Hosnieh, am Mon, Apr 29, 2013 at 11:17:43PM +0200 hast du folgendes geschrieben: > I guess that we are at an impasse again. I just want to make it clear to > everyone that this proposed draft of yours doesn't really do anything > substantial for privacy issues and I find it misleading to mention privacy > in the title.
you seem to argue that privacy can only be mentioned if the protection is absolute. Fernando argues that even small steps are worthwhile. The main question seems to be if Fernando's draft has enough privacy value in itself apart from stable addressing that is not based on Ethernet MAC addresses. It does seem to me that to the outside world a globally unique identifier is no longer presented to the world in an address that is fixed for a given (network, host) tuple. Obviously this does not help against local attackers that can query for the MAC and obviously this does not help against ongoing tracking of the concrete host within that single network from the outside world. Fernando does not argue against using privacy extensions as an addition to this solution. Windows resorted to use some random identifier instead of EUI64 addresses by default in order not to leak the MAC address. This draft just proposes a similar algorithm for stable autoconfiguration. The title says "privacy-enhanced", maybe "Stable non-IEEE-identifier-based Addresses" (with a cuter title made up by a native speaker) would explain the goal in the title a bit more clearly. You wouldn't argue against listing the privacy benefits this has over the traditional way of EUI64-based SLAAC address assignment, I presume? Kind regards Philipp Kern
signature.asc
Description: Digital signature
-------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
