On 7/9/10 6:43 PM, Tony Li wrote:
hmm, I am also a 'mobility junkie' but that is precisely why I am
concerned about a globally unique, persistent, hard to change
identifier. Thinking out loud, how about instead of using the
privacy extensions make it possible (for an end user) to perform
some kind of one-way function on the EUI-64 address that can not be
related to the original hardware address. It would then be up to
the user to not apply this function, apply it once or apply it many
times, whatever the trade-off between location privacy and session
persistence of the user dictates.
That's a perfectly fine way to generate (but not validate) a locally
unique identifier. However, if you want your mobility with session
continuity, you're going to have to exchange that with
correspondents. As soon as you do, you've lost privacy.
Simply put: privacy is mutually exclusive with session continuity.
Pick one. Either is fine, but you can't have both. ;-)
well... not really, perfect privacy and perfect session continuity are,
I agree on that. What concerns me is that for the lifetime of my device
I will be traceable. I think it would be very desirable (again, not
aiming for perfection, just for a reasonable trade-off between privacy
and conituity) to have at least the *ability* to change your persistent
identifier without having to get a new device.
You talk about losing privacy with your correspondents, but what I am
worried about is losing privacy with the world, I choose who to
correspond with, but I don't want the world to be able to look up my
location.
"What? Is Tony again at Madame Jeanette today?" ;-)
draft-rja-ilnp-intro-03.txt does specify that cryptographically
generated id's or privacy extensions can be used, I hope that that will
not get lost in the process.....
Klaas
_______________________________________________
rrg mailing list
[email protected]
http://www.irtf.org/mailman/listinfo/rrg
