On Wed, 09 Mar 2011 14:32:45 -0500 "Joel M. Halpern" <j...@joelhalpern.com> wrote:
> I would observe that we have multiple documents which note the > importance of traceability for "problem" resolution. Treating privacy > as an all-or-nothing thing is probably a misleading perspective. > It is extremely likely that privacy addresses, and their bindings to > homes or office desktops, will be logged. I would hope that said logs > will be handled in a manner that preserves privacy in the normal course > of events. > > Pretending that such things will not happen strikes me as even sillier > than assuming that a malicious host will cooperate with some unenforced > flags. > I also think there is a fundamentally incorrect assumption is being made - that IPv6 addresses and humans are tightly coupled. An IPv6 address identifies an end-node, and the traffic to or from it, but does not always identify the human that caused that traffic to occur. If you truly need auditable access/traffic logs, you need to identify the human at the time via "human-facing" authentication methods e.g. 802.1x. IOW, machines (and their IPv6 addresses) aren't really the security threat, it's the people behind them. Regards, Mark. > Yours, > Joel > > On 3/9/2011 2:17 PM, RJ Atkinson wrote: > > > > On 09 Mar 2011, at 13:49 , Brian E Carpenter wrote: > >> On 2011-03-10 00:17, Mikael Abrahamsson wrote: > >>> > >>> I don't think it solves what it thinks it solves, but if this REALLY > >>> should be implemented, it's my initial thinking that the H flag should > >>> be a MUST demand to only have ONE and only one MAC-based IPv6 address > >>> according to EUI64. I would appreciate some reasoning in the draft why > >>> this was chosen as a SHOULD option. > >> > >> For the reason I just gave against the disable-private flag: this > >> violates the host's right to use an untraceable address. > > > > (Hardware I am familiar with is not sentient. So I don't know > > what it means to talk about the rights of a host, as above --- > > I'll assume the meaning is that human users have privacy rights. :-) > > > >> It may be that in corporate deployments, that right can be removed. > > > > At least within the US, I am told that multiple courts have ruled > > that when an employee is using employer-owned equipment attached > > to an employer-owned network, then a reasonable expectation of > > privacy does not exist. My examples and discussion have solely > > focused on this "corporate deployment" scenario. > > > > [ASIDE: I am also told that the courts have ruled differently with > > respect to people accessing the Internet from their own home when > > using their own equipment.] > > > > [ASIDE: Of course the IETF is global; legal systems vary from one place > > to another. So the above is intended narrowly as a practical example. :-] > > > >> But removing it for public subscribers would be a political blunder. > > > > > > Earlier, I specifically noted that the privacy issue ought to be > > discussed in the Security Considerations section of (any) I-D on > > this topic, in (2A) and (2B) of this previous list email: > > > > <http://www.ietf.org/mail-archive/web/ipv6/current/msg13489.html> > > > > Cheers ! > > > > > > -------------------------------------------------------------------- > > IETF IPv6 working group mailing list > > ipv6@ietf.org > > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > > -------------------------------------------------------------------- > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------