Randomized MAC Addresses and IPv6 Address Assignment Chrisan Huitema Huitema@microso.com IETF 93, Prague, July 2015

7/19/2015 IPv6 and MAC Randomizaon - IETF 93 1 Random MAC Address Hypotheses • Allow users to “hide” from the network • Different at different locaons • Prevent locaon tracking • May or may not be constant per locaon over me • Arbitraon between stability and privacy • Controlled by user preferences • Expected constant for the duraon of a “session” • Implemented using exisng IEEE 802 rules • Preferred Format: U/L = 1, G=0, 46 random bits

7/19/2015 IPv6 and MAC Randomizaon - IETF 93 2 Randomizaon and RFC 7217 Conflict MAC Address Stable, semancally Randomizaon opaque IIDs • Emphasis on Privacy • Emphasis on Stability • Try to ensure • Try to ensure that if “anonymity” when hardware is replaced, vising a parcular IPv6 address remains network stable. • User varies MAC Address over me if • Defeats MAC Address “hiding” from the Randomizaon network.

7/19/2015 IPv6 and MAC Randomizaon - IETF 93 3 Proposal: Update RFC 7217

• Proposed revision of Secon 5, Net_Iface selecon • It MUST SHOULD be constant across system bootstrap sequences and other network events (e.g., bringing another interface up or down). • It MAY change if the system administrator decides so explicitly, e.g. by implemenng Address Randomizaon. This can be achieved by selecng the Current Link Layer Address for Net-Iface parameter. • Proposed Addion to Appendix A, secon A.3, Link- Layer Addresses • Link-Layer addresses will change dynamically in systems that implement Link Layer Address Randomizaon. This will cause IIDs to change whenever the Link Address changes, which is very desirable for privacy.

7/19/2015 IPv6 and MAC Randomizaon - IETF 93 4 Other Address Assignment Methods IEEE Based Random MAC only unique on one link Bad idea. IID IPv6 Address discloses random MAC May (very rarely) collide with other random addresses Stac ID Remain stac, defeat MAC randomizaon Out of scope Constant Remain constant, defeat MAC randomizaon Should be replaced by IID (Windows implementaon are not actually RFC 7217 at some point constant, change if MAC address changes) Temporary Defeat MAC randomizaon if the lifeme Needs spec. Should IIDs overlaps. update to variant of RFC 7217. DHCPv6 Defeat MAC randomizaon if using stable DUID. See DHCP anonymity Embedded Defeat MAC randomizaon if DHCP uses stable profile IPv4 DUID, allocate constant value

7/19/2015 IPv6 and MAC Randomizaon - IETF 93 5 Feedback and proposal

• Feedback from Philip Homburg • Should be more explicit, no clear course of acon. • Updang RFC 7217 should not be just a footnote. • Update or forward reference in dra-ie-6man-default- iids • Proposal • Revise the dra, clearer focus on RFC 7217 • Adopt as WG item? • Not sure about dra-ie-6man-default-iids

7/19/2015 IPv6 and MAC Randomizaon - IETF 93 6