Hi, Shane, On 06/04/2011 06:44 p.m., Shane Amante wrote:
>> * We want Flow Labels that unpredictable by off-path attackers >> (history has taught us that this is a good proactive measure) * We >> want an algorithm for generating FL that produces FLs that do not >> repeat with a high frequency (i.e., they are distributed normally) > > I like your (attempt at) a more precise definition that Thomas has > been asking for. > > I would think another desirable property of (host-generated?) > flow-labels might be that, by default, they strive to preserve > privacy of the transmitter. IOW, flow-labels cannot be used to track > individuals (over time), because they are traceable back to a > particular implementation or, worse, a specific device. While I agree with this, this seems to be like a requirement for psedu-randomness. That is, if all hosts in my local network set the FL with random(), and only my hosts implements the hash based scheme in e.g. draft-gont-flowlabel-security, then you might argue that the FL could be exploited to track me (or well, actually identify my host in my local network, even if I'm using privacy addresses). But this is already the case for virtually all protocol parameters on which there's some room for choice. (From TCP's initial window to IPv6 Hop Limit value, etc.) Thanks, -- Fernando Gont e-mail: ferna...@gont.com.ar || fg...@acm.org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
