 at 2:03 AM, Ole Troan <otroan@employees.org> wrote:
>> Hi Dave,
>> 
>>>> Major comment:
>>>> 3) The document talks about identifying an individual, and in places a subscriber endpoint. What it does identify, is the _originating network_. What you get is the public interface address of the customer CPE. Which looks like a network from the inside.
>>>> Make it very clear that this does not identify individual hosts. And it might be worth noting that traffic my enter the originating network from outside. E.g. through VPNs, TOR exits, shared WIFI and whatnot.
>>>> 
>>> 
>>> Yes, I completely agree.
>>> 
>>> I do address this point in the -01 revision scope section:
>>> 
>>> "Clearly no single solution will address the problem of crime attribution on the Internet.  Load balancers, proxies and other network infrastructure may also, intentionally or as a side-effect, obfuscate the true source of Internet traffic and these problems will continue to exist with or without the presence of large-scale address sharing technologies (like Carrier-Grade NAT and A+P).”
>>> 
>>> I wanted to mention the point without getting dragged into details of all of the possible scenarios where an IP address does not represent an individual or subscriber endpoint (apart from CGNAT). I was of the opinion that there is a risk of trying to “boil the ocean” with a  document like this so I was trying to keep the focus as tightly as possible on the issues raised by CGNAT.
>>> 
>>> In light of this, do you think this needs to be more explicitly discussed or clarified?
>> 
>> I think that's fine.
>> As long as you make it clear that:
>> - the IP address _never_ identifies an individual.
> 
> Ole,
> 
> I don't think this is something that can be part of the definition of
> an IP address, it's more of a desirable property of how IP addresses
> are assigned and used. For instance, a smartphone is given an IP
> address and technically identifies the host. But given that there is a
> likely one to one correspondence between personal device (and its
> address) to an individual user, the IP address of the device
> effectively identifies the individual or at least can be used with a
> little more information to do so. In this case, the IP address seems
> to be Personally Identifiable Information.
> 
> Tom
> 
>> - it identifies a host, a source network, or the obfuscated result of a TOR gateway, VPN, another NAT, LB etc, etc...
>> 
>> But never, ever by itself an individual person.
>> 
>> Best regards,
>> Ole
>> 
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops
>>

v2.23.0 | Report a Bug | By Email