On Mar 11, 2011, at 3:32 AM, Christian Huitema wrote: >> I'm saying the reasons people are tempted to disable RFC4941 are misplaced. > > +1 > > Consider that if I want privacy and you won't let me use RFC4941, I might > just make up a new MAC address each time I connect. > > Consider also the effect of unique identifiers on tracking. The MAC address > follows you when you roam. By embedding it in the IPv6 address, we are > effectively offering a "super cookie" to all web services. Is it really what > we want? In addition to privacy issues, displaying the MAC address allows > third parties to track hardware purchase, and enables other attacks by > providing the data necessary for MAC spoofing. In short, it looked like a > great idea at the time... but wasn't.
One person's attack is another's targeted ad business case ;-) That aside, the considerations proposed in this document may be relevant to this discussion: http://tools.ietf.org/html/draft-brim-mobility-and-privacy-00 - Mark > > -- Christian Huitema > > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
-------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
