Ignatios asked me to forward his comments to the list.
I'll reply separately.
-----Original Message-----
From: Ignatios Souvatzis [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 07, 2000 3:26 AM
To: Richard Draves
Subject: Re: problems with privacy draft
On Tue, Jun 06, 2000 at 05:20:19PM -0700, Richard Draves wrote:
[This is from the proposal part]
> 8. You don't create a new random interface-identifier each time you
generate
> an anonymous address. Instead you keep a current random
interface-identifier
> associated with an interface, and use it when generating an anonymous
> address.
This is to limit the number of multicast groups that the interface must
join?
While this does not affect long time correlation of the nodes communication,
it
allows for easier short time correlation (that is, two communicating outside
observers will be able to notice, that in (prefix X) there is a machine
accessing resource A close to the time where in prefix Y the same user is
accessing resource B.
Without this rule (if instead using a new Interface Identifier each time you
create an anonymous address) accesses to resources that are at different
destination addresses, which have some likelihood to use different source
prefixes, will not be trackable to the same machine. I can imagine
situations
where this correlation should be hidden.
> An implementation consequence of all this is that you do need to find the
> corresponding public addresses from an anonymous address.
Why?
-is
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
