Hi Hannes, > I was pointed to a mailing list exchange about privacy (namely > http://www.ietf.org/mail-archive/web/rrg/current/msg07169.html) and I got a > bit confused by what has been written. > > There has been prior work on mobility & privacy described in RFC 5726. There > are tussels everywhere in protocol design, not only regarding privacy, but > that does not mean that you cannot provide any form of privacy protection > when having mobility support.
Well, in a native identifier/locator split architecture, there are even more issues. ;-) If I can briefly summarize: each host would be associated with an identifier at a given point in time. An identifier can have global or local scope. A host can be 'mobile' within the scope of the identifier that it is using, and this includes transport session continuity when its correspondents also support the architecture. Note that 'mobile' in this case implies that it is relocating itself topologically and changing its locator(s). This is orthogonal to any virtual topologies, such as are created by Mobile IP. > Btw, using the same terminology often helps in discussion. For this purpose > we have recently published a terminology document > https://wiki.tools.ietf.org/html/draft-hansen-privacy-terminology-01. > Feedback is appreciated. If I can (ab)use your terminology, the issue that we run into is the desire for anonymity and unlinkability in this architecture. It is clearly somewhat challenging to provide anonymity when a node is using a global identifier. ;-) Ergo, the architecture specifically makes a provision for hosts to also change identifiers when they roam. I think that the existence of the RFC and this draft are sufficient to make the point that there is in fact, a requirement for privacy. Regards, Tony _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
