Keith Moore wrote:
Some applications and hosts require stable addresses; others do not.
Very few, and they should be carefully selected and such apps definitely
should obtained informed consent of the user before they use a
static/fixed address.
So it might be that a home network needs to be able to support two
prefixes - a stable one that can be used by those applications that
need it, and an ephemeral one that can be used by everything else.
That's not difficult to do by itself, but my next question is how
to arrange these things such that ordinary consumers can understand
such details and manage them?
Two addresses might work. The ephemeral address needs to be short-lived
regularly randomly reassigned from a pool and shared by as many
ISP customers as possible.
ALL of the outgoing connections should use the ephememeral address.
And I believe even incoming connections should use the ephemeral
one, obtained by something like IGDP-via-UPnP or NAT-PMP. Using the
static address should require significantly more work than the ephemeral
one, or we'll see too many apps that will take the easy route.
I know that there are a few hundred million folks that strip naked
at varying levels on social networks. But we should not make it
difficult to folks that care about privacy to _not_ get laid by
careless (or on-purpose) apps. Apps similar to customer affiliation
programs from supermarkets, where lots of folks loose their privacy
for a few pennies.
legislators can regulate browser cookies, but there is little legislators
could do to protect citizens that use static IPv6 addresses.
I also strongly disagree with the assertion that EU law requires IETF
to make it so.
I never said that. I said that by issuing static/fixed IPv6 addresses
to home DSL subscribers (or personal mobile devices) that you're
subverting legal initiatives to protect privace, such as the
E-Privacy directive that exists in the EU, and the "do not track"
in discussion in the US. For someone with a static IPv6 address,
you do not need any cookies at all. The IP address itself becomes
personally identfiable (PII) information.
Collecting PII is regulated in the EU, and allowed only under very
specific conditions. With IPv6 static addresses issued to personal
devices and private households, logging client IP-Addresses will
become, without any doubt, subject to Data Privacy legislation, and
that means in many cases illegal.
This isn't actually new, and it has already been decided to apply to
current IPv4 addresses as well by a german court in 2007
http://www.daten-speicherung.de/data/Urteil_IP-Speicherung_2007-03-27.pdf
I don't want to cripple all home networks and applications by imposing
ephemeral addresses and/or NATs on them.
You're not crippling anything here and you are significantly exaggerating
the burden. Just asking for some extra effort to protect privacy.
Think about it, most addresses for personal mobile devices and for home
subscribers are currently using NAT-ed dynamic IPv4 addresses already,
so it works fine, its being done, and internet is still usable.
But having a stable address prefix associated with every device in
one's home network that communicates with the public Internet can
indeed threaten the user's privacy.
Public information to map a static IP-address to a name accumulates
in a matter of a several days to a few weeks, at most. With static
addresses, you will not have "false positive", so one single
datum that correlates a name with that address, and privacy is gone.
It's like a photo with your name being exposed to internet search engines
just once, you can hardly undo that (maybe do damage control by having
your real name changed, but that nothing you want everyone having to
do every few months, would you?
(Note that privacy addresses don't really solve the problem as
they still all have the same prefix.)
Full anonymity is not possible at all. What we need and can achieve
is what is currently done: share the addresses among a huge number
of subscribers and randomly reassign new addresses from the pool.
Anyway, to me it seems reasonable for the HOMENET group to
consider privacy issues associated with address assignment.
Definitely.
-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf