privecsg ecsg 1 IEEE 802 EC Privacy Recommendation Study Group October 1 st, 2014, Conference Call Juan Carlos Zuniga, InterDigital Labs (EC SG Chair)
privecsg ecsg 2 Conference Call Details Wednesday, October 1 st, 2014, 10:00-11:00am EDT WebEX: –Meeting Number: –Meeting Password: privecsg –To join this meeting (also from mobile devices): 1. Go to 2. If requested, enter your name and address. 3. If a password is required, enter the meeting password: privecsg 4. Click "Join". 5. Follow the instructions that appear on your screen. –To view in other time zones or languages, please click the link: – 9dhttps://premconf.webex.com/premconf/j.php?MTID=m5675de0a c93226c1e8f24e 9d Teleconference information –Show global numbers: –Attendee access code:
privecsg ecsg 3 Participants, Patents, and Duty to Inform All participants in this meeting have certain obligations under the IEEE-SA Patent Policy. Participants [Note: Quoted text excerpted from IEEE-SA Standards Board Bylaws subclause 6.2]: –“Shall inform the IEEE (or cause the IEEE to be informed)” of the identity of each “holder of any potential Essential Patent Claims of which they are personally aware” if the claims are owned or controlled by the participant or the entity the participant is from, employed by, or otherwise represents “Personal awareness” means that the participant “is personally aware that the holder may have a potential Essential Patent Claim,” even if the participant is not personally aware of the specific patents or patent claims –“Should inform the IEEE (or cause the IEEE to be informed)” of the identity of “any other holders of such potential Essential Patent Claims” (that is, third parties that are not affiliated with the participant, with the participant’s employer, or with anyone else that the participant is from or otherwise represents) The above does not apply if the patent claim is already the subject of an Accepted Letter of Assurance that applies to the proposed standard(s) under consideration by this group Early identification of holders of potential Essential Patent Claims is strongly encouraged No duty to perform a patent search
privecsg ecsg 4 Patent Related Links All participants should be familiar with their obligations under the IEEE-SA Policies & Procedures for standards development. Patent Policy is stated in these sources: –IEEE-SA Standards Boards Bylaws –IEEE-SA Standards Board Operations Manual Material about the patent policy is available at – If you have questions, contact the IEEE-SA Standards Board Patent Committee Administrator at or visit This slide set is available at
privecsg ecsg 5 Call for Potentially Essential Patents If anyone in this meeting is personally aware of the holder of any patent claims that are potentially essential to implementation of the proposed standard(s) under consideration by this group and that are not already the subject of an Accepted Letter of Assurance: –Either speak up now or –Provide the chair of this group with the identity of the holder(s) of any and all such claims as soon as possible or –Cause an LOA to be submitted
privecsg ecsg 6 Other Guidelines for IEEE WG Meetings All IEEE-SA standards meetings shall be conducted in compliance with all applicable laws, including antitrust and competition laws. Don’t discuss the interpretation, validity, or essentiality of patents/patent claims. Don’t discuss specific license rates, terms, or conditions. –Relative costs, including licensing costs of essential patent claims, of different technical approaches may be discussed in standards development meetings. Technical considerations remain primary focus Don’t discuss or engage in the fixing of product prices, allocation of customers, or division of sales markets. Don’t discuss the status or substance of ongoing or threatened litigation. Don’t be silent if inappropriate topics are discussed … do formally object See IEEE-SA Standards Board Operations Manual, clause and “Promoting Competition and Innovation: What You Need to Know about the IEEE Standards Association's Antitrust and Competition Policy” for more details.
privecsg ecsg 7 Resources – URLs Link to IEEE Disclosure of Affiliation – Links to IEEE Antitrust Guidelines – guidelines.pdfhttp://standards.ieee.org/resources/antitrust- guidelines.pdf Link to IEEE Code of Ethics – ethics.htmlhttp:// ethics.html Link to IEEE Patent Policy –
privecsg ecsg 8 Agenda Welcome Chair's slides –IEEE Slides –Call meeting to order Group’s updates –Presentations and discussions at IEEE 802 interim meetings –IETF-IEEE coordination meeting –IETF MAC address randomization trial status Technical Topics 1.Threat Model for Privacy at Link Layer 2.Privacy Issues at Link Layer 3.Proposals regarding functionalities in IEEE 802 protocols to improve Privacy 4.Proposals regarding measuring levels of Privacy on Internet protocols 5.Implications of MAC address changes 6.Other Next Steps
privecsg ecsg 9 Business#1 Call Meeting to Order –Meeting called to order by chair at Minutes taker – Roll Call NameAffiliationNameAffiliation Juan Carlos Zuniga (Chair) InterDigitalPiers O’HanlonOxford Internet Institute Mathieu CuncheINRIAWalter PienciakIEEE-SA Antonio de la OlivaUC3MKaren RandallRandall-Consulting Dan HarkinsAruba NetworksMax RiegelNSN Paul LambertMarvellDan RomascanuAvaya Soo Bum LeeQualcommRene StruikStruik Security Consultancy Robert MoskowitzVerizonBrian WeisCisco
privecsg ecsg 10 Business#2 Agenda bashing – Approval of minutes – Reports –Group’s updates Presentations and discussions at IEEE 802 interim meetings IETF-IEEE coordination meeting IETF Trial
privecsg ecsg 11 IEEE 802 EC Privacy SG - updates Priv Rec EC SG presentation and discussion at 802.1/802.3 Interim meeting in Ottawa, Canada – Sept 9 and 10 Priv Rec EC SG presentation and discussion at IEEE 802 Wireless (802.11, , , etc.) meeting in Athens, Greece – week of September 15 Priv Rec EC SG presentation and discussion at IETF-IEEE Exec Coordination meeting in Newark, NJ – Sept 29
privecsg ecsg 12 IEEE c PAR Local MAC address - Claiming protocol without a server –Client generates a proposed address and initiates a claim, waits for response and uses address if no conflict detected –Proposed address might have a set value for the first 24 bits (CID+Local+U’cast) and a randomly generated value for the other 24 –Most suited to small* (~1000 nodes) networks which can operate without a (coordination) server –Requires that all nodes receive each other’s traffic (or something in the network can proxy for nodes that don’t receive the claim). –Similar protocols exist for IPv6 (RFC 4862) and FCoE (FC-BB-6 VN2VN)
privecsg ecsg 13 IEEE – Should allow to opt-in for tracking Certain applications may require tracking an individual (e.g. eHealth location tracking) Recommendation should not prevent these applications from choosing to be tracked –Recommended practices document should explain the scenarios in which privacy features should be applicable and should also allow to opt-in in case privacy is not a concern Besides identifiers, other privacy features could still be applicable –Message size, message sequence, use of authentication and encryption, etc.
privecsg ecsg 14 IEEE – Implications of MAC address changes on Wi-Fi backhaul network MAC addresses used also on backhaul to maintain user’s context across multiple APs –Keeping MAC address constant for the duration of a session should mitigate AP association and backhauling issues –Note: Need to clearly define what is a session, as it could be interpreted differently depending on the context
privecsg ecsg 15 IEEE – FCC requirement to disclose WS user’s identity Apparently applicable to fixed device (i.e. base station), need to clarify further Could be only needed for the IETF PAWS protocol, in which case it is out-of-scope for IEEE 802
privecsg ecsg 16 IEEE – Use of AAA in network trial Key generation binding with MAC address –Should maintain MAC address for duration of session Compile and share results from trial –Identify key statistics that should be gathered during trial
privecsg ecsg 17 IEEE – Applicability of Privacy Recommendations to fixed devices Identifiers in IoT may not relate to an individual –Must clearly define which devices should take into account which Privacy recommendations –Other privacy considerations may still be relevant, such as packet size, packet sequence, etc.
privecsg ecsg 18 IETF-IEEE802 Exec Meeting – Coordination Trial setup (VPN, SSID, announcement, wiki page) Implications of MAC address randomization on IETF protocols (i.e. Higher layers) Recommended practices should take into account functionalities in other layers Threat model to be developed jointly by IETF and IEEE 802
privecsg ecsg Trial at IETF meeting Trial IETF Venue –Different SSID (e.g. ietf_Trial_RandMACadd), to be advertised –Separate VLAN, DHCP, Switching and AAA infrastructure –Use only 2.4 GHz infrastructure (b/g/n) –Different credentials needed to join this network Credentials and Wiki –Sign-in page (to keep track of # people, # devices, types of clients, etc.) –Require participants to use specific MACadd tools and setup a DHCP client name/ID per user – to debug and find out potential issues Client –Should follow expected rules for MAC address generation –Should keep track of MAC addresses being used – could help in case of collision or other issues –Should setup DHCP client name DHCP server –Very small lease time for this VLAN –(Later on, a special rule could be added for MACs with local bit set)
privecsg ecsg Protocol Implications of MAC address changes Statistics to be collected –Network # associations in this SSID DHCP logs (MAC, DHCP client ID, time/date) DHCP pool size in time Switch table size in time AAA logs –Client MAC address usage log DHCP client name/ID –Other?
privecsg ecsg MAC address trial - client requirements Wiki page to register participating users Define a set of supplicant clients which can: –Generate a MAC address within the local domain, with the unicast bit set –Maintain the CID (OUI) part of the original address intact –Keep a log of used MAC addresses (association/probe?) Ask users to setup DHCP client name/ID and register it in the Wiki page
privecsg ecsg 22 Business#3 Technical presentations
privecsg ecsg 23 Business#4 Next steps –Continue call for proposals to discuss technical topics (1)Threat Model for Privacy at Link Layer (2)Privacy Issues at Link Layer (3)Proposals regarding functionalities in IEEE 802 protocols to improve Privacy (4)Proposals regarding measuring levels of Privacy on Internet protocols (5)Implications of MAC address changes (6)Other… –Discuss the need and scope of a recommended practices document applicable to IEEE 802 protocols
privecsg ecsg 24 Business#4 Upcoming meetings –22 October 2014 (10:00 AM ET), Teleconference –November 2-7, 2014, IEEE 802 Plenary meeting in San Antonio, TX, USA 2 Evening slots – Tuesday and Thursday 802 EC plenary – Report SG’s update and request EC for renewal –(other teleconferences TBD - if SG is renewed) –(March 8-13, 2015, IEEE 802 Plenary meeting in Berlin, Germany - if SG is renewed) AOB Meeting adjourned at