>NFS, let connections
stay while offline, running servers ...
>All but the last requires static IP addresses.
And this are legitime
>requirements. Dynamic DNS does solve the server problem
partially.
>It's still not possible to call out from the ISP without having
>a
static IP address for each server.My point is that these are analog *dial-up*
users -- those who need static IPs can get them (for a price), but the vast majority
don't need it. I would argue that anyone exposing NFS to the Internet has got
to be certifiable -- but your point is taken there, in the case of a more secure
protocol. I'm not sure what you mean by "call out" from the ISP.
>I think
that uniquely identifying a dial-up user would merely provide
>a much easier way
for people to be tracked and identified on-line.
>I see no reason for such a identification
request.
Neither do I -- but someone would figure out something to do with it if
it was available. I don't want that to happen. It's bad enough that high-speed
users are easily identifiable; we don't need to make things worse. Anonymity
is one of the keystones (and banes) of the Web.
>Communication solutions already
exist -- there is no need to make the
>spammer's job easier.
>Why do you assume,
static IPs or names ease the life of a spammer?
Because a static name is a better
target. Would your rather have a list of email addresses that loses value over
time as people move around, or a single, static address that is unlikely to change
even if the person changes ISPs? A static target has more value than a transient
one -- not only is your email likely to remain the same, but your habits would be
much easier to follow and target advertising.
>And what about people who have multiple
>computers
logged in at the same time, or multiple computers behind a
>dial-up line on an
ipmasq server? How would they be identified? How
>would you handle multi-link
ppp users with two, three, or five lines
>dialed up?
>The current solution works
fine. It will work fine even in the case
>of static IPs and names. There is no
need for Identification by
>address in the Internet. (Of course, there are marketing
guys ...)
The current solution is a hack. Other than that, I think you are
pretty much correct. Let's say I have fifty users behind an ipmasq server.
All of these users "unique identifiers" are tracked to the same IP. Great for anonymity
(sort of) but not so good for uniquely identifying each person -- which was what
he was trying to do. Worse yet, one of those users dials out on their modem
to another ISP -- and now the user's unique ID exists in two places. Ouch.
>The
overhead would be incredible, to maintain a dynamic system for
>the millions of
dial-up users. And remember that computer networks
>do not like things being
addressed exactly the same -- tends to cause
>all kinds of neat (and ulcer-inducing)
things to happen.
>Please read IPv6. It offers several solutions.
I *have* read
IPv6. Tacking a user's MAC address on at the beginning of a modified IPv4 address,
changing everything to hex, and calling it unique is... well... not what I would
have chosen. :) Leaving aside completely the privacy and security concerns,
bringing a data-link layer ID into the network and transport layers is a solution
that at the very least needs to be carefully examined.
I don't think that IPv6
is the solution to our problems. I don't think that having every device in
the world on the Internet is the solution to our problems. Introducing complexity
is always a dangerous thing. Doing it in such a way that almost guarantees problems
(both technical and political) is just dumb. Make no mistake -- IPv6 is very
complex. Manual configuration is discouraged. Address assignment is by
stateless broadcast -- *that* ought to be interesting; here, let me just connect
to your wireless network. You think tracking someone is hard now on the Internet?
Wait till I write a program that drops my interface, changes my MAC address, then
plugs back in and gets a new address -- every, say, 10 minutes. On 300 interfaces.
That are mobile. That I'm using to scan your webserver for vulnerabilities.
That belong to someone else. :)
It also has some cool advantages. Numberspace
is obvious; the stateless configuration would be great for a flexible, dynamic environment
-- much less of a hassle when security is not an issue, and assuming you have a router
available. Built in IPSec(yay!). Less load on routers, and more control
over what goes where.
My argument is that we really need to take a good long look
at what we're doing here. You said it yourself; there is no need for Identification
by address on the Internet (I would add "for the average user" -- servers of course
being the exception). Yet that is exactly what IPv6 does, and what this gentleman's
dial-up idea would do as well. I fundamentally disagree with that. I
don't have a solution to offer in it's place, except what is currently being done,
which will be probably be inadequate soon. That's why I'm a member here.
Aetius