[ipv6hackers] Dynamic prefixes & privacy (was: IPv6 prefix changing)
Markus Reschke
madires at theca-tabellaria.de
Fri Mar 16 12:48:42 CET 2012
On Fri, 16 Mar 2012, Alex List wrote:
Hi Alex!
>> Not exactly, but yes. IPv6 privacy extensions alone would be sufficient to
>> make IP based tracking a lot harder and too inaccurate for the marketing
>> company.
> Due to the /64 bits left I don't agree, but from the discussion so far
For dynamic prefixes:
The 64 bits of the interface address is "randomized" by privacy extensions
and the other 64 bits tell us your ISP and your area. That's not much
data. The marketing company needs additional sources to be able to track
you.
For fixed IPv6 prefixes:
You would get a nice whois entry in the RIPE database :-) I haven't
checked it yet for IPv6, but there's some lower limit you don't need to
add the assignment. Any specific number known?
> I understand that:
>
> - there is indeed no point in using dynamic prefixes for privacy if
> they were deterministic
> - random prefix assignments scary many people
Maybe, but it's technically not feasable to randomize prefixes for a whole
ISP network. It would kill the IGP. You could do it for a small user base.
Each user would cause a dynamic route. At some point the amount of
dynamic routes is too large to handle and the routing will brake down.
> But wait, aren't ULA prefixes random? If CGNs were here to stay[1],
> why couldn't they provide a "network layer privacy" [2] service? If
> they claim to be so good at NATPT44, NPTv6 should be a piece of cake.
Just half of them :-) But CGN wouldn't help. Since the access routers
would perform CGN we have the same prefixes. So we know your ISP and area
again.
Regards,
Markus
--
/ Markus Reschke \ / madires at theca-tabellaria.de \ / FidoNet 2:244/1661 \
\ / \ / \ /
More information about the Ipv6hackers
mailing list