From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-we0-f171.google.com (mail-we0-f171.google.com [74.125.82.171]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 4EBFF20082A for ; Fri, 2 Mar 2012 08:26:55 -0800 (PST) Received: by werm1 with SMTP id m1so2023163wer.16 for ; Fri, 02 Mar 2012 08:26:53 -0800 (PST) Received-SPF: pass (google.com: domain of dave.taht@gmail.com designates 10.216.133.93 as permitted sender) client-ip=10.216.133.93; Authentication-Results: mr.google.com; spf=pass (google.com: domain of dave.taht@gmail.com designates 10.216.133.93 as permitted sender) smtp.mail=dave.taht@gmail.com; dkim=pass header.i=dave.taht@gmail.com Received: from mr.google.com ([10.216.133.93]) by 10.216.133.93 with SMTP id p71mr1754751wei.10.1330705613481 (num_hops = 1); Fri, 02 Mar 2012 08:26:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=2qLQyxm/o49p0PMPlMo/OkNThBlvWzjvv4orq5GgeO4=; b=YmoVhdpUoNJPMJ/u44Qikk2dK38tuZli0Y0sb0GAyjgBJVpt3zLWvgpNQnMk0pWb3+ Riq8nTYHaf1Svae66gsK/I6RroTWLEGJFpB2niJt2W2z5hrl6r61+KrxNlnfw7mUXc9I EdUtGcQgRN2kI0I2arXBF6zhXPybacF9DrHrQYNcHwyMMZ1pQ/jf4XAd4fT/9Z/0cJlS JMT7Mv9FBH1gJk7Kn2MjOLZadUMKllMaWQS5MWZlQmMgeiHkJrG5ENiA+LIMtqRjtG/i ETXki+H8DeFVSEAV6d9K76ZEKydoxmSu9g+KcyYTUaJD8VRnRl/+XvNg+CQUkctMDBh5 OPaA== MIME-Version: 1.0 Received: by 10.216.133.93 with SMTP id p71mr1402814wei.10.1330705613259; Fri, 02 Mar 2012 08:26:53 -0800 (PST) Received: by 10.223.151.8 with HTTP; Fri, 2 Mar 2012 08:26:53 -0800 (PST) In-Reply-To: References: <1E158A98-D7F5-489F-89B6-B1673FBB8E84@intermapper.com> Date: Fri, 2 Mar 2012 08:26:53 -0800 Message-ID: From: Dave Taht To: Richard Brown Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: "" Subject: Re: [Cerowrt-devel] CeroWrt port numbering X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Mar 2012 16:26:55 -0000 >> Privacy advocates are saying that the "easy way" to create a global IPv6= address is bad: it's too easy to plop the MAC address in the lower 64 bits= of your address, and then the bad guys can use that as another (really pow= erful) tracking identifier. This is clearly not a CeroWrt-specific issue, a= nd it's actively in discussion. (See, for example Barrera et al, in the Use= nix Vol 36, Number 1, https://www.usenix.org/system/files/login/articles/10= 5438-Barrera.pdf ) > > This debate has been going on for a decade. > > I would like all those trying to make ipv6 even harder for mere > mortals to use to go off and work on ipv7, hip, and the like. > > DNS naming has been hopelessly screwed up as it is, and while I'm a > big privacy advocate, I'd like ip addresses to be mapped to DNS names > and I figure that that will bug that crowd, too. My position on this is considerably more nuanced than I allude to above, but I lack the time today to go into it in detail. briefly. IPv6's one big advantage is restoring end to end connectivity to the internet, this means that ip addresses do 'leak'. However, compared to all the other information that is tracked nowadays leaking that seems rather trivial, and having local connectivity that 'just works' would be nice to have compared to what we have nowadays. For thought-food, why should making a skype call to someone else in your office require a round trip through the internet? >From a privacy standpoint there is the existing difference between the 'us' and 'them' views in bind, the plan has been to publish local ipv6 addresses in the 'us' view, and optionally in the them (public) view. the mdns whatever.local convention also applies to ipv6, and happens to work if you have the privacy extensions enabled on your machine, but needs a hook to talk to the local dns server that is standardized somehow.... naming, privacy, and ipv6 are ratholes.... gotta go >> > > > > -- > Dave T=E4ht > SKYPE: davetaht > US Tel: 1-239-829-5608 > http://www.bufferbloat.net --=20 Dave T=E4ht SKYPE: davetaht US Tel: 1-239-829-5608 http://www.bufferbloat.net