On Mar 7, 2014, at 9:46 PM, Reinaldo Penno (repenno) <[email protected]> wrote:
> There are several paid VPN services that provide anonymity through > addresses sharing. This is becoming more and more popular these days. > > It is public to public translation where you get a shared IP address on > purpose. This is not for attack purposes but just to reduce tracking by > third-parties. > > I would think that people interested in these services will continue to > use them but public IPv6 to public IPv6. Sure, and those services won't log and won't emit any of the identifiers in RFC6967. draft-boucadair-intarea-host-identifier-scenarios is trying to explain when such an identifier is useful; not when it isn't useful. -d > > On 3/7/14, 12:31 PM, "Dan Wing (dwing)" <[email protected]> wrote: > >> >> On Mar 6, 2014, at 6:03 PM, Brian E Carpenter >> <[email protected]> wrote: >> >>> a) Since this is fixing some of the damage done by NAT, it's >>> really unfinished business for BEHAVE, which if iirc was a >>> Transport Area WG. Just saying... >>> >>> b) The word "privacy" doesn't appear in the draft. Discussing >>> privacy aspects is clearly essential if there is any thought of >>> advancing this work. Actually I doubt if such a host ID is ever >>> going to be acceptable from a privacy point of view, unless the >>> end system is at liberty to change it at random (like RFC 4941). >> >> I interpret your statement to mean that address sharing is a desirable >> security property. If that interpretation is correct, where does that >> leave IPv6? >> >> >>> c) A hard-nosed argument is that since we want to sunset IPv4, >>> it's time to stop working on ways of making NAT solutions work >>> better. Is there anything in the use cases that can't be fixed by >>> native IPv6? >> >> Yes, attackers won't move to IPv6 if IPv4 provides them a superior way to >> hide their activities. There are attackers already using IPv4 CGN to >> obfuscate themselves. >> >> -d >> >> >>> >>> (The use case in expired draft >>> http://tools.ietf.org/html/draft-sarikaya-fmc-prefix-sharing-usecase-01 >>> is not at all convincing to me, especially when adding the privacy >>> argument. It actually seems to describe a bug in 3GPP. But in any case, >>> the draft appears to suggest mitigations.) >>> >>> Regards >>> Brian >>> >>> On 07/03/2014 05:28, joel jaeggli wrote: >>>> Greetings int-area and hiaps-mailing-list folks, >>>> >>>> I realize that this is midweek at the IETF, however this question is >>>> not >>>> far from several discussions I've had this week. >>>> >>>> I have been asked to consider AD sponsoring >>>> >>>> http://tools.ietf.org/html/draft-boucadair-intarea-host-identifier-scena >>>> rios-04 >>>> >>>> In the process of considering doing so I'd like to get some input with >>>> respect to: >>>> >>>> A. The appetite for pursuing some or any of this work in existing >>>> working groups, and in particular within the INT area. >>>> >>>> B. A consensus basis for moving beyond RFC 6269 into active work in >>>> this >>>> area. >>>> >>>> C. How we address concerns raised by the IETF community expressed >>>> through draft-farrell-perpass-attack when evaluating scenarios and >>>> beginning to address requirements and solution-space. >>>> >>>> Obviously these are complex questions and I do not expect that we will >>>> arrive at answers easily nor does work on this or other drafts depend >>>> on >>>> answering them, however it's part of the dialog. >>>> >>>> Thanks >>>> joel >>>> >>>> >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> _______________________________________________ >>>> Int-area mailing list >>>> [email protected] >>>> https://www.ietf.org/mailman/listinfo/int-area >>> >>> _______________________________________________ >>> Int-area mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/int-area >> >> _______________________________________________ >> Int-area mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/int-area > _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
