IETF Logo Mail Archive

Re: [v6ops] New Version Notification for draft-hilliard-v6ops-host-addr-update-00.txt - Privacy Properties

Tim Chown <Tim.Chown@jisc.ac.uk> Thu, 20 July 2017 17:21 UTC

Return-Path: <tim.chown@jisc.ac.uk>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A88C131C60 for <v6ops@ietfa.amsl.com>; Thu, 20 Jul 2017 10:21:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jisc.ac.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7397K87DnsbB for <v6ops@ietfa.amsl.com>; Thu, 20 Jul 2017 10:21:43 -0700 (PDT)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [207.82.80.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78D44131C31 for <v6ops@ietf.org>; Thu, 20 Jul 2017 10:21:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc.ac.uk; s=mimecast20170213; t=1500571301; h=from:subject:date:message-id:to:cc:mime-version:content-type:content-transfer-encoding:in-reply-to:references; bh=c8m9IOdYi0zNQVzHo4rjDlX75ESAYcgRX3AhX6nk6PE=; b=QVEYEAcxFiEdK6lxf9cQ47+f+UstjBNYoXBtuxRQyT+lDw23zMYbWnD9oWvhK9uMjNeEwiiboVz3Vl635QagxdZ7Vu1I/YgVG8ibaiRYhWiB8CGZ14sgqPf8iM3gkEFCI2ZYUceKTCxWHXExuFxnqANToTJidjhl67YF9wECubM=
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01lp0243.outbound.protection.outlook.com [213.199.154.243]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-112-_lEFLtMSMoKmrpkKNjX5Zw-1; Thu, 20 Jul 2017 18:21:39 +0100
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com (10.163.188.14) by AM3PR07MB0693.eurprd07.prod.outlook.com (10.160.6.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1282.4; Thu, 20 Jul 2017 17:21:38 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::b8a2:fb24:484f:ba3]) by AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::b8a2:fb24:484f:ba3%13]) with mapi id 15.01.1282.011; Thu, 20 Jul 2017 17:21:37 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: Lorenzo Colitti <lorenzo@google.com>
CC: Nick Hilliard <nick@foobar.org>, IPv6 Ops WG <v6ops@ietf.org>
Thread-Topic: [v6ops] New Version Notification for draft-hilliard-v6ops-host-addr-update-00.txt - Privacy Properties
Thread-Index: AQHTATUji5KtLICoVEuRVVY8txHTcaJcbLsAgABueoCAAAMQgIAAB+oAgAAGeoCAAAH9AIAABF4AgAAD2oA=
Date: Thu, 20 Jul 2017 17:21:37 +0000
Message-ID: <C27F0218-5FD3-44AF-A134-6F9BB24C584F@jisc.ac.uk>
References: <596CF817.8040900@foobar.org> <BC0BBAF5-B016-44B5-8D73-BC9382CB79A9@google.com> <20170719090835.GC45648@Space.Net> <CAKD1Yr29MmGJuX+uhXaroB6UMRBBWBscCZPaMjaVscL0q7a7pg@mail.gmail.com> <98208c2e-7524-7afa-b0c8-865f251cd66e@gmail.com> <20170720062751.GL45648@Space.Net> <CAKD1Yr1ihnqHAzjhPcA8HB7sBBRwht2t5epJqQA-B_YGnfoTQA@mail.gmail.com> <52ed5fcd-8af5-5b6b-4328-002a431977b6@gmail.com> <CAPt1N1mzRmX6ZccDS8O642N-Lkq5=FZuUHUEFotwo9CFuMNsAQ@mail.gmail.com> <D45180D3-D889-4B9C-B059-F6D1A59909A8@jisc.ac.uk> <5970D1FF.2090707@foobar.org> <6C5C7F6F-0503-47CA-9C28-D0F405340EC2@jisc.ac.uk> <5970DE11.5070001@foobar.org> <C52793BC-0E4C-413E-9845-7BD8C6FEA821@jisc.ac.uk> <CAKD1Yr374C_brUfY1x9mtOgDcXzwc1xjpHfuQBHddZOU9uHK2w@mail.gmail.com>
In-Reply-To: <CAKD1Yr374C_brUfY1x9mtOgDcXzwc1xjpHfuQBHddZOU9uHK2w@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3273)
x-originating-ip: [2001:67c:370:128:7164:5a94:6ee1:4c3b]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM3PR07MB0693; 20:wfevVN5j/+bhnk4ly8S7m3ntOlHI0TuWXZW4ZnokDtK2+iZGbjoBsaXzeapxX87UR7Px0qbzDCJobHMuwtc+aiVOQmgOzKENaWC7EoG2W/n+jRhl9SqXlhhbkr0R3twNXFmY/aVeOwQRffvrpStwCOJfzTr+E3/aY/s7cWlqvhA=
x-ms-office365-filtering-correlation-id: d8da9b8b-7580-4176-8363-08d4cf93c775
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:AM3PR07MB0693;
x-ms-traffictypediagnostic: AM3PR07MB0693:
x-exchange-antispam-report-test: UriScan:(274715658323672)(151999592597050)(236129657087228)(211936372134217)(148574349560750);
x-microsoft-antispam-prvs: <AM3PR07MB06935C9029264F24F8009F95D6A70@AM3PR07MB0693.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(2017060910075)(5005006)(8121501046)(100000703101)(100105400095)(3002001)(10201501046)(93006095)(93001095)(920507026)(6041248)(20161123558100)(20161123555025)(20161123560025)(20161123564025)(201703131423075)(201702281529075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM3PR07MB0693; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM3PR07MB0693;
x-forefront-prvs: 0374433C81
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39410400002)(39840400002)(39450400003)(39400400002)(377454003)(24454002)(110136004)(6246003)(76176999)(189998001)(38730400002)(230783001)(50986999)(229853002)(5250100002)(74482002)(2950100002)(14454004)(53546010)(2900100001)(36756003)(42882006)(6916009)(5660300001)(478600001)(33656002)(93886004)(53936002)(4326008)(50226002)(54906002)(81166006)(99286003)(25786009)(72206003)(8676002)(6116002)(6436002)(86362001)(3660700001)(305945005)(6506006)(3280700002)(7736002)(57306001)(2906002)(6486002)(82746002)(8936002)(102836003)(6512007)(83716003); DIR:OUT; SFP:1101; SCL:1; SRVR:AM3PR07MB0693; H:AM3PR07MB1140.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-ID: <9DFF7983BCE0334FA93B821A485C1F0E@eurprd07.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Jul 2017 17:21:37.8341 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR07MB0693
X-MC-Unique: _lEFLtMSMoKmrpkKNjX5Zw-1
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/fM4h5LZAwBt5i-RtnII0Y-9KFg4>
Subject: Re: [v6ops] New Version Notification for draft-hilliard-v6ops-host-addr-update-00.txt - Privacy Properties
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jul 2017 17:21:46 -0000

> On 20 Jul 2017, at 18:07, Lorenzo Colitti <lorenzo@google.com> wrote:
> 
> On Thu, Jul 20, 2017 at 6:52 PM, Tim Chown <Tim.Chown@jisc.ac.uk> wrote:
> > There are lots of different types of campus, and campus type networks.
> 
> Well, the discussion was around best practice discussion, and in that light eduroam should be aspirational. It’s deployed in 70-80 countries, but the underlying 802.1x can be used in any campus, and on wired links as well.
> 
> Which is, of course, technically a much better solution than relying on insecure DHCPv6.
> 
> Additionally, there's the option of doing /64 per host (via RAs) in the enterprise. Same tracking and authorization properties, but no limitation on the number of addresses that can be used.

Yep, and I mention that when speaking to university admins, ad they like and understand the idea.  Though I have a feeling they may soon realise they’ll want more than a /48 to serve their campuses… and that’s an issue for campuses that want to follow 7934 and JJB’s draft.  We have three UK universities that have now gone for LIR status to obtain their own /32.

As an aside, we almost went with /64 per office in our initial campus rollout; the issue then was the extra cost of the routing image on $vendor’s hardware.

Tim

v2.23.0 | Report a Bug | By Email