This thread was started today on the INTAREA WG ML.
While I don't object to a BOF, I don't know where it goes.
What I see is that much of this problem needs to be resolved through
increased use of 802.1X: making WPA-Enterprise easier to use and setup,
this changing core identity from MAC Addres
On 2020-09-22 4:22 p.m., Andy Smith wrote:
Yiu-
I’d like to help here. Is the problem that residential devices can’t
be reliably tracked for purposes of policy enforcement? Or is it an
IP address depletion issue?
I noticed iOS 14 does allow for disabling of random MAC addresses.
On a
Y3uzmK6I>
To: int-area@ietf.org, captive-por...@ietf.org, home...@ietf.org
From: Michael Richardson
Date: Tue, 22 Sep 2020 16:34:33 -0400
This thread was started today on the INTAREA WG ML.
While I don't object to a BOF, I don't know where it goes.
What I see is that much of thi
device a different IP(v4), right?
If you solve persistent DHCP, then you solve those, don't you?
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
he set-up of {whatever the BOF/WG output
> is}, after which the MAC gets changed to {something else}.
An interesting idea.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works |IoT architect [
] m...@sandelman.ca htt
at it deserved wider review and excitement.
Our mailman strips off Reply-To: since we did that DMARC avoidant hack
(AFAIK), so redirecting replies only works if we all agree.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
, but were wrong?
I heard about this change from Tiru Reddy.
It would be great if this BOF elicited public statements and/or public policies
about
Google and Apple's intentions in this space. If it's their goal to go in the
direction I outlined, then it would be good to know.
--
Mi
MAC address is outside of the WEP encryption, so it is always seen, even
if the traffic is otherwise encrypted.
An EAP-*TLS based upon TLS1.2 would reveal the identity, at least the first
time. Perhaps this is a reason to support resumption tokens in EAP-TLS!
--
Michael Richardson
C addresses negates a lot
> of the benefits of randomized MAC addresses,
This assumes that a single observer can observe both at the same time.
WEP++ leaves MAC addresses visible, but encrypts the rest of L3 content.
--
] Never tell me the odds! | ipv6 mes
domization
proponents (if there is such a group), to explain the thread profile.
I don't think it includes active compromised hosts.
Such hosts can also ARP/ND spoof, and can even do that for the router (".1"),
capturing all the traffic on the network.
--
Michael Richardson.
Stephen Farrell wrote:
> On 29/09/2020 19:41, Michael Richardson wrote:
>> It will be good if we can get a document from the MAC randomization
>> proponents (if there is such a group), to explain the thread profile.
>> I don't think it include
Stephen Farrell wrote:
>> Stephen Farrell wrote:
>>
>> > On 29/09/2020 19:41, Michael Richardson wrote: >> It will be good if
>> we can get a document from the MAC randomization >> proponents (if
>> there is such a group
sh renumber), they would be right to think that they
legitimately control them.
(I'm still miffed that Relay Agents have to snoof to learn PD, and nobody
seems to think this a problem)
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and W
Ted Lemon wrote:
> On May 5, 2021, at 11:44 AM, Michael Richardson
> wrote:
>> The end user might suffer slightly by having locally served reverse
>> names that are no longer connected: they should obsolete that zone
>> when they realize that thei
me border
> router or edge node?
I think that it is okay if it doesn't work for mixed prefixes from multiple
providers.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
___
ndpoints)
> o Low latency (which implies shortest paths between endpoints)
I agree. Important.
But, to get this, we need apps to be able to learn what EID/IID/etc. to use
in order to get the service they need.
> We have to talk about how we, not as netowrk engineers, but network
Despite what the Security Considerations suggests, this still looks ripe for
use as an amplication attack to me.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
Tianran Zhou wrote:
> What if we ask for symmetric request and response? I.e., carry reserved
> bytes in the request packet.
That would make me happier actually.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Wor
r IPv6 Hop-by-Hop?
I think that this document is really a kind of merge Requirements and
Architecture. Maybe it will also be a Roadmap to other documents?
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =- *I*LIKE*TRAINS*
signature.asc
19 matches
Mail list logo
