Le 05/04/2013 07:41, Roger Jørgensen a écrit :
On Thu, Apr 4, 2013 at 3:13 AM, Michael Richardson
<mcr+i...@sandelman.ca> wrote: <snip>
If I can derive the VIN from the prefix, I agree that it helps
identify the vehicle, but not really. If any of this stuff is
going to be useful, there will already be a collision avoidance
protocol that will tell each car (even when they are parked) where
the other vehicles are, so that they can be avoided.
If I can rederive the prefix from the VIN, then it seems we also
have problems.
What I'm saying is that I don't think that there are *new* privacy
problems here.
it's nothing really new with VIN's and IPv6, it's more that we again
was on the way of doing what has been done before and considered a
not so good idea.
Ok.
There are now the Privacy Extensions to SLAAC. But does that mean that
the non-privacy addresses (i.e. a typical MAC-derived IID) are
forbidden? I wouldnt think so, no?
Doing 1 to 1 match between a hardware address and an IPv6 address,
and add meaning into the IPv6 address instead of treating it for
what it is, just an address that should be generated somehow other
than directly from a hardware address.
Ok. Sounds reasonable. Especially with IPv4: it's just a number.
Although practice sees the .1 be the default router, or
.254 for that matter, or other extreme of a subnet range.
And, as with IPv4, in IPv6 there exist particular meanings to some
addresses: the prefix fe80, the prefix ff, the ug bits, the fffe inner
16bits of an EUI-64, the anycast Interface ID, to name a few.
Is there a privacy risk of knowing that that src addresses watches the
movie on that particular IPv6 multicast group?
With the VIN-IID proposal (not the VIN-ULA prefix proposal), we dont
quite propose 1:1 mapping, but a selection of VIN fields to map into an
IID. A full 1:1 mapping VIN-IID is not possible because one is 78bits
the other is 64bits. (and yes, the proposed mapping may have issues
with a particular privacy risk, and it may help with some applications.)
That it also has a privacy side issue with it don't make it any
better. Plenty of suggestion on how that can be used have been
mention.
Right. To avoid the particular privacy risk of reverse mapping IID-VIN,
one may use the output of a hash of the VIN. That would be ok to
respect privacy, yet it would disallow the applications which may need
this reverse mapping.
Alex
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
