[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [RRG] perceived privacy issue



> true, and require some means of hosts being able to change
> identifiers at some point in time.

Is that a must have? E.g. one could think of many useful applications where an identifier never changes during a life time of the id bearer.
Isn't it the whole purpose of an id after all?

Thanks,

Peter

--- On Tue, 7/8/08, Tony Li <tony.li@tony.li> wrote:

> From: Tony Li <tony.li@tony.li>
> Subject: RE: [RRG] perceived privacy issue
> To: "'RJ Atkinson'" <rja@extremenetworks.com>, "'IRTF Routing RG'" <rrg@psg.com>
> Date: Tuesday, July 8, 2008, 4:03 PM
> |% That's been widely discussed during
> |% the first iteration of GSE and pretty generally viewed
> |% as a Bad Idea. At the very least, there needs to be a
> |% mechanism to escape from the MAC address and jump
> |% to a separately assigned space.
> |
> |This concern is misplaced, and there is nothing magic
> |here about a MAC as the Identifier.  Any Identifier
> |will have the same essential properties.
> 
> 
> Any identifier space is necessarily going to confront the
> same issues, it's
> true, and require some means of hosts being able to change
> identifiers at
> some point in time.  Obviously, anything associated with
> the old identifier
> is lost in a change, so there is a non-zero cost involved.
> 
> 
> |Traffic analysis techniques have been employed
> commercially
> |since at least the middle 1990s to track users -- even
> users
> |that change IP addresses often.  I understand that such
> methods
> |continue to be used (and continue to be effective) by a
> number
> |of firms on the network.  Note that these methods can
> track
> |"users", and are not limited to just tracking
> "nodes".
> |
> |While I don't have a URL to hand just this minute, I
> understand
> |that recent work at U. Cambridge of late has put
> additional
> |network traffic analysis methods into the published
> literature.
> |
> |I don't object per se to an "escape
> mechanism", but I do NOT
> |believe that there is any real privacy benefit to such a
> mechanism.
> |I feel similarly about the IPv6 Privacy Extensions (sic),
> |which have similar levels of (in)effectiveness.
> 
> 
> While I cannot disagree with you technically, it does seem
> to me that those
> advocating privacy will definitely raise the issue and that
> any eventual
> engineering solution will need to provide some mechanism
> for addressing
> those concerns, misplaced or not.
> 
> Tony
>  
> 
> 
> --
> to unsubscribe send a message to rrg-request@psg.com with
> the
> word 'unsubscribe' in a single line as the message
> text body.
> archive: <http://psg.com/lists/rrg/> &
> ftp://psg.com/pub/lists/rrg


      

--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg