[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[RRG] perceived privacy issue



Earlier, Tony Li wrote:
% 2/ also creates a significant security issue.
% If a MAC address is visible outside of the local subnet,
% then it implies that someone can track a host
% as it migrates across the Internet.

If a flat Node Identifier isn't visible to correspondents
outside the local subnet, then it isn't terribly useful
to have a flat Node Identifier.

One of the objectives of an Identifier is for it to be
widely visible to (potential) correspondents.  That way,
if either party moves, the session that has been bound
to the Identifiers can remain up, even though one or
both locations have changed.  This is crucial to both
multi-homing and mobility deployments.

% That's been widely discussed during
% the first iteration of GSE and pretty generally viewed
% as a Bad Idea. At the very least, there needs to be a
% mechanism to escape from the MAC address and jump
% to a separately assigned space.

This concern is misplaced, and there is nothing magic
here about a MAC as the Identifier.  Any Identifier
will have the same essential properties.

Traffic analysis techniques have been employed commercially
since at least the middle 1990s to track users -- even users
that change IP addresses often.  I understand that such methods
continue to be used (and continue to be effective) by a number
of firms on the network.  Note that these methods can track
"users", and are not limited to just tracking "nodes".

While I don't have a URL to hand just this minute, I understand
that recent work at U. Cambridge of late has put additional
network traffic analysis methods into the published literature.

I don't object per se to an "escape mechanism", but I do NOT
believe that there is any real privacy benefit to such a mechanism.
I feel similarly about the IPv6 Privacy Extensions (sic),
which have similar levels of (in)effectiveness.

Yours,

Ran
rja@extremenetworks.com



--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg