Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Fri, 25 Mar 2011 01:30:48 -0300 Fernando Gont wrote: > On 16/03/2011 01:51 p.m., Brian Haley wrote: > > > I have an almost off-topic comment, but since I've seen no mention of it > > in any of these privacy threads... > > > > You have to assume in a large data center that almost every MAC ad

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 16/03/2011 01:51 p.m., Brian Haley wrote: > I have an almost off-topic comment, but since I've seen no mention of it > in any of these privacy threads... > > You have to assume in a large data center that almost every MAC address you > encounter is going to be randomly generated. Are they a

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 16/03/2011 09:48 a.m., Mohacsi Janos wrote: > As RFC 4941 says: > > Changed the default setting for usage of temporary addresses to be > disabled. > > and also: > " > Additionally, sites might wish to selectively enable or disable the >use of temporary addresses for some prefixes. For ex

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 16/03/2011 11:14 a.m., Yu Hua bing wrote: >> Our draft is not meant to propose "not to use privacy addresses" -- as >> noted a few times, already, the proposed mechanism could be used to turn >> "privacy addresses" on for some systems that have decided not to enable >> them by default (e.g., Fre

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Le 16 mars 2011 à 07:30, Christian Huitema a écrit : ... > In fact, rather than your draft proposing to not use privacy addresses, we > should pursue the deprecation of using EUI-64 in addresses. -1 > The worst part of your draft is that , if we published it, it would give the > impression th

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 03/12/2011 06:29 AM, Fernando Gont wrote: > On 09/03/2011 08:17 a.m., Mikael Abrahamsson wrote: > >>> I recommend that folks read the above draft. I haven't seen the >>> I-D announcement get cross-posted to the IPv6 WG, perhaps due to >>> the volume of recent I-D postings, and the topic seems

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Our draft is not meant to propose "not to use privacy addresses" -- as noted a few times, already, the proposed mechanism could be used to turn "privacy addresses" on for some systems that have decided not to enable them by default (e.g., FreeBSD). Windows provides the command line to turn on

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Wed, 16 Mar 2011, Fernando Gont wrote: On 16/03/2011 03:30 a.m., Christian Huitema wrote: Then what's all this controversy with draft-gont-6man-managing-privacy-extensions? :-) -- That aside, there have been quite a few publications asessing the real "privacy" provided with the so-called

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 16/03/2011 03:30 a.m., Christian Huitema wrote: >> Then what's all this controversy with >> draft-gont-6man-managing-privacy-extensions? :-) -- That aside, >> there have been quite a few publications asessing the real >> "privacy" provided with the so-called privacy-extensions > > Using ran

Re: draft-gont-6man-managing-privacy-extensions-00.txt

> > Why would you find it acceptable to have the ISP assign you the complete > > address e.g. with DHCP, then? > > In the context of a user requiring privacy protection, it isn't acceptable. > As far as I know, what the ISP will assign is a prefix; the individual > host addresses are locally assig

RE: draft-gont-6man-managing-privacy-extensions-00.txt

> Then what's all this controversy with > draft-gont-6man-managing-privacy-extensions? :-) -- That aside, there have > been quite a few publications asessing the real "privacy" provided with the > so-called privacy-extensions Using randomized host identifiers is way more private than sticki

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Hi, Brian, On 15/03/2011 07:16 p.m., Brian E Carpenter wrote: >>> I agree. I sort of accept that an ISP can know my addresses in use, in >>> part because they gave them to me. However, for an ISP to not let me >>> choose if I want to use privacy addresses on the Internet would >>> be completely un

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Fernando, On 2011-03-16 00:55, Fernando Gont wrote: > On 09/03/2011 05:49 p.m., Mark Smith wrote: >> I agree. I sort of accept that an ISP can know my addresses in use, in >> part because they gave them to me. However, for an ISP to not let me >> choose if I want to use privacy addresses on the In

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 09/03/2011 05:49 p.m., Mark Smith wrote: > I agree. I sort of accept that an ISP can know my addresses in use, in > part because they gave them to me. However, for an ISP to not let me > choose if I want to use privacy addresses on the Internet would > be completely unacceptable. Why would you

Re: draft-gont-6man-managing-privacy-extensions-00.txt

>>> It doesn't. The I-D aims at allowing routers specify which policy they want >>> hosts to employ when generating their IPv6 addresses. >> >> Uh? I definitely don't want to give the router at Starbucks the means to >> specify the privacy configuration of my laptop. >> >> I understand that cor

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Sat, 12 Mar 2011 21:57:14 -0300 Fernando Gont wrote: > On 12/03/2011 09:44 p.m., Christian Huitema wrote: > > >> It doesn't. The I-D aims at allowing routers specify which policy > >> they want hosts to employ when generating their IPv6 addresses. > > > > Uh? I definitely don't want to give

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Hi, James, On 09/03/2011 04:08 p.m., james woodyatt wrote: > About the H-bit in the PIO it proposes, the draft says this: > > When set, this bit indicates that hardware-derived addresses SHOULD > be used when configuring IPv6 addresses as a result of Stateless > Address Autoconfiguration. When n

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 12/03/2011 09:44 p.m., Christian Huitema wrote: >> It doesn't. The I-D aims at allowing routers specify which policy >> they want hosts to employ when generating their IPv6 addresses. > > Uh? I definitely don't want to give the router at Starbucks the means > to specify the privacy configurati

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 03/12/2011 16:44, Christian Huitema wrote: It doesn't. The I-D aims at allowing routers specify which policy they want hosts to employ when generating their IPv6 addresses. Uh? I definitely don't want to give the router at Starbucks the means to specify the privacy configuration of my lapt

RE: draft-gont-6man-managing-privacy-extensions-00.txt

> It doesn't. The I-D aims at allowing routers specify which policy they want > hosts to employ when generating their IPv6 addresses. Uh? I definitely don't want to give the router at Starbucks the means to specify the privacy configuration of my laptop. I understand that corporation want to en

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Hi, Dan, On 10/03/2011 04:57 p.m., Dan Wing wrote: >> Doesn't a combination of RFC4941 and NPTv6 produce the necessary >> privacy over both parts of the IPv6 address? >> (BTW thats a question from an interested observer new to this topic, >> not a statement - I started following this thread and en

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 2011-03-13 00:11, Fernando Gont wrote: > On 09/03/2011 03:49 p.m., Brian E Carpenter wrote: >>> I don't think it solves what it thinks it solves, but if this REALLY >>> should be implemented, it's my initial thinking that the H flag should >>> be a MUST demand to only have ONE and only one MAC-b

RE: draft-gont-6man-managing-privacy-extensions-00.txt

> Blue sky: Could the SP allow privacy addresses, at least for global use, and > log its own mappings between privacy > addressses and MACs or other persistent identifiers? Then it can always > trace back to determine who did what if necessary. That's more or less what Windows does by default.

Re: draft-gont-6man-managing-privacy-extensions-00.txt

> Blue sky: Could the SP allow privacy addresses, at least for global > use, and log its own mappings between privacy addressses and MACs or > other persistent identifiers? Then it can always trace back to > determine who did what if necessary. I'm sure service providers *could* do this. But it's

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Fri, Mar 11, 2011 at 08:01, Mark Townsley wrote: >> On Mar 11, 2011, at 3:32 AM, Christian Huitema wrote: >> >> I'm saying the reasons people are tempted to disable RFC4941 are >> misplaced. >> >> +1 >> >> Consider that if I want privacy and you won't let me use RFC4941, I >> might just make up

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 09/03/2011 08:17 a.m., Mikael Abrahamsson wrote: >> I recommend that folks read the above draft. I haven't seen the >> I-D announcement get cross-posted to the IPv6 WG, perhaps due to >> the volume of recent I-D postings, and the topic seems relevant. > > I don't think it solves what it think

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 09/03/2011 03:49 p.m., Brian E Carpenter wrote: >> I don't think it solves what it thinks it solves, but if this REALLY >> should be implemented, it's my initial thinking that the H flag should >> be a MUST demand to only have ONE and only one MAC-based IPv6 address >> according to EUI64. I woul

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Hi, Ran, On 09/03/2011 12:51 p.m., RJ Atkinson wrote: >> Just because privacy extensions is the only address widely seen >> today as being non-EUI64, doesn't mean that if you disable privacy, >> you get only single EUI64. > > The above is a very helpful clarification. > > Based on that, I agre

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 09/03/2011 11:57 a.m., Mikael Abrahamsson wrote: > If you want to know the mac address of the computer who used an IP > address at a certain time, then you need to tell the host to only use > EUI64 based address and nothing else, you don't tell it to disable > privacy extensions. This was exa

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 09/03/2011 09:19 a.m., huabing yu wrote: > (1)If "H" ("Hardware-derived addresses") flag is 1, it indicates that > the host SHOULD generate hardware-derived addresses, and doesn't > generate privacy addresses. > (2)If "H" ("Hardware-derived addresses") flag is 0, the author say that > this bi

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Hi, Mikael, On 09/03/2011 08:17 a.m., Mikael Abrahamsson wrote: >> I recommend that folks read the above draft. I haven't seen the >> I-D announcement get cross-posted to the IPv6 WG, perhaps due to >> the volume of recent I-D postings, and the topic seems relevant. > > I don't think it solves w

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Mar 11, 2011, at 3:32 AM, Christian Huitema wrote: >> I'm saying the reasons people are tempted to disable RFC4941 are misplaced. > > +1 > > Consider that if I want privacy and you won't let me use RFC4941, I might > just make up a new MAC address each time I connect. > > Consider also t

Re: draft-gont-6man-managing-privacy-extensions-00.txt

conductors >> >> >> -----Original Message----- >> From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of >> james woodyatt >> Sent: 10 March 2011 16:02 >> To: Ran Atkinson >> Cc: ipv6@ietf.org >> Subject: Re: draft-gont-6man-manag

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Mark Smith writes: > I also think there is a fundamentally incorrect assumption is being > made - that IPv6 addresses and humans are tightly coupled. Actually, if you look at trends, they are increasingly tightly coupled. Internet access by humans is increasingly through single-owner devices (r

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 03/09/2011 06:57, Mikael Abrahamsson wrote: If you want to know the mac address of the computer who used an IP address at a certain time, then you need to tell the host to only use EUI64 based address and nothing else, you don't tell it to disable privacy extensions. Just because privacy exten

RE: draft-gont-6man-managing-privacy-extensions-00.txt

> I'm saying the reasons people are tempted to disable RFC4941 are misplaced. +1 Consider that if I want privacy and you won't let me use RFC4941, I might just make up a new MAC address each time I connect. Consider also the effect of unique identifiers on tracking. The MAC address follows y

RE: draft-gont-6man-managing-privacy-extensions-00.txt

> -Original Message- > From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of > Paul Chilton > Sent: Thursday, March 10, 2011 10:18 AM > To: james woodyatt > Cc: ipv6@ietf.org > Subject: RE: draft-gont-6man-managing-privacy-extensions-00.txt > &g

RE: draft-gont-6man-managing-privacy-extensions-00.txt

> -Original Message- > From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of > Ran Atkinson > Sent: Thursday, March 10, 2011 4:10 AM > To: ipv6@ietf.org > Subject: Re: draft-gont-6man-managing-privacy-extensions-00.txt > > > On 10 Mar 2011

RE: draft-gont-6man-managing-privacy-extensions-00.txt

hread uncovered) Paul Chilton Low Power RF Solutions (formerly Jennic) NXP Semiconductors -Original Message- From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of james woodyatt Sent: 10 March 2011 16:02 To: Ran Atkinson Cc: ipv6@ietf.org Subject: Re: draft-gont-6man-man

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Mar 10, 2011, at 4:10 AM, Ran Atkinson wrote: > > It seems pretty clear that Fred's NPTv6 is going to be deployed in at least > some locations, albeit for entirely different reasons. I'm not sure if that > meets your definition of NAPT66 or not. It does not. NPTv6 only translates the netw

Re: RE: draft-gont-6man-managing-privacy-extensions-00.txt

; Cc: ipv6@ietf.org; Ran Atkinson > > Subject: Re: draft-gont-6man-managing-privacy-extensions-00.txt > > > > On 2011-03-10 00:17, Mikael Abrahamsson wrote: > > > On Wed, 9 Mar 2011, Ran Atkinson wrote: > > > > > >> > > >> <http://www.ie

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 10 Mar 2011, at 02:34 , Dan Wing wrote: > Nobody wants it removed in corporate deployments, either. That statement is far too strong; it simply is not true. > Consider for a moment an IPv6-enabled telephone, > on the desk of a Very Important Person at a company, ... (Laugh. I don't belie

RE: draft-gont-6man-managing-privacy-extensions-00.txt

> -Original Message- > From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of > Brian E Carpenter > Sent: Wednesday, March 09, 2011 10:49 AM > To: Mikael Abrahamsson > Cc: ipv6@ietf.org; Ran Atkinson > Subject: Re: draft-gont-6man-managing-privacy-exte

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 2011-03-10 09:49, Mark Smith wrote: > On Thu, 10 Mar 2011 07:49:29 +1300 > Brian E Carpenter wrote: > >> On 2011-03-10 00:17, Mikael Abrahamsson wrote: >>> On Wed, 9 Mar 2011, Ran Atkinson wrote: >>>

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Thu, 10 Mar 2011 07:49:29 +1300 Brian E Carpenter wrote: > On 2011-03-10 00:17, Mikael Abrahamsson wrote: > > On Wed, 9 Mar 2011, Ran Atkinson wrote: > > > >> > >> > >> > >> > >> I recommend that folks re

Re: draft-gont-6man-managing-privacy-extensions-00.txt

Hi Ran, On Wed, 9 Mar 2011 10:51:59 -0500 RJ Atkinson wrote: > > On 09 Mar 2011, at 09:57 , Mikael Abrahamsson wrote: > > Privacy Extensions is not the only mechanisms that might create an > > address to be used, thus I think the "disable privacy" flag is meaningless. > > > > If you want to k

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Wed, 09 Mar 2011 14:32:45 -0500 "Joel M. Halpern" wrote: > I would observe that we have multiple documents which note the > importance of traceability for "problem" resolution. Treating privacy > as an all-or-nothing thing is probably a misleading perspective. > It is extremely likely that

Re: draft-gont-6man-managing-privacy-extensions-00.txt

I would observe that we have multiple documents which note the importance of traceability for "problem" resolution. Treating privacy as an all-or-nothing thing is probably a misleading perspective. It is extremely likely that privacy addresses, and their bindings to homes or office desktops, wi

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 09 Mar 2011, at 13:49 , Brian E Carpenter wrote: > On 2011-03-10 00:17, Mikael Abrahamsson wrote: >> >> I don't think it solves what it thinks it solves, but if this REALLY >> should be implemented, it's my initial thinking that the H flag should >> be a MUST demand to only have ONE and only

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Mar 9, 2011, at 2:01 AM, Ran Atkinson wrote: > > > > I recommend that folks read the above draft. I haven't seen the > I-D announcement get cross-posted to the IPv6 WG, perhaps due to > the volume of rece

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 2011-03-10 00:17, Mikael Abrahamsson wrote: > On Wed, 9 Mar 2011, Ran Atkinson wrote: > >> >> >> >> >> I recommend that folks read the above draft. I haven't seen the >> I-D announcement get cross-posted t

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On 09 Mar 2011, at 09:57 , Mikael Abrahamsson wrote: > Privacy Extensions is not the only mechanisms that might create an > address to be used, thus I think the "disable privacy" flag is meaningless. > > If you want to know the mac address of the computer who used an > IP address at a certain ti

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Wed, 9 Mar 2011, huabing yu wrote: (1)If "H" ("Hardware-derived addresses") flag is 1, it indicates that the host SHOULD generate hardware-derived addresses, and doesn't generate privacy addresses. I think it should indicate that ONLY hw-derived address should be created, which by defintio

Re: draft-gont-6man-managing-privacy-extensions-00.txt

2011/3/9 Mikael Abrahamsson > On Wed, 9 Mar 2011, Ran Atkinson wrote: > > >> < >> http://www.ietf.org/internet-drafts/draft-gont-6man-managing-privacy-extensions-00.txt >> > >> >> I recommend that folks read the above draft. I haven't seen the >> I-D announcement get cross-posted to the IPv6 WG,

Re: draft-gont-6man-managing-privacy-extensions-00.txt

On Wed, 9 Mar 2011, Ran Atkinson wrote: I recommend that folks read the above draft. I haven't seen the I-D announcement get cross-posted to the IPv6 WG, perhaps due to the volume of recent I-D postings,