A Model for Storing IPv6 Stateless Address Autoconfiguration Crime Attribution Records in a Privacy Sensitive Way
draft-daveor-slaac-privacy-logging-00

Document Type Active Internet-Draft (individual)
Last updated 2018-07-11 (latest revision 2018-05-28)
Stream ISE
Intended RFC status Informational
Formats plain text xml pdf html bibtex
Stream ISE state Submission Received
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
Internet Engineering Task Force                              D. O'Reilly
Internet-Draft                                              May 27, 2018
Intended status: Informational
Expires: November 28, 2018

   A Model for Storing IPv6 Stateless Address Autoconfiguration Crime
             Attribution Records in a Privacy Sensitive Way
                 draft-daveor-slaac-privacy-logging-00

Abstract

   The need for individual right to privacy and the need for law
   enforcement to be able to effectively investigate crime are sometimes
   portrayed as being irreconcilably in direct conflict with each other.
   Both needs are legitimate and ignoring the challenges presented by
   areas of conflict will not make the problem go away.

   The document presents a conceptual model that allows for both sets of
   requirements to be met simultaneously.  The reason for this
   publication is to show that, with some creative thinking, it is
   possible to identify win-win solutions that simultaneously achieve
   both privacy and law enforcement goals.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on November 28, 2018.

Copyright Notice

   Copyright (c) 2018 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents

O'Reilly                Expires November 28, 2018               [Page 1]
Internet-Draft            SLAAC Privacy Logging                 May 2018

   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  SLAAC: Stateless Address Autoconfiguration  . . . . . . .   3
       1.1.1.  Stable Address Autoconfiguration  . . . . . . . . . .   4
       1.1.2.  Temporary Address Autoconfiguration . . . . . . . . .   5
       1.1.3.  Crime Attribution Characteristics . . . . . . . . . .   7
         1.1.3.1.  Stateless Address Autoconfiguration . . . . . . .   7
         1.1.3.2.  SLAAC with stable interface identifiers . . . . .   8
         1.1.3.3.  SLAAC with temporary interface identifiers  . . .   8
   2.  Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . .   9
   3.  Model . . . . . . . . . . . . . . . . . . . . . . . . . . . .   9
     3.1.  Assumptions . . . . . . . . . . . . . . . . . . . . . . .   9
     3.2.  Record Generation . . . . . . . . . . . . . . . . . . . .   9
     3.3.  Record Transmission and Storage . . . . . . . . . . . . .  10
     3.4.  Record Querying . . . . . . . . . . . . . . . . . . . . .  11
   4.  Proof of Concept  . . . . . . . . . . . . . . . . . . . . . .  12
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  12
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  12
     6.1.  Cryptographic Strength  . . . . . . . . . . . . . . . . .  12
     6.2.  Injection of False Records  . . . . . . . . . . . . . . .  13
     6.3.  Retention Period of Records . . . . . . . . . . . . . . .  13
   7.  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . .  13
   8.  Normative References  . . . . . . . . . . . . . . . . . . . .  13
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  16

1.  Introduction

   IPv6 addresses are assigned to organisations in blocks that are much
   larger than the size of the blocks in which IPv4 addresses are
   assigned, with common IPv6 prefix sizes being /48, /56 and /64
   [RFC6177], [RIPE_699].  Current regulatory models typically oblige
   ISPs to keep records to facilitate identification of their
   subscribers, and in the case of IPv6 this will mean recording the
   prefix(es) have been assigned to each customer.

   From the perspective of crime attribution, therefore, when a specific
   IP address is suspected to be associated with criminal activity,
   records will most likely available from an ISP to identify the
Show full document text