On 04/27/2013 01:51 PM, SM wrote: > Hi Fernando, > At 12:13 26-04-2013, Fernando Gont wrote: >> In some scenarios, that's impossible. Trivial example: If you have a >> network with a single host attached to it, no matter whether you change >> your address periodically (*), it will be possible to correlate the >> hosts' activities. >> >> (*) That of changing your addresses *periodically* actually helps >> correlation. > > What Alissa suggested is using "some" instead of "most". It's a very > small change to the draft. The advantage of doing it is that you can > tell a reader that the draft says "some" instead of "most" if there are > ever any privacy issues.
There are essentially three privacy issues: * main one: IIDs that are constant across networks (this is the one that is very harmful) * second one: correlation of node activities within the same network. In many cases, no matter whether you change your addresses, it won't be solved. * third one: leaking information about the IID, which could allow attackers to guess the addresses of other alive nodes. This document fixes #1 and #3. Regarding #2, it may or may not be "addressed" with RFC 4941. That's why this document says "addresses most privacy issues...". That said, I don't care s/most/some/ -- consider that change done, for instance. -- the meat of the document is elsewhere, and not in that sentence. Thanks, -- Fernando Gont SI6 Networks e-mail: fg...@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------