'Re: roving [mostly OT] [was Re: [Zcip] Hi]'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       zcip
Subject:    Re: roving [mostly OT] [was Re: [Zcip] Hi]
From:       Michael Schmidt <schmidt () nue ! et-inf ! uni-siegen ! de>
Date:       2002-05-08 7:23:48
[Download RAW message or body]

On Wednesday 08 May 2002 09:06, H. Peter Anvin wrote:
> Michael Schmidt wrote:
> > This is also more or less my idea for the default case (i.e. the MAC
> > address of the device CAN be changed).
> > I just want to preserve the option to randomize the zeroconf IP for
> > devices where the MAC address CAN NOT be changed. I know that this
> > addresses far fewer privacy concerns than the above solution (see also
> > my earlier notes).
>
> The point is, if you can't change the MAC you're fscked anyway, so why
> bother?
>
> 	-hpa

Again, I repeat my (minor) concerns out of an earlier note:

> My concern is privacy in a scenario where zeroconf clients access
> the Internet (or whatever) over a NAT or proxy device. As you already have
> stated out, the zeroconf IP is gone then. However, I'm concerned that this
> IP address still leaks through in many cases (certain payload scenarios,
> handshake packets, possibly layer 4 headers etc.), so that it can be traced
> by an attacker in the network beyond the zeroconf net. In this case, a
> variable IP (i.e. not depending on the MAC address) would improve privacy,
> since the permanent link between a device (and normally its user) and its
> IP address would disappear. Please correct me if this assumption is
> provably wrong.

Michael

-- 
===================================================
Michael Schmidt
---------------------------------------------------
Institute for Data Communications Systems
University of Siegen, Germany
www.nue.et-inf.uni-siegen.de
---------------------------------------------------
http:    www.nue.et-inf.uni-siegen.de/~schmidt/
e-mail:  schmidt@nue.et-inf.uni-siegen.de
phone:   +49 271 740-2332   fax:   +49 271 740-2536
mobile:  +49 173 3789349
---------------------------------------------------
###      Siegen - The Arctic Rain Forest        ###
===================================================


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic