On Feb 19, 2013, at 9:31 AM, Alexandru Petrescu <alexandru.petre...@gmail.com> wrote:
> Le 18/02/2013 22:07, Roger Jørgensen a écrit : >> On Mon, Feb 18, 2013 at 9:36 PM, Scott Brim <s...@internet2.edu> >> wrote: >>> I have the usual concerns about privacy. I have no problem with >>> someone knowing the endpoint that is communicating is associated >>> with a vehicle (or that I, a human, am communicating from a >>> vehicle). However, if someone can map easily from an IP address to >>> a VIN (thus knowing the specific vehicle from which the >>> communication is happening), and I have no choice but to reveal >>> that information in order to communicate at all, I am not >>> comfortable. In general, as an architectural principle, I want the >>> option to control how much personal information I reveal. That's >>> called privacy. > > Scott, > > I agree privacy is important. > > An alternative method from R. Bless proposes to use a SHA output in the > prefix field of an address. This has an advantage with respect to > privacy - it's hardly feasible to reversely derive the VIN of the > vehicle from the IPv6 address, slide 6 of > http://www.lara.prd.fr/_media/ipv6-its/2012-03-26-seis-kit-ietf83-its.pdf Actually, I suspect that if the "OEM-specific-256bit Key" gets exposed then determining the VIN will be fairly trivial -- I guess the answer is simply "well, don't leak the key then"? It is unclear to me who exactly generates the address -- if the manufacturer calculates it before it leaves the factory then this isn't as likely as if the vehicle does (because it would then need the key somewhere)… W > > That method alone has certain advantages, but also drawbacks. > > If we consider the problem to be as simple as "how to form IPv6 > addresses in a vehicle?" then one realizes that just forming a ULA > prefix for _within_ the vehicle may not be enough. Communication > outside the vehicle (e.g. between two vehicles) may involve links which > may not be just plain Ethernet, and hence impossible to just use RFC2464 > LL addresses on the outside of the vehicle. > > In some cases it _is_ possible to get along with just LL/Ethernet > addresses between vehicles, but if/when > geonetworking/other-vehicular-link-layers are used, then that may not be > enough. > > All in all, depending on the problem, the VIN-based addresses may be > necessary, provided that privacy concerns are addressed. > > Alex > > > >> >> Actual the problem is much simpler, it's not that easy to get the >> unique ID of a vehicle today, however with the proposed solution it >> become extremely easy. Sort of the same idea that caused IPv6 to >> create all IPs based on the mac address... we know how that ended, we >> created the privacy option. >> >> Do we want todo it all over again? >> >> >> > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -- It's a mistake trying to cheer up camels. You might as well drop meringues into a black hole. -- Terry Prachett -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
