Keith Moore wrote: > > Some applications and hosts require stable addresses; others do not. Very few, and they should be carefully selected and such apps definitely should obtained informed consent of the user before they use a static/fixed address. > > So it might be that a home network needs to be able to support two > prefixes - a stable one that can be used by those applications that > need it, and an ephemeral one that can be used by everything else. > That's not difficult to do by itself, but my next question is how > to arrange these things such that ordinary consumers can understand > such details and manage them? Two addresses might work. The ephemeral address needs to be short-lived regularly randomly reassigned from a pool and shared by as many ISP customers as possible. ALL of the outgoing connections should use the ephememeral address. And I believe even incoming connections should use the ephemeral one, obtained by something like IGDP-via-UPnP or NAT-PMP. Using the static address should require significantly more work than the ephemeral one, or we'll see too many apps that will take the easy route. I know that there are a few hundred million folks that strip naked at varying levels on social networks. But we should not make it difficult to folks that care about privacy to _not_ get laid by careless (or on-purpose) apps. Apps similar to customer affiliation programs from supermarkets, where lots of folks loose their privacy for a few pennies. legislators can regulate browser cookies, but there is little legislators could do to protect citizens that use static IPv6 addresses. > > I also strongly disagree with the assertion that EU law requires IETF > to make it so. I never said that. I said that by issuing static/fixed IPv6 addresses to home DSL subscribers (or personal mobile devices) that you're subverting legal initiatives to protect privace, such as the E-Privacy directive that exists in the EU, and the "do not track" in discussion in the US. For someone with a static IPv6 address, you do not need any cookies at all. The IP address itself becomes personally identfiable (PII) information. Collecting PII is regulated in the EU, and allowed only under very specific conditions. With IPv6 static addresses issued to personal devices and private households, logging client IP-Addresses will become, without any doubt, subject to Data Privacy legislation, and that means in many cases illegal. This isn't actually new, and it has already been decided to apply to current IPv4 addresses as well by a german court in 2007 http://www.daten-speicherung.de/data/Urteil_IP-Speicherung_2007-03-27.pdf > > I don't want to cripple all home networks and applications by imposing > ephemeral addresses and/or NATs on them. You're not crippling anything here and you are significantly exaggerating the burden. Just asking for some extra effort to protect privacy. Think about it, most addresses for personal mobile devices and for home subscribers are currently using NAT-ed dynamic IPv4 addresses already, so it works fine, its being done, and internet is still usable. > > But having a stable address prefix associated with every device in > one's home network that communicates with the public Internet can > indeed threaten the user's privacy. Public information to map a static IP-address to a name accumulates in a matter of a several days to a few weeks, at most. With static addresses, you will not have "false positive", so one single datum that correlates a name with that address, and privacy is gone. It's like a photo with your name being exposed to internet search engines just once, you can hardly undo that (maybe do damage control by having your real name changed, but that nothing you want everyone having to do every few months, would you? > > (Note that privacy addresses don't really solve the problem as > they still all have the same prefix.) Full anonymity is not possible at all. What we need and can achieve is what is currently done: share the addresses among a huge number of subscribers and randomly reassign new addresses from the pool. > > Anyway, to me it seems reasonable for the HOMENET group to > consider privacy issues associated with address assignment. Definitely. -Martin _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf