ietf
[Top] [All Lists]

Re: HOMENET working group proposal

2011-07-01 13:57:37
On Fri, Jul 1, 2011 at 14:34, Joel Jaeggli <joelja(_at_)bogus(_dot_)com> wrote:

On Jul 1, 2011, at 11:07 AM, Martin Rex wrote:
james woodyatt wrote:

                                   There is nothing about NAT or
dynamic subscriber IP assignment that provides any mitigation
whatsoever of the risks

I'm more than a little concerned by the message that you're sending
here.  European legislators have enacted a "E-Privacy Directive"
also dubbed "European Cookie Directive" in order to protect the
privacy of citizens, and you're suggesting here that the IETF
should actively subvert this legislation and similar ongoing
legislative initiatives in the US by assigning static IPv6
addresses to home DSL subscribers so that cookies are completely
obviated and everyone can be trivially tracked based on his
static IP-Address.  This means you want to make IPv6 addresses
and all communications with that address direct personally
identifiable information, something for which a "must informed
beforehand", let alone an "opt opt" is technically impossible?

The IETF has several times veered away from the deep water where internet 
standards cross paths with regulatory requirements.

http://tools.ietf.org/html/rfc2804

We are not legal experts we are not qualified to interpret the statutory 
requirements of various nation states, our own or others. We need to be clear 
on what is in vs out of scope for IETF work. Focus on what would be percieved 
to be in the best interests the users and the network. Nation states will do 
whatever they do and sovereign by definition can impose whatever mandate they 
find necessary on their network operations and citizens.

Joel, the issue is very clear: what the IETF does must not make
privacy and confidentiality impossible.  It's not just some arbitrary
regulation from a committee, there are whole cultures who take this
very seriously.  You cite the wiretapping decision -- note we didn't
make wiretapping impossible, we just didn't support it.  In this case
it is very easy to make privacy (the right to control personal
information) and confidentiality (the right to know that private
information you share with one party will be kept within that scope)
impossible -- that's a position you may not take as someone making the
Internet work, since the ultimate stakeholders are those humans out at
the edges.  See also "Changes to Internet Architecture Can Collide
With Privacy" <http://www.ietf.org/proceedings/79/slides/intarea-3.pdf>
for a discussion of mobility.

When you think "oh right, I have to come up with a security
considerations section", include privacy and confidentiality
implications in your checklist of things to think about.

As to the technical issues here, higher layers don't need to use IP
addresses as identifiers, they have their own.  The only layer that
needs to care about IP addresses is the IP layer itself.  Privacy
addresses are well-defined and well-deployed.  The only issue with
using them is monitoring and logging activity.  The first hop router
can make the necessary correlations, but some access providers think
that's expensive.  Lawsuits over breach of confidentiality can be even
more expensive.  So is reworking protocols when a third of the world
won't use them.

Scott
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf