Christian Huitema <huit...@huitema.net> wrote:
> Martin is making an important point here. There are a number of privacy
> enhancing technologies deployed at different layers: MAC address
> randomization at L2, Privacy addresses at L3, various forms of
> encryption and compartments at L4 and above. Each of these technologies
> is useful by itself, but they can easily be defeated by deployment
> mistakes. For example:
You are spot on.
But, even your four points muddle things.
We need some diagrams that we can all agree upon, and we need to name the
different observers.
Each thing defends against different kinds of observers, and not all
observers can see all things.
Some observers may collaborate (I invoke, the WWII French resistance emotion
for this term...)
Some observers may have strong reasons not to.
> 1) Using the same IP address with different MAC addresses negates a lot
> of the benefits of randomized MAC addresses,
This assumes that a single observer can observe both at the same time.
WEP++ leaves MAC addresses visible, but encrypts the rest of L3 content.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet
