I would observe that we have multiple documents which note the
importance of traceability for "problem" resolution. Treating privacy
as an all-or-nothing thing is probably a misleading perspective.
It is extremely likely that privacy addresses, and their bindings to
homes or office desktops, will be logged. I would hope that said logs
will be handled in a manner that preserves privacy in the normal course
of events.
Pretending that such things will not happen strikes me as even sillier
than assuming that a malicious host will cooperate with some unenforced
flags.
Yours,
Joel
On 3/9/2011 2:17 PM, RJ Atkinson wrote:
On 09 Mar 2011, at 13:49 , Brian E Carpenter wrote:
On 2011-03-10 00:17, Mikael Abrahamsson wrote:
I don't think it solves what it thinks it solves, but if this REALLY
should be implemented, it's my initial thinking that the H flag should
be a MUST demand to only have ONE and only one MAC-based IPv6 address
according to EUI64. I would appreciate some reasoning in the draft why
this was chosen as a SHOULD option.
For the reason I just gave against the disable-private flag: this
violates the host's right to use an untraceable address.
(Hardware I am familiar with is not sentient. So I don't know
what it means to talk about the rights of a host, as above ---
I'll assume the meaning is that human users have privacy rights. :-)
It may be that in corporate deployments, that right can be removed.
At least within the US, I am told that multiple courts have ruled
that when an employee is using employer-owned equipment attached
to an employer-owned network, then a reasonable expectation of
privacy does not exist. My examples and discussion have solely
focused on this "corporate deployment" scenario.
[ASIDE: I am also told that the courts have ruled differently with
respect to people accessing the Internet from their own home when
using their own equipment.]
[ASIDE: Of course the IETF is global; legal systems vary from one place
to another. So the above is intended narrowly as a practical example. :-]
But removing it for public subscribers would be a political blunder.
Earlier, I specifically noted that the privacy issue ought to be
discussed in the Security Considerations section of (any) I-D on
this topic, in (2A) and (2B) of this previous list email:
<http://www.ietf.org/mail-archive/web/ipv6/current/msg13489.html>
Cheers !
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------