Greg Daley wrote: > > The assumption that information is present only within the IP address > is erroneous. > This has been studied for mobile IPv6 users as well, > and there is information leakage up and down the stack. Your reasoning is obviously flawed. Having a temporary dynamic IP address assigned will not prevent any negligent or privacy-ignorant protocols and apps higher up the stack to reveal identifying information about you. But _without_ a temporary dynamic IP address, each and every of your network communcation will be 100% identifyable as you for everybody that can oberserve you IP datagrams floating by, even when you're using IPSEC. > > We have local source address selection mechanisms in recent Windows > versions that use randomized IIDs on outbound connections today. > This doesn't prevent exposure of the information regarding the > internal network structure, but nor do firewalls at publically > addressed IPv4 institutions today. I fail to understand what you mean by "randomized IIDs". What you need is a temporary network address randomized by you ISP so that your address blends within the entire customer base of that ISP. > > Putting NATs on the path just causes the device inside the network > to be unaware of its presented addresses, which means that it will > impede peer-to-peer communications, as it cannot even describe its > available services without external information services. Asking your border router for the temporary external IP-Address is trivial compared to performing a secure DNS lookup. > > This is the awful situation in IPv4 today: Address scarcity > is not the problem, addressability is the problem. It is a problem for which solutions exists or can be built with moderate effort. Privacy is a much more serious problem today, and without temporary dynamic addresses assigned by the ISP privacy can no longer exist. -Martin _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf