On 19-okt-04, at 22:18, Wassim Michel Haddad wrote:
This memo describes the privacy in mobility and multi-homing problem
statement.
http://www.ietf.org/internet-drafts/draft-haddad-momipriv-problem-
statement-00.txt
I'm not happy about this singling out privacy issues like this, because
it implicitly says "more privacy is better". That's certainly not the
case: there needs to be a balance between privacy and accountability.
Today, the internet operator community has huge problems with all kinds
of abuse conducted by people who manage to hide behind other's systems
they managed to corrupt. We can't have privacy extensions make these
problems worse.
"Note that while using only a different IPv6 address for each
new session may prevent/mitigate the ability to trace a MN on
the IP layer level, it remains always possible to trace it
through its device identifier(s) on the MAC layer level and
consequently, to learn all IPv6 addresses used by the MN by
correlating different sessions, thus breaking any unlinkability
protection provided at the IP layer."
Huh??? This is certainly not universally true.
Another issue is that the references are all towards drafts and not
RFCs. This is very bad because 1. people tend to know the RFCs and not
necessarily the drafts and 2. drafts disappear after a while.