IPv6 Interview Questions and critic

Tue Aug 27 16:24:26 UTC 2002

> Date: Tue, 27 Aug 2002 10:41:08 -0400 (EDT)
> From: Joe Baptista <baptista at dot-god.com>
> Sender: owner-nanog at merit.edu
> 
> 
> 
> Hi:
> 
> I'm doing an article on IPv6 and am looking for comments - here is a
> portion on IPv6 which relates to the privacy issue ... any comments,
> crtics or interviews welcomed.
> 
> -- snip
> As you know IPv6 is a suite of protocols for the network layer of the
> Internet which uses IPv4 gateways.  It's purpose is to expand address
> space.  At this time IPv6 comes prepackaged with all popular operating
> systems. This includes all flavours of unix , windows and Mac OS.
> 
> IPv6 is designed to solve many of the problems of the current version of
> IPv4 with regard to address depletion. The goal is to use IPv6 to expand
> the capabilities of the Internet to enable a variety of valuable
> peer-to-peer and mobile applications.  According to many industry pundits
> it is the future of networking.
> 
> However IPv6 has many privacy issues. IPv6 address space uses an ID
> (indentifier) derived from your hardware or phone.  "That allows your
> packets to be traced back to your PC or cell-phone" said <censored>.
> <censored> fears abuse as a hardware ID wired into the ipv6 protocol can
> be used to determine the manufacturer, make and model number, and value
> of the hardware equipment being used by the end user.
> 
> Ipv6 empowers the business community by providing a means of identifying
> and tracking users.  Under Ipv6 users can be tracked and income
> demographics determined through hardware identification.
> 
> Many members of the networking community have addressed concerns that the
> technology could result in potential abuse and <censored> warns users to
> think twice before they buy themselves a used Lap-Top computer and inherit
> all the prior surfing history of the previous user?
> 
> Ipv6 uses 128 bits to provide addressing, routing and identification
> information on a computer. The 128-bits are divided into the left-64 and
> the right-64.  Ipv6 uses the right 64 bits to store an IEEE defined global
> identifier (EUI64). This identifier is composed of company id value
> assigned to a manufacturer by the IEEE Registration Authority. The 64-bit
> identifier is a concatenation of the 24-bit company_id value and a 40-bit
> extension identifier assigned by the organization with that company_id
> assignment. The 48-bit MAC address of your network interface card is also
> used to make up the EUI64.
> -- snip

This is really pretty silly.

Only end nodes will auto-configure with the MAC address used for 48
bits of the IPv6 address. Exactly how this is a serious privacy issue
continues to elude me, but I suppose that the paranoid may want to
change it to some things else. (And change it on an hourly basis, if
they are REALLY paranoid.)

Nothing mandates the contents of the lower 64 bits of the IPv6
address. The use of the MAC address is a simple convenience so that
you can just plug in an IPv6 system and run without need for a DHCP
server or nay manual configuration. If you want to over-ride the MAC
address portion, it's your business.

God help us all if some discovers that I use both Intel and 3Com
cards! (Not to mention Agere on occasion.)

R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net			Phone: +1 510 486-8634