mailing list archives
Re: dynamic or static IPv6 prefixes to residential customers
From: Jay Ashworth <jra () baylink com>
Date: Wed, 3 Aug 2011 13:53:11 -0400 (EDT)
----- Original Message -----
From: "Owen DeLong" <owen () delong com>
On Aug 3, 2011, at 6:55 AM, Jay Ashworth wrote:
You guys aren't *near* paranoid enough. :-)
If the ISP
a) Assigns dynamic addresses to customers, and
b) changes those IPs on a relatively short scale (days)
c) outside parties *who are not the ISP or an LEO* will have a
relatively harder time tying together two visits solely by the IP
ROFL... Yeah, right... Because the MAC suffix won't do anything.
Did I mention I haven't implemented v6 yet? :-)
*Really*? It bakes the endpoint MAC into the IP? Well, that's miserably
poor architecture design.
While this isn't "privacy", per se, that "making harder" is at least
somewhat useful to a client in reducing the odds that such
parties will be unable to tie their visits, assuming they've
the items they *can* control (cookies, flash cookies, etc).
Which is something, what, 1% of people probably even know how to do,
let alone practice on a regular basis.
Yup; let's go out of our way to penalize the smart people; that's a
*great* plan; I so enjoy it when people do it -- and they do it *far*
too often for my tastes.
Imperfect security != no security, *as long as you know where the
If people want this, they can use RFC-4193 to just about the same
effect. The ISP modifying the prefix regularly simply doesn't do much.
I'll make a note of it.
Jay R. Ashworth Baylink jra () baylink com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274