On Wed, 22 May 2002, Hesham Soliman (ERA) wrote:
> => RFC 2460 has some text on this, anticipating SIIT.
> I actually had the same thoughts (as you), but was
> told about this praragraph in 2460.
Time to raise the question here then..
> > ==> Bad wording: "may be supported ... if ..."? Of course
> > all kinds of
> > specifications may be supported anyway. "Should"? "may
> > have to be"?
> >
>
> => OK we can reword it to: 'Cellular hosts may support MLD.
> MLD is needed if the cellular host is supporting applications
> that require the use of multicast services.'
Sounds good.
> > The GGSN always provides an Interface Identifier to
> > the mobile host.
> >
> > ==> Is that IID trackable? If so, this might be worth mentioning in
> > security considerations' second "bullet": If IID is
> > trackable (like EUI64
> > is), changing the prefix doesn't help with privacy.
>
> => The IID for the _link-local_address_only.
> The host can use any other IIDs for addresses
> with scopes larger than the link-local one.
> No security issues here.
100% same applies to e.g. IID addresses based on Ethernet MAC-addresses.
If IID is trackable like Ethernet MAC, and implementors/operators don't
realize this, they every probably use the same IID by default for global
addresses too because that's the easiest way. And thus the problems.
I'm not saying this is a critical thing, but if e.g. IID is derived from
the e.g. cellular subscription ID's, _some_ might disagree. So I think
this issue should be brought in the open, e.g.:
--8<--
This means that 3GPP networks will already provide a
limited form of addressing privacy, and no global tracking of a
single host is possible through its address
--8<--
==> if IID part of a global address is trackable, the prefix part of the
address is irrelevant and this argument would be moot. (Of course
depending a bit on the exact details of 'addressing privacy'.)
> => There is another DT in NGTRANS that will
> address transition for 3GPP networks. So I'm
> not sure howuseful this appendix is right now.
I agree.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
