On Wed, 22 May 2002, Hesham Soliman (ERA) wrote: > > > > is), changing the prefix doesn't help with privacy. > > > > > > => The IID for the _link-local_address_only. > > > The host can use any other IIDs for addresses > > > with scopes larger than the link-local one. > > > No security issues here. > > > > 100% same applies to e.g. IID addresses based on Ethernet > > MAC-addresses. > > > > If IID is trackable like Ethernet MAC, and > > implementors/operators don't > > realize this, they every probably use the same IID by > > default for global > > addresses too because that's the easiest way. And thus the > > problems. > > => Agreed. Hence, RFC3041, which is generic for all IPv6 > nodes. So an implementer of a cellular host can follow > RFC3041 too.
Ok. See below. > > I'm not saying this is a critical thing, but if e.g. IID is > > derived from > > the e.g. cellular subscription ID's, _some_ might disagree. > > So I think > > this issue should be brought in the open, e.g.: > > > > --8<-- > > This means that 3GPP networks will already provide a > > limited form of addressing privacy, and no global > > tracking of a > > single host is possible through its address > > --8<-- > > > > ==> if IID part of a global address is trackable, the > > prefix part of the > > address is irrelevant and this argument would be moot. (Of course > > depending a bit on the exact details of 'addressing privacy'.) > > => The IID part for link-local addresses is essentially > a random number. Ok, this is what I really was after. Whether it could be generated from some contract number, or whatever. >There is nothing in 3GPP that specifies > how it should be generated.In fact, depending on how you > implement the GGSN, you could use the same IID for > all decives because each link is p2p and each device > has a separate prefix. Do the nodes also adapt that IID (unless they use RFC3041) for the global/site-local address? >So, maybe we can add something > to say that hosts are encouraged to use 3041. 3041 isn't really all that beneficial if IID part is already quite random (and is changing from time to time, e.g. in the scope of a day or week). What I was after was some informational statement on what kind of IID's are used in these networks; whether RFC3041 depends much on that. I don't think it was apparent from the draft without going into 3GPP specs. >But > there is no globally unique token in the IID that will make > a 'device or user' trackable. What about draft-dupont-ipv6-imei-00.txt? (The beef of the draft seems to be the "universal" part, but I'm curious about IMEI here.) -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
