Re: [v6ops] Google Alert - IPv6
Tom Herbert <tom@herbertland.com> Thu, 26 October 2017 20:42 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1A0413F5FC for <v6ops@ietfa.amsl.com>; Thu, 26 Oct 2017 13:42:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pt6q0AzezNSE for <v6ops@ietfa.amsl.com>; Thu, 26 Oct 2017 13:42:31 -0700 (PDT)
Received: from mail-qk0-x236.google.com (mail-qk0-x236.google.com [IPv6:2607:f8b0:400d:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA0CF139F5C for <v6ops@ietf.org>; Thu, 26 Oct 2017 13:42:30 -0700 (PDT)
Received: by mail-qk0-x236.google.com with SMTP id x82so5935440qkb.12 for <v6ops@ietf.org>; Thu, 26 Oct 2017 13:42:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=vYdtLp+Qas116LFmIZjdQPopa9Fk8wwQF0eA75WJtJI=; b=edwgY8Hv2QErVkVPNm28tUucmErwWwdglF6vpPd9JGwSIgEnSSwClIDpA7b8xfZyuG ipiynhiqdbonMrYoBsSuAxjuFxXBTdoUk2XROee1iH9ZRT4mSOc4gFYYJkZYYLsMSJ1v dnv+qKOs71VZKqCEk5LjHQJ9lBGjRA5RAL/juOX6a6VaU9Qj/kS7Em30aVzNHqw9Unht sO4GFr7csQF2sEJ+9j8HH6PVqNr+UcP68I4E5FgKJyVHIQTrPcZm85IdhViywBjsrj3t 0PMdGcCwCGZ2BWmIT4+5ZxUAKXtpEGEzZmNTlhT+/NF+Nw9J+mZikVCtWlFfPlnXSIHe D9pQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=vYdtLp+Qas116LFmIZjdQPopa9Fk8wwQF0eA75WJtJI=; b=JoY62CB2bBGj3bcSzqkBuNWTs0tWdR9K1oRdrU32SqQanq6Vw7kTq31gQq7pR4zoIx ji2PKMtQ+8dzMs02pNdrrf2z9s0PFBSwNg2bO5pP0UVBJhBCJzLShYcONt/fOm6Md0r/ i8PdrOMjewAPuLFhZn4lN6diS8akR+Ju4wQlUqkoJy/kmwPxjiia7WgucvaD4iLMlReX Ej2sLp6OLBX77PYeUWnhe/nK7zxqaiB4oUQkk8Z/p37vU78Ve5/PVwbuO1Mo8JRhhy/a lPAfXMxSYHkicIiXvKqrM48BkBJu62JmgncvxGgOSPTkzSDv01nT+do2T0cJHmokBcNh tFWg==
X-Gm-Message-State: AMCzsaXv0zFl6l4UEI0c5aIPRXVI0lqfk5Jpsmh2c9NAgf380NWCbJha atZqFVZBoJDlhKS7TfvoXpluPzvS0jiJusYw6zS6Lw==
X-Google-Smtp-Source: ABhQp+Q0cD/yJY41LkZblA3jwKWxkL0ZqwU6FFDOVoXNaBX8PMrsjj3IoLVYB+qgob0+Pd2GeT3//wG15dKMT8B19K8=
X-Received: by 10.55.89.65 with SMTP id n62mr9479202qkb.51.1509050550064; Thu, 26 Oct 2017 13:42:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.54.4 with HTTP; Thu, 26 Oct 2017 13:42:29 -0700 (PDT)
In-Reply-To: <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com>
References: <f403045ef57ac52962055bd88b84@google.com> <20395E98-DA55-447F-BEFE-CB581A88BB78@gmail.com> <alpine.DEB.2.20.1710190655260.31961@uplift.swm.pp.se> <20171019083506.6627a166@echo.ms.redpill-linpro.com> <alpine.DEB.2.20.1710190856530.31961@uplift.swm.pp.se> <787AE7BB302AE849A7480A190F8B93300A056EB5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHw9_iLWAMexrfXwsdB8duGa5ueJMofqVRqNck6DeOzA=KChqA@mail.gmail.com> <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com>
From: Tom Herbert <tom@herbertland.com>
Date: Thu, 26 Oct 2017 13:42:29 -0700
Message-ID: <CALx6S36XKOptW9h_d9HdRX6mKdZAiWgtNxS0b35BOAEb-Q+j6w@mail.gmail.com>
To: Dave O'Reilly <rfc@daveor.com>
Cc: Warren Kumari <warren@kumari.net>, "v6ops@ietf.org" <v6ops@ietf.org>, Tore Anderson <tore@fud.no>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/qoOAi6KW-uqJ6oQiIuo7Yp5IreI>
Subject: Re: [v6ops] Google Alert - IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 20:42:35 -0000
On Thu, Oct 26, 2017 at 1:15 PM, Dave O'Reilly <rfc@daveor.com> wrote: > Hello everybody, > > I’m the author of https://tools.ietf.org/html/draft-daveor-cgn-logging-01. Warren brought this thread to my attention so I would like to throw in a few thoughts for people to consider, if I may. I have attempted to address as many as possible of the points raised by others in the thread in one big response below. > > Thanks for taking the time to read this and I look forward to any feedback you might have, > daveor > > > On the topic of “CGNAT is a bad idea” > —————————————————————————————— > > I am not too sure how much mileage there is getting caught up in this point. CGNAT is out there in the world, along with a suite of other large-scale address sharing technologies, and although the transition to IPv6 is ongoing, it is painfully slow and transitionary arrangements will be required for the foreseeable future. > > It would be, in my opinion, remiss of the criminal justice system not to consider this issue. The argument that the CGNAT problem will go away if we were all to just move to IPv6 doesn’t help solve the murder that happened today or catch the person distributing child pornography on the Internet. > Dave, The flip side to this coin is that if good guys are able to track IPv6 addresses more easily, then that means the bad guys will be able to also. Today it may be the case that CGNAT inadvertently offers better privacy for users that IPv6 would (without any consideration why users want privacy). So there should be a concern about the privacy of IPv6. The likely solution is to allow hosts to use untrackable IP addresses, maybe they would want to use a different IP address for each connection. There are proposals for this. If hosts use untrackable addresses, then privacy properties of IPv6 and CGNAT should be nearly equivalent. So the solution to assist law enforcement ends up being the the same as that for CGNAT. A provider maintains a log of mappings from the IP addresses to users and releases information to authorities under warrant. It seems like this is a logical extension to your draft. Tom
- Re: [v6ops] Google Alert - IPv6 Paul Marks
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Brian E Carpenter
- Re: [v6ops] Google Alert - IPv6 Rajiv Asati (rajiva)
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Erik Kline
- Re: [v6ops] Google Alert - IPv6 Mikael Abrahamsson
- Re: [v6ops] Google Alert - IPv6 Tore Anderson
- Re: [v6ops] Google Alert - IPv6 Mikael Abrahamsson
- Re: [v6ops] Google Alert - IPv6 mohamed.boucadair
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Lorenzo Colitti
- Re: [v6ops] Google Alert - IPv6 Alexandre Petrescu
- Re: [v6ops] Google Alert - IPv6 Warren Kumari
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 mohamed.boucadair
- Re: [v6ops] [SUSPECTED SPAM] RE: Google Alert - I… Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] RE: Google Alert - I… mohamed.boucadair
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] Google Alert - IPv6 Erik Nygren
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 Fernando Gont
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Gert Doering
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Mark Smith
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Mark Smith
- Re: [v6ops] Google Alert - IPv6 DY Kim
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 DY Kim
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Mark Andrews
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 t.petch
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Mark Smith