> In other emails >"you said X", when I never said such a thing.
First, I did not talk on behalf of you. Probably there is misunderstanding in the meaning of the following sentence in my last email (not emails). >Since Fernando’s proposal is not going to solve the current problem with RFC >4941, I have suggested to him, on several occasions, that he resolve this >problem so that the node's privacy will be better >protected but he ignored >this suggestion and claiming that his purpose is different. The meaning of this sentence, if there was misunderstanding: (Based on your responses in the list to me) You are not planning to update this document for whatever reason that you have or explained AND you want to have your draft as one of " several optional standards" as others mentioned. http://www.ietf.org/mail-archive/web/ipv6/current/msg16862.html http://www.ietf.org/mail-archive/web/ipv6/current/msg16859.html http://www.ietf.org/mail-archive/web/ipv6/current/msg17710.html Privacy as I defined it before : " The information in my bank account is my private information and as such should be known to no one. This is privacy., i.e., the information that I do not want to be shared with anyone without my permission: it is so private for me. But by having the same IP address for a long period of time can lead to the leakage of private information. This is why I said that changing the IID from the same network would help. I did not say that the RFC Privacy Extension is perfect. (Nothing in life is perfect. We just strive for perfection but never really attain it.)" "Why I think that privacy is more an application layer (and in other posts I said, upper layer than IP) issue than an issue with the other layers an why the IP layer might cause problem in this vain. As an example suppose a criminal follows someone with the name A, Using his IP address to follow A he can then find his location and decide on a location for committing his misdeed, like killing him. Then the IP address proved harmful to his privacy because it exposed information about him to the this criminal. In another example A travels a lot. If a robber follows his IP and knows that he is not at home, he can easily ransack his house. This is again the IP layer causing harm to privacy." -My concern that I repeated in my posts: If I stay in an x network for more than certain period of time I might be a victim of privacy attacks. The risk of attack depends on the X time. -Having stable address helps: Depends on X. if it is short, Yes, but if I am permanently in that network and router prefix does not change, NO. -Possible solution: Change my IP address within the same network too. -How: set a lifetime to my IP address. My second concern: moving from and to network a to x. Question: Do I have the same IP in each of these networks? If yes, I might be a victim. - Having stable address helps: If I have the same IP every time I enter to these networks and/or I stay in each networks more than x time, It might not help as the attacker have a chance to still correlate my information to my IP. Is RFC 4941 can be of any help? It might be but needs some improvements. @ list: If you think RFC 4941 not really helps for privacy, why do you concern about implementations that use this RFC and talking about backward compatibility? In my opinion, If I am a vendor and I see there is no update on a RFC, I assume that it is not a serious concern so when the new optional RFCs do not address my concerns, I still try to implement it for any new OS (using the same old code from my old OS). @Fernando: If you are so frustrated (for misunderstanding or whatever reasons) Why don't you bring your boxing gloves to Frankfurt main? :-) as I noticed you are speaker there as well as I. We can enjoy fighting there :-) -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
