RE: Comments on draft-nordmark-multi6-threats-01

["Christian Huitema" <huitema@windows.microsoft.com>]

> > If by identifiers you mean the last 64 bits of an IPv6 address, then
I
> > certainly disagree. Mandating that hosts should use the same bottom
64
> > bits on every interface would have some severe privacy implications.
The
> > basic assumption should be that third parties should not be able to
> > correlate addresses/locators used on different interfaces or on
> > different networks without the host consent.
> 
> This is in the context of "identifier" as defined in the draft
> and nothing else:
>       identifier  - an IP layer identifier for an IP layer endpoint
>                     (stack name in [NSRG]).  The transport endpoint is
a
>                     function of the transport protocol and would
>                     typically include the IP identifier plus a port
>                     number.  There might be use for having multiple
>                     interfaces per stack/per host.
> 
> Do you still disagree?

Well, I don't know whether hosts should use the same identifier for
transactions with different third parties. Here, to, there are privacy
implications. If I had a choice, I would go for the minimal possible
requirement, i.e. an identifier for the abstract context for which
continuity of communications is desired. I would also not assume that we
should combine identifier and port number.

-- Christian Huitema