On 2/19/13 6:31 AM, Alexandru Petrescu wrote:
Le 18/02/2013 22:07, Roger Jørgensen a écrit :
On Mon, Feb 18, 2013 at 9:36 PM, Scott Brim <[email protected]>
wrote:
I have the usual concerns about privacy. I have no problem with
someone knowing the endpoint that is communicating is associated
with a vehicle (or that I, a human, am communicating from a
vehicle). However, if someone can map easily from an IP address to
a VIN (thus knowing the specific vehicle from which the
communication is happening), and I have no choice but to reveal
that information in order to communicate at all, I am not
comfortable. In general, as an architectural principle, I want the
option to control how much personal information I reveal. That's
called privacy.
Scott,
I agree privacy is important.
An alternative method from R. Bless proposes to use a SHA output in the
prefix field of an address. This has an advantage with respect to
privacy - it's hardly feasible to reversely derive the VIN of the
vehicle from the IPv6 address, slide 6 of
http://www.lara.prd.fr/_media/ipv6-its/2012-03-26-seis-kit-ietf83-its.pdf
That method alone has certain advantages, but also drawbacks.
If we consider the problem to be as simple as "how to form IPv6
addresses in a vehicle?" then one realizes that just forming a ULA
prefix for _within_ the vehicle may not be enough. Communication
outside the vehicle (e.g. between two vehicles) may involve links which
may not be just plain Ethernet, and hence impossible to just use RFC2464
LL addresses on the outside of the vehicle.
In some cases it _is_ possible to get along with just LL/Ethernet
addresses between vehicles, but if/when
geonetworking/other-vehicular-link-layers are used, then that may not be
enough.
I'm pretty sure one of my cars has an IMEI, a bluetooth mac address and
one on the wifi.
I would imagine that link layer technology would drive what sort of L2
identifer is used for a given technology e.g. wifi bluetooth
802.15.4 and so on. and that if that's a mac address it's
available for use as an upper layer identifier in a fashion we
understand.
All in all, depending on the problem, the VIN-based addresses may be
necessary, provided that privacy concerns are addressed.
A vin uniquely identifies a vehicle not a link layer interface. If you
application requires that (toll transponder does that effectively) then
need to expose that in some way to the application. address selection or
mac addresses for that matter is far too weak a mechanism to serve as an
identity token.
Alex
Actual the problem is much simpler, it's not that easy to get the
unique ID of a vehicle today, however with the proposed solution it
become extremely easy. Sort of the same idea that caused IPv6 to
create all IPs based on the mac address... we know how that ended, we
created the privacy option.
Do we want todo it all over again?
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
