On 06/19/2013 10:09 AM, Hosnieh Rafiee wrote:
In my opinion, if the purpose of your scan is the last one, then this is a
security issue. If it concerns users' information, then it is a privacy
issue. If you think that it is out of the scope of this group to deal with
the users' data, then it is probably not the right place to discuss users'
privacy issues too.
Hosnieh,
It seems that you are combining too many things into the same category,
and trying to make "all or nothing" judgments about them. If I'm right
about that (and I very well might not be) then I think your perspective
is wrong.
The original purpose of what became 4941 was to avoid the stable lower
64 bits of an address being used by third parties to track a device/user
as it moved from network to network. Referring to them as "privacy"
addresses was a convenient shorthand that more or less accurately
conveys their intended purpose.
However 3041 was published in 2001, and even though IP address related
tracking was still the primary method of user tracking on the web (which
was the primary, but not exclusive motivator for the privacy extensions
in the first place) at the time 3041 was written it was already being
replaced by other, more sophisticated methods. Now IP addresses are
merely 1 data point in the vast ocean of data that is collected for a
user on the web, and because of NAT and other reasons it is not even
relied on that heavily. So at least in terms of web-related stuff, 4941,
or other similar mechanisms, are of very limited utility for protecting
users' privacy. One can make the argument that they are useful in other
areas however, so to be clear I'm not suggesting that we remove them.
For what it's worth I am in agreement that the larger topics of
communication security are outside the scope of this WG.
In relation to draft-ietf-6man-stable-privacy-addresses I remain
unconvinced that it is necessary at all, and oppose its publication.
There are 2 well-defined use cases, places where addresses need to be
tracked (like businesses), and places where they don't. If addresses
need to be tracked, turn off 4941. If they don't, you can turn it on. I
have yet to see a convincing argument for a third use case that would be
covered by the draft, and at this point any changes to the IPv6 spec
need a VERY convincing use case.
Doug
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
