Homenet admin? Randy
-------- Original message -------- Subject: Re: [homenet] privacy vs subnet-id From: Brian E Carpenter <brian.e.carpen...@gmail.com> To: Tim Chown <t...@ecs.soton.ac.uk> CC: "homenet@ietf.org Group" <homenet@ietf.org> On 2011-11-15 16:03, Tim Chown wrote: > So at the moment all the arch text says on privacy is: > Privacy considerations > > There are no specific privacy concerns for this text. It should > be noted that most ISPs are expected to offer static IPv6 prefixes > to customers, and thus the addresses they use would not generally > change over time. > What would you like to say here instead? Maybe point out that a homenet can be protected against external privacy threats (possibly citing 4864 etc) but that whatever hosts do, the homenet admin has the capability to perform traffic analysis down to the subnet level. Brian > > Note 4941 isn't just about source address from location to location but also > source address over time. > > The LNP for IPv6 text (RFC4864) talks about this issue a bit, but this is > more about obfuscating the topology externally to the user's network, rather > than internally. In my view we should probably only consider a similar > perspective here? > > Tim > > On 15 Nov 2011, at 02:53, Brian E Carpenter wrote: > >> On 2011-11-15 15:26, Michael Richardson wrote: >>> Brian Carpenter raised the point at the mic that we have to pay >>> attention to privacy when it comes to the subnet-id. We shouldn't make >>> it possible for members of the household to spy on each other. >>> >>> My understanding of the purpose of RFC4941 privacy extensions is to make >>> is hard for an (off-path) observer (including web server operator) to >>> trivially track a user from location to location by their EUI-64. >>> >>> The question is, do we have any similar requirements that we want to >>> apply to subnet-id. The example that Brian gave in XMPP was: >>> >>> BEC> And if you have a separate subnet for the kids' bedroom... >>> BEC> 'Honey, one of the kids is using Facebook again' >>> >>> if there is only one possible host on a particular subnet, then RFC4941 >>> can't help disguise who is doing what. >>> >>> My question is: what is the real issue here. It seems that the kind of >>> things that 4941 deals with, are neither better nor worse. But maybe >>> there are other things that we need to concern ourselves with. >> Waxing philosophical, you can obfuscate an ID but you can't obfuscate >> a locator. I really don't see a way out of this. If the admin can >> run Wireshark, she can see the locator. >> >> Brian >> _______________________________________________ >> homenet mailing list >> homenet@ietf.org >> https://www.ietf.org/mailman/listinfo/homenet > > > > ------------------------------------------------------------------------ > > _______________________________________________ > homenet mailing list > homenet@ietf.org > https://www.ietf.org/mailman/listinfo/homenet _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
_______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
