dynamic or static IPv6 prefixes to residential customers

Owen DeLong owen at delong.com
Wed Aug 3 12:38:21 CDT 2011


On Aug 3, 2011, at 6:55 AM, Jay Ashworth wrote:

> ----- Original Message -----
>> From: "Mikael Abrahamsson" <swmike at swm.pp.se>
> 
>> On Wed, 3 Aug 2011, Owen DeLong wrote:
>> 
>>> Europe is a little odd in that way, especially DE and NO in that there
>>> seems to be this weird FUD running around claiming that static addresses
>>> are in some way more antithetical to privacy.
>> 
>> Yes, I agree. I know people who choose provider based on the availability
>> of static addresses, I know very few who avoid static address ISPs because
>> of this fact.
>> 
>> FUD indeed.
> 
> You guys aren't *near* paranoid enough.  :-)
> 
> If the ISP 
> 
> a) Assigns dynamic addresses to customers, and
> b) changes those IPs on a relatively short scale (days)
> 
> then 
> 
> c) outside parties *who are not the ISP or an LEO* will have a 
> relatively harder time tying together two visits solely by the IP 
> address.
> 

ROFL... Yeah, right... Because the MAC suffix won't do anything.

> While this isn't "privacy", per se, that "making harder" is at least
> somewhat useful to a client in reducing the odds that such non-ISP/LEO
> parties will be unable to tie their visits, assuming they've controlled
> the items they *can* control (cookies, flash cookies, etc).
> 

Which is something, what, 1% of people probably even know how to do,
let alone practice on a regular basis.

> Imperfect security != no security, *as long as you know where the holes are*.
> 

If people want this, they can use RFC-4193 to just about the same effect.
The ISP modifying the prefix regularly simply doesn't do much.

Owen





More information about the NANOG mailing list