> Jon Crowcroft suggested a nice idea a few years ago, although for a different reason: > sourceless network architecture (yes, a pun on SNA). > > Send packets with no source address, and you make the metadata much less useful. > (Of course, if the packet is to get a reply, the source address needs to be > encrypted in the payload.) > > As a retro-fit, this is a bit tricky - you'd probably have to set a dummy source > address, and that would have to be one that would not get filtered. > > www.cl.cam.ac.uk/~jac22/talks/sna.ppt
There may be a halfway measure that is simpler to implement than just zeroing the IP address. Something along the lines of the IPv6 "privacy" addresses. If the source address that I use changes often, then the correlation of traffic over time becomes more difficult. Of course, the IPv6 privacy addresses only randomizes the lower 64 bits of the address, leaving the top 64 as a perfectly stable reference for correlation. But if the ISP cooperates, maybe we can get the top 64 bits to also change often. -- Christian Huitema _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
