[v6ops] draft-palet-ietf-v6ops-he-reporting-00.txt: privacy and other issues

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Fri, 21 July 2017 07:06 UTC

Return-Path: <prvs=13753e1d62=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 9F612127076 for <v6ops@ietfa.amsl.com>; Fri, 21 Jul 2017 00:06:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es; domainkeys=pass (1024-bit key) header.from=jordi.palet@consulintel.es header.d=consulintel.es
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id yo1DnL2M3BGK for <v6ops@ietfa.amsl.com>; Fri, 21 Jul 2017 00:06:58 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C900D126DFF for <v6ops@ietf.org>; Fri, 21 Jul 2017 00:06:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1500620816; x=1501225616; q=dns/txt; h=DomainKey-Signature: Received:User-Agent:Date:Subject:From:To:Message-ID:Thread-Topic: Mime-version:Content-type:Content-transfer-encoding:Reply-To; bh=XL4Z0QG00mjlqECgxjB3AEm/6SUWMpw6VrJmT6k4vrs=; b=fWQ9Cm9FxkKDw PBLdWczuz7DYmK6aNqGh0Uf8rJWc3WCDbjZMwnJdiy0GUsNSq5QLxvi9SSEtFVEc JR/JYoA7W7NnLg8ZojE17JX4th6Ac+rDOsnUUPPseun4cRBZxsII+C6gfmWYqmax hkn1A1ndB6okRqt0fd+PKybb1qz/2s=
DomainKey-Signature: a=rsa-sha1; s=MDaemon; d=consulintel.es; c=simple; q=dns; h=from:message-id; b=VvrYMAmEdivpljWu0Dw1qSqQlrtBhGMA3g9W6yl50sgQ1Mnmg/LssMHlO+sT vsOXlFd6Imo9AZtqCeMqiDJbIcv8WCr/YHYdNUb/uj63J3qShwzVO5TkX XxkzguKwnaRwt19MLgMvBMyWeUiHfH8oq3tIIpjzVXPRzo36oIAg/o=;
X-MDAV-Processed: mail.consulintel.es, Fri, 21 Jul 2017 09:06:56 +0200
X-Spam-Processed: mail.consulintel.es, Fri, 21 Jul 2017 09:06:55 +0200
Received: from [] by mail.consulintel.es (MDaemon PRO v11.0.3) with ESMTP id md50005482554.msg for <v6ops@ietf.org>; Fri, 21 Jul 2017 09:06:55 +0200
X-MDOP-RefID: re=0.000,fgs=0 (_st=1 _vt=0 _iwf=0)
X-Authenticated-Sender: jordi.palet@consulintel.es
X-HashCash: 1:20:170721:md50005482554::UWOdwcGvm3qOpQyU:0000373A
X-Return-Path: prvs=13753e1d62=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/f.24.0.170702
Date: Fri, 21 Jul 2017 09:06:54 +0200
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: v6ops@ietf.org
Message-ID: <0DD4D67C-3BD5-4AAD-BC5E-BB3948BD35C0@consulintel.es>
Thread-Topic: draft-palet-ietf-v6ops-he-reporting-00.txt: privacy and other issues
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Reply-To: jordi.palet@consulintel.es
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/i3BWFBVfI2zbkSb_3iwABVM60Fo>
Subject: [v6ops] draft-palet-ietf-v6ops-he-reporting-00.txt: privacy and other issues
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Jul 2017 07:06:59 -0000

Hi all,

I’ve been thinking about this and talking to other folks, so I will like to get more feedback from the WG.

1) Privacy:
I think just reporting the destination address that fallback to IPv4 because HE2, is enough to provide the operator a signal, so they can consider there is an issue with that path. It may be an operator issue, or maybe somebody in the path or the destination itself. It is up to the local operator to decide if they want to do anything about that or tell the other parties.

If we also keep in the syslog report the origin prefix or address, it looks like there is a privacy issue, however, because we are reporting it to our OWN ISP, he has already that information and much more, and in many cases, they have the obligation to keep such records for months/years, by local regulations.

The privacy issue comes not for keeping that data, but for disclosing it.

In fact, is not true that both, desktop and cellular OSs, do a lot of reporting/telemetry to their makers and even operators? At least I’d that idea in mind, maybe I’m wrong …

2) Implementing in hosts vs CE:
>From my view point, it is much easier to implement a very simple UDP 514 message in HE2, which is detecting the failure and falling back, that asking the host to signal the local CE (or ask the CE somehow to detect it for broken destinations) and ask the CE vendors to provide firmware updates to implement it: It will NOT happen!

3) Alternatives to hosts reporting the failure:
I think was David who suggested “scrape DNS and NAT44 logs”. I’m sure there are other options as well. BUT, this means that the operator need to have “something new” in their network, and what I’m trying to do is to reuse something already available (maybe syslog, maybe something else), so it is a matter not of “installing” something, but just configuring and existing syslog collector with one more address that match the one that we decide to use for it (right now NSP::



IPv4 is over
Are you ready for the new Internet ?
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.