| rfc9797v2.txt | rfc9797.txt | |||
|---|---|---|---|---|
| skipping to change at line 152 ¶ | skipping to change at line 152 ¶ | |||
| It is useful for implementations of client and network devices to | It is useful for implementations of client and network devices to | |||
| enumerate services that may be affected by RCM and to evaluate | enumerate services that may be affected by RCM and to evaluate | |||
| possible frameworks to maintain both the quality of user experience | possible frameworks to maintain both the quality of user experience | |||
| and network efficiency while RCM happens and user privacy is | and network efficiency while RCM happens and user privacy is | |||
| strengthened. This document presents these assessments and | strengthened. This document presents these assessments and | |||
| recommendations. | recommendations. | |||
| Although this document mainly discusses MAC address randomization in | Although this document mainly discusses MAC address randomization in | |||
| Wi-Fi networks [IEEE_802.11], the same principles can be easily | Wi-Fi networks [IEEE_802.11], the same principles can be easily | |||
| extended to any IEEE 802 networks [IEEE_802.3]. | extended to any IEEE 802 networks [IEEE_802]. | |||
| This document is organized as follows: | This document is organized as follows: | |||
| * Section 2 discusses the current status of using MAC address as | * Section 2 discusses the current status of using MAC address as | |||
| identity. | identity. | |||
| * Section 3 discusses various actors in the network that will be | * Section 3 discusses various actors in the network that will be | |||
| impacted by MAC address randomization. | impacted by MAC address randomization. | |||
| * Section 4 examines the degrees of trust between personal devices | * Section 4 examines the degrees of trust between personal devices | |||
| skipping to change at line 219 ¶ | skipping to change at line 219 ¶ | |||
| space where the MAC addresses of devices are visible to one another). | space where the MAC addresses of devices are visible to one another). | |||
| It is also important to note that the purpose of the universal | It is also important to note that the purpose of the universal | |||
| version of the address was to avoid collisions and confusion, as any | version of the address was to avoid collisions and confusion, as any | |||
| machine could connect to any network, and each machine needs to | machine could connect to any network, and each machine needs to | |||
| determine if it is the intended destination of a message or its | determine if it is the intended destination of a message or its | |||
| response. Clause 8.4 of [IEEE_802] reminds network designers and | response. Clause 8.4 of [IEEE_802] reminds network designers and | |||
| operators that all potential members of a network need to have a | operators that all potential members of a network need to have a | |||
| unique identifier in that network (if they are going to coexist in | unique identifier in that network (if they are going to coexist in | |||
| the network without confusion on which machine is the source or | the network without confusion on which machine is the source or | |||
| destination or any message). The advantage of an administrated | destination of any message). The advantage of an administrated | |||
| address is that a node with such an address can be attached to any | address is that a node with such an address can be attached to any | |||
| Local Area Network (LAN) in the world with an assurance that its | Local Area Network (LAN) in the world with an assurance that its | |||
| address is unique in that network. | address is unique in that network. | |||
| With the rapid development of wireless technologies and mobile | With the rapid development of wireless technologies and mobile | |||
| devices, this scenario became very common. With a vast majority of | devices, this scenario became very common. With a vast majority of | |||
| networks implementing IEEE 802 radio technologies [IEEE_802] at the | networks implementing IEEE 802 radio technologies [IEEE_802] at the | |||
| access, the MAC address of a wireless device can appear anywhere on | access, the MAC address of a wireless device can appear anywhere on | |||
| the planet and collisions should still be avoided. However, the same | the planet and collisions should still be avoided. However, the same | |||
| evolution brought the distinction between two types of devices that | evolution brought the distinction between two types of devices that | |||
| skipping to change at line 544 ¶ | skipping to change at line 544 ¶ | |||
| subjected to pre-approval and pre-certification. The devices | subjected to pre-approval and pre-certification. The devices | |||
| are usually personal devices and are not under the control of | are usually personal devices and are not under the control of | |||
| the corporate IT team. Compared to residential networks, | the corporate IT team. Compared to residential networks, | |||
| enterprise networks usually provide more sophisticated network | enterprise networks usually provide more sophisticated network | |||
| services including, but not limited to, application-based and | services including, but not limited to, application-based and | |||
| identity-based network policies. Changing the MAC address may | identity-based network policies. Changing the MAC address may | |||
| interrupt network services if the services are based on that MAC | interrupt network services if the services are based on that MAC | |||
| address. Thus, network operations will be more complex, so the | address. Thus, network operations will be more complex, so the | |||
| network support level is high. | network support level is high. | |||
| (E) Managed enterprises: This type of network is similar to (C). | (E) Managed enterprises: This type of network is similar to (D). | |||
| The main difference is that the devices are owned and managed by | The main difference is that the devices are owned and managed by | |||
| the enterprise. Because both the network and the devices are | the enterprise. Because both the network and the devices are | |||
| owned and managed by the enterprise, the degree of trust is | owned and managed by the enterprise, the degree of trust is | |||
| "Full trust". Network services and the network support level | "Full trust". Network services and the network support level | |||
| are the same as in (D). | are the same as in (D). | |||
| Table 1 summarizes the environments described above. | Table 1 summarizes the environments described above. | |||
| +=======================+===========+=======+========+=============+ | +=======================+===========+=======+========+=============+ | |||
| | Use Cases | Degree of |Network|Network | Network | | | Use Cases | Degree of |Network|Network | Network | | |||
| skipping to change at line 857 ¶ | skipping to change at line 857 ¶ | |||
| Converting Network Protocol Addresses to 48.bit Ethernet | Converting Network Protocol Addresses to 48.bit Ethernet | |||
| Address for Transmission on Ethernet Hardware", STD 37, | Address for Transmission on Ethernet Hardware", STD 37, | |||
| RFC 826, DOI 10.17487/RFC0826, November 1982, | RFC 826, DOI 10.17487/RFC0826, November 1982, | |||
| <https://www.rfc-editor.org/info/rfc826>. | <https://www.rfc-editor.org/info/rfc826>. | |||
| [RFC8837] Jones, P., Dhesikan, S., Jennings, C., and D. Druta, | [RFC8837] Jones, P., Dhesikan, S., Jennings, C., and D. Druta, | |||
| "Differentiated Services Code Point (DSCP) Packet Markings | "Differentiated Services Code Point (DSCP) Packet Markings | |||
| for WebRTC QoS", RFC 8837, DOI 10.17487/RFC8837, January | for WebRTC QoS", RFC 8837, DOI 10.17487/RFC8837, January | |||
| 2021, <https://www.rfc-editor.org/info/rfc8837>. | 2021, <https://www.rfc-editor.org/info/rfc8837>. | |||
| [RFC903] Finlayson, R., Mann, T., Mogul, J., and M. Theimer, "A | ||||
| Reverse Address Resolution Protocol", STD 38, RFC 903, | ||||
| DOI 10.17487/RFC0903, June 1984, | ||||
| <https://www.rfc-editor.org/info/rfc903>. | ||||
| [WBA-OPENROAMING] | [WBA-OPENROAMING] | |||
| Tomas, B., Grayson, M., Canpolat, N., Cockrell, B. A., and | Tomas, B., Grayson, M., Canpolat, N., Cockrell, B. A., and | |||
| S. Gundavelli, "WBA OpenRoaming Wireless Federation", Work | S. Gundavelli, "WBA OpenRoaming Wireless Federation", Work | |||
| in Progress, Internet-Draft, draft-tomas-openroaming-05, | in Progress, Internet-Draft, draft-tomas-openroaming-05, | |||
| 15 April 2025, <https://datatracker.ietf.org/doc/html/ | 15 April 2025, <https://datatracker.ietf.org/doc/html/ | |||
| draft-tomas-openroaming-05>. | draft-tomas-openroaming-05>. | |||
| Appendix A. Existing Frameworks | Appendix A. Existing Frameworks | |||
| A.1. IEEE 802.1X with WPA2 / WPA3 | A.1. IEEE 802.1X with WPA2 / WPA3 | |||
| End of changes. 4 change blocks. | ||||
| 3 lines changed or deleted | 8 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||