Re: Notes about identifier - locator separator

[Michael Richardson <mcr@sandelman.ottawa.on.ca>]

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Tony" == Tony Li <Tony.Li@procket.com> writes:
    Tony> I know less about security than Ran, but wouldn't having a number
    Tony> of pseudonyms help avoid the privacy issue?

  Ran's point is that nobody is depending upon the IP addresses 
(whether they are locators or end-point identifiers) to do tracking.

  Hiding the IP address, or even changing it for every transaction doesn't
help.

  First, many sites do use cookies, and many web browsers are complicit
in this.
  Second, HTTP provides the Referrer:, which is very useful.

  Finally, as Ran says, there are lots of tools that just figure it out
anyway, probably based upon timing, and looking at probably content.

  However - I think that in most cases, this requires the help of one
end point.  There is still some value in keeping the locator unknown
to intermediate network elements. I don't make this a very high concern.

  Those who want privacy have multiple ways of getting it. All come at
a cost, but for many it is worth it.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPcw8PIqHRg3pndX9AQFT8wQAsff6yZGh/dK0VDBeUgIPae4lnikd+sPz
hDuOaJzQh4IBw8nQSmIPc9voKUdK/s2xjwO1M7HZ8zB8BYTwZAZlFbauAMs3L7eO
ZklhgWqj2swf83DgZUHioqXXO8W6iOoC8EJDwmyJDGgMDik4pU0flcJBWP/Tez/e
+rMoKqt6ZN4=
=bwaH
-----END PGP SIGNATURE-----