Interesting People mailing list archives
Re: Republicans propose data retention laws targeting ISPs, home WiFi users
From: David Farber <dave () farber net>
Date: Fri, 20 Feb 2009 12:13:01 -0500
Begin forwarded message: From: "Steven M. Bellovin" <smb () cs columbia edu> Date: February 20, 2009 12:03:07 PM EST To: dave () farber net Cc: "David S. Isenberg (isen)" <isen () isen com>Subject: Re: [IP] Re: Republicans propose data retention laws targeting ISPs, home WiFi users
If we had IPv6, we wouldn't need no stinking temporary addresses, because IPv6 has approximately enough permanent addresses for every atom in the universe. Then "they" would know which IP address did which communication, and we'd get a symmetrical Internet where the distinction between client and server would be moot. Not sure if this tradeoff between safety and liberty is worth it, I'm just saying that in this case we get a little liberty *back* in the trade too.
This is just plain wrong, for several reasons. First -- IP addresses are always composed of a <network,host> pair (though the boundary is not knowable from the outside). This is necessary for routing -- we can't do flat routing to every home computer, let alone every IPv6-enabled light switch on the planet. When your machine travels -- a laptop in a hotel, an iPhone that has roamed to another place, a home computer when you change residence, an office computer when your employer changes ISPs -- the network portion changes. Even the host portion can (and should) change; otherwise, everyone else can track you. IPv6 normally uses stateless autoconfiguration to generate the host portion, which means there are no records necessary; any host that connects will have an address. That means that though law enforcement may know that something is the same computer as earlier, they don't know whose it is. But will this bill outlaw stateless autoconfig? Then, of course, there is RFC 4941, which describes a method by which hosts can pick their own host portion, dynamically. WIll this be outlawed? If so, why? Perhaps there's a societal benefit to letting law enforcement track people; I fail to see the benefit to letting Google et al. do so. --Steve Bellovin, http://www.cs.columbia.edu/~smb ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)
- <Possible follow-ups>
- Re: Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)
- Re: Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)
- Re: Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)
- Re: Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)