Re: [Int-area] Where/How is the features innovation happening?

Fri, 17 Dec 2021 14:22:51 -0800 

On 18-Dec-21 10:58, Tom Herbert wrote:

On Fri, Dec 17, 2021 at 12:07 PM to...@strayalpha.com
<to...@strayalpha.com> wrote:


Globally unique != static.


They can be randomized and varied over time, e.g., as are Ethernet MAC 

addresses, exactly for the reasons you note.


I would agree with that if the time to randomize is basically so small
that a client can use a unique and un-correlatable address for each
connection. Given the data collection abilities and compute resources
available to those that want to engage in surveillance, any time for
randomizing addresses, be it a day, an hour, or a few minutes, that is
greater than this minimum only provides a false sense of security with
respect to trying to prevent third parties from making correlations
about the sender's identity between different flows on the Internet.
Interestingly, CGNAT with enough users behind it can provide these
properties (attested by the fact the law enforcement has complained
about it).



If we care about the peer-to-peer property, varying addresses require a rendezvous process based on a non-varying identifier. It's then the latter 
that becomes the handle for surveillance and forensics. The real impact of CGNAT is to push that factoid into surveillance models; it gives IPv4 the same privacy assist that temporary addresses give IPv6.


So perhaps what we need is a surveillance-proof rendezvous mechanism.

   Brian



Tom



Joe

—
Joe Touch, temporal epistemologist
www.strayalpha.com

On Dec 17, 2021, at 11:46 AM, Brian E Carpenter <brian.e.carpen...@gmail.com> 
wrote:

On 18-Dec-21 07:48, Geoff Huston wrote:
...

So, to repurpose some graffiti from the 1970’s, we need globally unique 
addresses like fish need bicycles! :-)


They have residual value for surveillance and possibly other forensic uses, 
which may of course be actively harmful to the user.


But on the other hand, while what you say about economics is undoubtedly true, don't we want to keep the peer-to-peer option open *as a matter of principle*? After all, we still have that option for phone calls, even 

though it's now a minority usage pattern for mobile devices.


    Brian

_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area


_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area


_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area























					Reply via email to