[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [RRG] perceived privacy issue
- To: 'RJ Atkinson' <rja@extremenetworks.com>, 'IRTF Routing RG' <rrg@psg.com>, tony.li@tony.li
- Subject: RE: [RRG] perceived privacy issue
- From: Peter Sherbin <pesherb@yahoo.com>
- Date: Tue, 8 Jul 2008 16:39:05 -0700 (PDT)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Message-ID; b=QstTJAbe0jEWpey0kmfLq6edtiQdJ76ndpV8uXaD4be4+liPYDoeLx+ZuqeyIgNuDKymlRBF5BtXIdMa2wAGfjBJxcsTKY017IKbJ6oPjzwC/ce3JYzLxgc0BQJUJA9Ih9FjotYfZhZUYvbMoetM4/AQy6ZPdgBwnGQ8rJVPQLQ=;
- Reply-to: pesherb@yahoo.com
> true, and require some means of hosts being able to change
> identifiers at some point in time.
Is that a must have? E.g. one could think of many useful applications where an identifier never changes during a life time of the id bearer.
Isn't it the whole purpose of an id after all?
Thanks,
Peter
--- On Tue, 7/8/08, Tony Li <tony.li@tony.li> wrote:
> From: Tony Li <tony.li@tony.li>
> Subject: RE: [RRG] perceived privacy issue
> To: "'RJ Atkinson'" <rja@extremenetworks.com>, "'IRTF Routing RG'" <rrg@psg.com>
> Date: Tuesday, July 8, 2008, 4:03 PM
> |% That's been widely discussed during
> |% the first iteration of GSE and pretty generally viewed
> |% as a Bad Idea. At the very least, there needs to be a
> |% mechanism to escape from the MAC address and jump
> |% to a separately assigned space.
> |
> |This concern is misplaced, and there is nothing magic
> |here about a MAC as the Identifier. Any Identifier
> |will have the same essential properties.
>
>
> Any identifier space is necessarily going to confront the
> same issues, it's
> true, and require some means of hosts being able to change
> identifiers at
> some point in time. Obviously, anything associated with
> the old identifier
> is lost in a change, so there is a non-zero cost involved.
>
>
> |Traffic analysis techniques have been employed
> commercially
> |since at least the middle 1990s to track users -- even
> users
> |that change IP addresses often. I understand that such
> methods
> |continue to be used (and continue to be effective) by a
> number
> |of firms on the network. Note that these methods can
> track
> |"users", and are not limited to just tracking
> "nodes".
> |
> |While I don't have a URL to hand just this minute, I
> understand
> |that recent work at U. Cambridge of late has put
> additional
> |network traffic analysis methods into the published
> literature.
> |
> |I don't object per se to an "escape
> mechanism", but I do NOT
> |believe that there is any real privacy benefit to such a
> mechanism.
> |I feel similarly about the IPv6 Privacy Extensions (sic),
> |which have similar levels of (in)effectiveness.
>
>
> While I cannot disagree with you technically, it does seem
> to me that those
> advocating privacy will definitely raise the issue and that
> any eventual
> engineering solution will need to provide some mechanism
> for addressing
> those concerns, misplaced or not.
>
> Tony
>
>
>
> --
> to unsubscribe send a message to rrg-request@psg.com with
> the
> word 'unsubscribe' in a single line as the message
> text body.
> archive: <http://psg.com/lists/rrg/> &
> ftp://psg.com/pub/lists/rrg
--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg