MAC Address Device Identification for Network and Application Services (madinas) Internet Drafts


      
 Randomized and Changing MAC Address: Context,Network Impacts,and Use Cases
 
 draft-ietf-madinas-use-cases-19.txt
 Date: 20/12/2024
 Authors: Jerome Henry, Yiu Lee
 Working Group: MAC Address Device Identification for Network and Application Services (madinas)
To limit the privacy issues created by the association between a device, its traffic, its location, and its user in [IEEE_802] networks, client and client Operating System vendors have started implementing MAC address randomization. This technology is particularly important in Wi-Fi [IEEE_802.11] networks due to the over-the-air medium and device mobility. When such randomization happens, some in-network states may break, which may affect network connectivity and user experience. At the same time, devices may continue using other stable identifiers, defeating the MAC address randomization purposes. This document lists various network environments and a range of network services that may be affected by such randomization. This document then examines settings where the user experience may be affected by in-network state disruption. Last, this document examines two existing frameworks to maintain user privacy while preserving user quality of experience and network operation efficiency.
 Randomized and Changing MAC Address State of Affairs
 
 draft-ietf-madinas-mac-address-randomization-15.txt
 Date: 15/07/2024
 Authors: Juan Zuniga, Carlos Bernardos, Amelia Andersdotter
 Working Group: MAC Address Device Identification for Network and Application Services (madinas)
Internet users are becoming more aware that their activity over the Internet leaves a vast digital footprint, that communications might not always be properly secured, and that their location and actions can be tracked. One of the main factors that eases tracking Internet users is the wide use of long-lasting, and sometimes persistent, identifiers at various protocol layers. This document focuses on MAC addresses. There have been several initiatives within the IETF and the IEEE 802 standards committees to overcome some of these privacy issues. This document provides an overview of these activities to help coordinating standardization activities in these bodies.


data-group-menu-data-url="/group/groupmenu.json">

Skip to main content

MAC Address Device Identification for Network and Application Services (madinas)

WG Name MAC Address Device Identification for Network and Application Services
Acronym madinas
Area Internet Area (int)
State Active
Charter charter-ietf-madinas-01 Approved
Document dependencies
Additional resources GitHub Organization
IPJ article on MADINAS: WiFi Privacy
Zulip stream
Personnel Chairs Carlos J. Bernardos, Juan-Carlos Zúñiga
Area Director Éric Vyncke
Delegate Mathieu Cunche
Mailing list Address madinas@ietf.org
To subscribe https://www.ietf.org/mailman/listinfo/madinas
Archive https://mailarchive.ietf.org/arch/browse/madinas/
Chat Room address https://zulip.ietf.org/#narrow/stream/madinas

Charter for Working Group

The Medium Access Control (MAC) address is the Link Layer address used in IEEE 802 technologies. It was originally assigned statically for each physical network card by the Network Interface Card manufacturer, out of the space reserved by the IEEE Registration Authority Committee (RAC) for globally unique MAC addresses. The MAC address is used as source or destination target when sending and receiving frames. The default static assignment of the MAC address raises privacy concerns for personal devices. These concerns have recently started to be mitigated by SDOs specifying the use of Randomized and Changing MAC addresses (RCM) and end-device vendors implementing RCM.

Device identity is important in scenarios where the network needs to know the device or user identity in order to offer, operate and maintain certain services. Currently, many use cases and applications make an implicit assumption that a device is represented by an IEEE 802 Layer 2 permanent and unique MAC address. This assumption is being used in both control plane and data plane functions and protocols. RCM breaks this assumption. This requires updating applications to function across MAC address changes.

The MADINAS Working Group will document the current RCM state of affairs by :

(i) identifying relevant network and application services scenarios and examining the effect of RCM schemes on them;

(ii) analyzing various existing identifiers (i.e., beyond the MAC address) that can be used by the network to provide seamless services, and

(iii) identifying scenarios where device identity is not required.

The group will generate a Best Current Practices (BCP) document recommending means to reduce the impact of RCM on the documented use cases while ensuring that the privacy achieved with RCM is not compromised. For scenarios where device identity stability is desirable, the BCP document will recommend existing protocols that can be used to protect the request and exchange of identifiers between the client and the service provider.

The Working Group will work together with other IETF WGs (e.g., DHC, IntArea), and will liaise with other relevant organizations, such as IEEE 802 and the Wireless Broadband Alliance (WBA), by coordinating on the different recommendations, as well as potential follow-up activities within or outside the IETF.

MADINAS is expected to be a short timeframe (12-18 months) Working Group to quickly assess these needs. Additional solution space documents would only be published if identified as necessary, requiring a rechartering process in coordination with other relevant SDOs.

The group will produce the following deliverables:

  1. Document Current State of Affairs:
    An Informational use cases and identity requirements document
    An Informational MAC Address Randomization current state-of-affairs document

  2. Document Best Practices handling RCM
    A Best Current Practices document

Milestones

Date Milestone Associated documents
Nov 2024 Use Cases and Identity Requirements (informational) document submitted to the IESG for publication

Done milestones

Date Milestone Associated documents
Done MAC Address Randomization current state-of-affairs (informational) document submitted to the IESG for publication