Fil on Fri, 8 Oct 1999 18:16:28 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> Re: IPv6 standard to include unique identifier in all packets


>From my friend Phil Regnauld.

---------- Forwarded message ----------
Date: Fri, 8 Oct 1999 12:05:01 +0200
From: Phil Regnauld <regnauld@ftf.net>
Reply-To: freenix-ldp@lists.frmug.org
To: frezza@alum.MIT.EDU
Subject: Re: IPv6 standard to include unique identifier in all packets

	I have a few comments about your column.

> <http://www.techweb.com/se/directlink.cgi?INW19991004S0052>
> 
>    Where's All The Outrage About The IPv6 Privacy Threat?
>    Bill Frezza
>    

	[...]

>    IPv6 was initially proposed to solve the "problem" that IPv4 has with

There is a problem, not that you would see from the side of the US.

Many US universities, institutions and firms are now claiming that there
is enough IPv4 addresses to push off IPv6 deployment, for two reasons: 

- IPSEC has been backported to v4, and it what most people were interested
in in IPv6, not the declining address space, because... 

- the move to CIDR routing has unlocked quite a large number of subnets
that were mismanaged

- Internic's move to recover unused blocks was quite successful

So you could call it a "problem", I call it a problem -- I live in Europe,
I work for the largest hospital in Scandinavia, and it IS a problem
getting new addresses. 

I've also taught in Vietnam and West Africa, were an entire university
couldn't get more than a /28. 

Whether the problem is technical or poltical, it's there. 

>    be sufficient to last quite some time. Unfortunately, the cabal that
>    controlled the disposition of these addresses had a habit of handing

Which cabal ?  IANA ?  RIPE ?  Internic ?  This isn't quite ITU-T...

>    out large blocks to their friends, who parlayed these into start-ups
>    with multibillion-dollar market caps. Hence, the "shortage."

It was called: first come, first serve, with no reason to turn people down
until a short time ago. 

>    IPv6, on the other hand, has 128 bits of address space, enough to
>    provide a billion-billion addresses for each square meter of the
>    earth's surface. How one could ever route that many addresses is an
>    interesting question, but at least IPv6 will never run out.

How is it routed ?  Without any problems.  You might want to check out
Christian Huitema's (himself former chairman of the IETF cabal) book on
IPv6.  Would you like the technical explanations from an alphabet-soup
geek ? 

>    Included in EUI-64 are two interesting pieces of information: the
>    registered manufacturer of your NIC card and your 48-bit Ethernet
>    address. Surprise! Every packet you send out onto the public Internet
>    using IPv6 has your fingerprints on it. And unlike your IP address
>    under IPv4, which you can change, this address is embedded in your
>    hardware. Permanently.

Half true: EUI-64 is a convenient way to avoid DHCP and make local-subnet
autoconfiguration eutomatic.  You can still: 

- number the machines like you want: 01, 02, 03...  

- in software add a MAC address ("filter") to the card -- most modern NICs
support this, and is well documented.


You are in no way obliged to reveal these addresses. 

That by default autoconfiguration uses EUI-64 is the same as Intel's "you
can turn it off if you want", except that: 

- there was a good reason for EUI-64 (no more DHCP)

- most site administrators can without any problems choose not to reveal
them OUTSIDE the local[net|site]. 

>    that the Institute for Information Sciences, heavily funded by the
>    Defense Department, is writing a reference stack for IPv6 that it is
>    quietly hoping to slip into Windows 2000.

Why would they bother when Microsoft Research already has a remarkably
good (unlike NT itself...) IPv6 stack, available since 1997 ?  In SOURCE
form... 

>    will be respected. Go search EFF's site and see if you can find a
>    single word about IPv6 and its privacy problems. The EFF's silence is

I think that's because you're looking for issues that just aren't there. 

>    With all the interlocking boards, directorates, subcommittees and
>    associations that keep the digerati in sync, it's hard to know where
>    responsibility for this snafu begins and ends.

Once again, IETF isn't ITU-T.  IPv6 doesn't have 128 bits because there
were a like number of committee members, unlike OSI and ATM. 

>    be the reason the press hasn't shown much interest. It's a lot more
>    fun to kick Intel and Microsoft than to rail at the folk heroes
>    credited with creating the Internet.

Vint Cerf is mostly an e-commerce advocate, and has been for a while. 

>    It looks like the geeks screwed up this time, though. I hope they have
>    the wisdom to fix things before it's too late.

The geeks ?  Hmmm...  



#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net