On 08/12/2013 07:31 AM, Ole Troan wrote: >> One thing is some node using an address to communicate with you. >> Another thing is that other node being able to learn other >> information by means of such address. >> >> -- e.g, since the IID changes from one network to another, you >> cannot track the device. > > this brings us to the larger issue of how an application should > choose an address type. if I wanted "privacy" (assuming some > suspension of disbelief (that choice of a particular address results > in better privacy)), I would use a temporary address.
That depends on a variety of factors, including (but not limited to): * Whether you need stability for your address * Whether temporary addresses are acceptable in your environment (many enterprises disable temporary-addresses, but would benefit from stable-privacy) > this draft is about stable addresses. a use case for a stable > address/public address, is to provide a service. that would typically > mean it is published in DNS or available via some form of service > discovery. that is, an address I explicitly don't want to be > private. Please see above. Besides, receiving incoming connections does not man many of the threats described in <http://www.ietf.org/id/draft-cooper-6man-ipv6-address-generation-privacy-00.txt> are acceptable. >>> the use of "privacy" confuses it with RFC4941 addresses, which >>> these addresses do not replace. >> >> Actually, RFC4941 are called "privacy extensions" (which isn't >> incorrect), since those temporary addresses have interesting >> privacy features. Probably, people assumed temporary == privacy >> because, before stable-privacy-addresses you didn't have any other >> privacy-enhanced addresses. >> >> Both RFC4941 and stable-privacy-addreses are "privacy addresess" >> -- RFC4941 are temporary, while stable-privacy are stable. > > as soon as an address is used externally it isn't private anymore. "privacy" doesn't mean that your address is "unknown". It means that it doesn't leak more info than necessary. >>> "Stable per-network Addresses for IPv6 Stateless Address >>> Autoconfiguration (SPN-SLAAC)"? >> >> An address could be "stable per network" without having any >> interesting privacy/security features. For instance, traditional >> slaac addresses are "stable per network", too. > > true. any other suggestions that does not contain the word > "privacy"? I don't want to explain to my dad (substitute with your > favourite family member), why he is still being tracked across > web-sites (AppNexus, Bluekai, Brightroll, Facebook Connect, Google > Analytics, Google Adsense, OpenX, Taboola...) when he explicitly > chose to use a privacy enhanced address for the communication. Because he didn't use a privacy-enhanced app? He'd be tracked based on the app rather than based on the underlying address. Besides, tracking is just one aspect (see the others in Alissa's document). >> Me, I don't care much about the title. However, given that folks >> have become used to refer to this scheme as "stable-privacy >> addresses", and that so far alternative titles don't seem to do a >> much better job, I'd leave the title "as is". > > "random Network Stable Addresses for IPv6 Stateless Address > Autoconfiguration (NSA-SLAAC)" :-) That's a non-starter name, based on recent "events". ;-)) -- Fernando Gont SI6 Networks e-mail: fg...@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
