On 2011-11-15 15:26, Michael Richardson wrote: > Brian Carpenter raised the point at the mic that we have to pay > attention to privacy when it comes to the subnet-id. We shouldn't make > it possible for members of the household to spy on each other. > > My understanding of the purpose of RFC4941 privacy extensions is to make > is hard for an (off-path) observer (including web server operator) to > trivially track a user from location to location by their EUI-64. > > The question is, do we have any similar requirements that we want to > apply to subnet-id. The example that Brian gave in XMPP was: > > BEC> And if you have a separate subnet for the kids' bedroom... > BEC> 'Honey, one of the kids is using Facebook again' > > if there is only one possible host on a particular subnet, then RFC4941 > can't help disguise who is doing what. > > My question is: what is the real issue here. It seems that the kind of > things that 4941 deals with, are neither better nor worse. But maybe > there are other things that we need to concern ourselves with.
Waxing philosophical, you can obfuscate an ID but you can't obfuscate a locator. I really don't see a way out of this. If the admin can run Wireshark, she can see the locator. Brian _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet