Brian E Carpenter wrote:
Ray,
On 2012-03-31 02:04, Ray Hunter wrote:
...
The idea being that authorized persons e.g. law enforcement and network
managers SHOULD be able to correlate activity at a later date (for legal
compliance, logging, fault finding etc.) whilst an attacker or
unauthorized person SHOULD NOT.
If you were a blogger sitting in an Internet cafe in a country governed
by a repressive regime, you would probably hold a different view.
Brian
Please let's not take this out of context. We're talking about
obfuscating interface identifiers. If I'm sat in an Internet cafe in a
repressive regime (and I have visited and worked in various countries
around the World, including one that fingerprinted me on entry, one that
took a full body scan capable of looking through clothes, and one which
is known to operate firewalls and passive monitoring on all
International links), obfuscating an interface identifier is not going
to protect my rights. That repressive regime would anyway likely have
access to a copy of my passport or ID card, my network login
credentials, the time I entered the Internet cafe, which seat I was sat
on, a report from my neighbors, details of my phone's SIM card, man in
the middle HTTPS monitoring, my MAC address, the /64 prefix I was using,
a key logger running on the ISP host, a camera pointed at the screen .....
I do not attempt to define "authorized persons" any further than
providing an example. I express no preference whatsoever on the question
of whether privacy is desirable or not on this list, nor to what
standard, nor where the balance lies between rights of the state or
corporation and the rights of the individual, nor whether particular
laws are sensible or not.
I'm just trying to comply with local laws when giving advice to
companies operating in countries where I provide consultancy. And many
of those local laws include a requirement for corporations to retain a
log of IP addresses, network communications, and user credentials for
several months, and to provide access to this information to "authorized
persons" when necessary, even though they are some of the most liberal
regimes in the World.
regards,
RayH
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------