Hi Fernando, On Jun 5, 2013, at 9:19 PM, Fernando Gont <[email protected]> wrote:
> On 06/06/2013 12:24 AM, Alissa Cooper wrote: >> I'll try to re-state one of my questions more simply, based on the >> -09: >> >> How is the attack explained in C.4 mitigated by the mechanism >> specified in draft-ietf-6man-stable-privacy-addresses-09? > > It doesn't. Good, that confirms what I thought. > For instance, Section B.1 explicitly says so (and this type > of attack is not meant to be solved by stable-privacy-addresses). > > In some scenarios, it can be mitigated with RFC 4941. Hoawever, as noted > in Section C.4, even ith RFC4941 there are scenarios n which yu cannot > do much about it. > Maybe it's just an organizational thing that makes me feel like this isn't clear -- in B.1 it says "However, as noted earlier in this document, in scenarios in which there is a reduced number of nodes …" but really that scenario is not discussed until later in the document (C.4). Then appendix C says that "It aims to clarify the motivation of employing the method specified in this document," but ends with the attack described in C.4, which is not mitigated by the mechanism specified in the document. I realize how this organization came about but it seems like it would make a little more sense to have each of the distinct threat models clearly described in one place in the body of the document, followed by a discussion of which threats the mechanism mitigates and which it does not. > > >>>> Which correlation attack vectors do random-per-network addresses >>>> mitigate that temporary addresses do not? >>> >>> See appendix B of drat-ietf-6man-stable-privacy-addresses. >> >> I see the above-quoted text has been updated to the following: >> >> In scenarios in which "temporary addresses" are employed, >> implementation of the mechanism described in this document (in >> replacement of stable addresses based on e.g. IEEE identifiers) >> would mitigate address- scanning attacks and also mitigate the >> remaining vectors for correlating host activities based on the node's >> IPv6 addresses. >> >> What "the remaining vectors for correlating host activities based on >> the node's IPv6 addresses" actually means is "the remaining vectors >> for correlating host activities across networks based on the node's >> stable IPv6 address," correct? > > Yes. If you think it'd be better to phrase it that way, I can update the > text accordingly. > Please do. Thanks, Alissa > Thanks! > > Best regards, > -- > Fernando Gont > SI6 Networks > e-mail: [email protected] > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > > > -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
