On Fri, Dec 17, 2021 at 7:16 PM Dino Farinacci <farina...@gmail.com> wrote: > > > If we care about the peer-to-peer property, varying addresses require a > > rendezvous process based on a non-varying identifier. It's then the latter > > that becomes the handle for surveillance and forensics. The real impact of > > CGNAT is to push that factoid into surveillance models; it gives IPv4 the > > same privacy assist that temporary addresses give IPv6. > > Hosts talk to hosts, I don't care if they are in a data center or two > clients. You don't have to distinguish and certainly shouldn't design an > address algorithm to distinguish. > > As for surveliience and privacy, you can't have both. So pick one. >
Dino, >From a user perspective, the choice is clear: privacy and security are top requirements. We know that payload encryption goes a long way, and hopefully encryption of the transport layer headers will become dominant so that intermediate nodes will stop meddling and ossifying the transport layer. But not everything can be encrypted, the IP addresses for instance, so providing real security and privacy at the plaintext network layer should be on the list of features to support user requirements. Tom > And Luigi, you shouldn't trust the devices that are close to you. Even if you > manage them you can't trust the vendors that make them. > > Dino > _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
