Hosnieh, On 04/27/2013 04:20 PM, Hosnieh Rafiee wrote: > I do not think repeating what I explained before will be of much help. I > never received any responses from my last discussions with Fernando so I am > not going to continue that discourse.
FWIW, I responded to your messages. However, most of them did not really have to do with this document. > I agree with the part where he focuses on an algorithm for IID generation, > but this will have no effect on privacy so claiming to solve the privacy > problem by keeping the same IID for a node in a same network is not true. Please read: Dupont, F., Savola, P. 2004. RFC 3041 Considered Harmful. IETF Internet-Draft (draft-dupont-ipv6-rfc3041harmful-05.txt), work in progress. Escudero, A. 2002. PRIVACY EXTENSIONS FOR STATELESS ADDRESS AUTOCONFIGURATION IN IPV6 - ‘REQUIREMENTS FOR UNOBSERVABILITY. RVK02, Stockholm. Available at: http://web.it.kth.se/~aep/PhD/docs/paper3-rvk2002.pdf > This means that if I do not use a mobile node, I will generate the same IP > address until I receive another prefix from the router. If you are a single node on a givn network, changing your address doesn't help much. > He claims this is > good for printers or nodes that need a fixed IP address. I never claimed this. And discussion gets a little bit weird when you argue that people claimed things they didn't. > He believes that > having a different IID from the same router prefix does not help with the > privacy. If you read draft-ietf-6man-stable-privacy-addresses, you'll realize that this method is not meant to be a substitution of RFC4941. We just note that, in some scenarios, it might be good enough. > But I strongly disagree with this. During the time that the node > has the same IID, I as an attacker can easily track this node and, gain > enough information about this node, for later when the node comes with a > different router prefix, I have more chance to correlate this node with the > previous data I obtained from it while it had the IID with previous router > prefix. Not sure what you mean. Please elaborate. > About having the same IID for some nodes, I think that this is really > related to the network policy and has nothing to do to with standards but Is > more a deployment issue. We do care about deployment, don't we? > Currently some network administrators themselves > consider this issue so there is no need to tell them how to do this. huh? Thanks, -- Fernando Gont SI6 Networks e-mail: fg...@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
