Hi Lubomir, Sorry not to have responded to this earlier, but as I was just reminded of this, here are my take:
On Mon, Sep 7, 2015 at 7:49 PM, Lubomir Rintel <lkund...@v3.sk> wrote: > the RFC 7217 specifies an algorithm for generating an IPv6 host address > that stays stable in a particular network but changes when the machine > enters another network to prevent tracking [1]. It works by hashing a > tuple of various parameters one of which is "secret_key" -- a secret > value specific to a particular machine. > > [1] https://tools.ietf.org/html/rfc7217#section-5 > > This sounds a bit like machine-id, unfortunately given it's world > readable and available via DBus (and possibly on a network?) it doesn'tseem > to be secret enough. > > I'm wondering if it would make sense to reuse some of the tooling? > Would it make sense to extend systemd-machine-id-setup(1) to generate > one more identifier or maybe add another tool to set up the secret id? A priori, it would perhaps have been nice to consider the real machine-id on disk to be "secret", and only ever expose a hash of it, but that ship has sailed I'm afraid. We could of course introduce a second machine-id as you propose, but before doing that I'd like to fully understand if that really solves the problem. If I understand correctly, most of the point of RFC7217 is achieved even if the secret key is known. The important point is to have a good hashing function, and in that case knowing the secret key will not let you discover any of the other parameters (which are the ones you really want to hide). Moreover, if the point is privacy, if an attacker has access (in some way) to the machine-id, there is no point in him going after the interface identifier as he can already identify the client. Given those two facts, might it not be sufficient to use the machine-id as the secret key after all? Or am I missing something? Cheers, Tom _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
