IAB Plenary Tackles IPv6, Privacy Issues
By Carolyn Duffy Marsan
The IAB’s plenary in Quebec City featured a recap of World IPv6 Day as well as a discussion of privacy considerations on the Web.
World IPv6 Day Panel
World IPv6 Day, held 8 June 2011, was a tremendous success in terms of encouraging Web sites and content delivery networks to conduct a 24-hour trial of IPv6, said Leslie Daigle, chief Internet technology officer for the Internet Society.
“Facebook, Google, Yahoo, and more than 1,000 other Web sites turned on IPv6 on their front door,’’ Daigle said, adding that the goal of the Internet Society-organized event was to motivate ISPs, hardware makers, operating system vendors, and other Web companies to prepare their services for IPv6 as well as to understand the issues related to IPv6 transition. “It was a good day for the Internet coming together.’’
Daigle said two-thirds of the participating Web sites left IPv6 on after the event was over.
“There was no large-scale breakage. The DDoS fears did not pan out. Overall it was a success,’’ Daigle said. “We moved the needle on IPv6 deployment.’’
According to Lorenzo Colitti, network engineer for Google, the most important thing that Google did for World IPv6 Day was to warn users that they may suffer from IPv6 brokenness and offer them information about how to fix the problem.
As a result of these warnings, he continued, World IPv6 Day was business as usual for Google.
“We got 65 percent more traffic on World IPv6 Day,” Colitti said. “And the day after, we kept most of the traffic… Some services left IPv6 on for everyone, including YouTube and Mobile Gtalk.’’
One reason that Google users suffered from less IPv6 brokenness than expected is that Google implemented a technique called “Fast Fallback” in its Chrome browser. This feature allows users with broken IPv6 connectivity to automatically revert to IPv4. It is also available in Chrome and Firefox 7.
“We saw an 80 percent to 90 percent reduction in dual-stack brokenness,’’ Colitti said. “If all browsers behaved like this, we would publish our Quad A records (instead of using whitelisting). The browser versions with Fast Fallback were 99.995 percent as reliable as IPv4…Apple is adding this robustness in OS X Lion. All we need is IE to follow suit.’’
Google, which serves 60 percent of the IPv6 Internet, said that the bulk of IPv6 adoption globally is in two networks: France’s Free and Japan’s KDDI. KDDI, for example, distributed IPv6 to 15 percent of its user base in the five weeks prior to World IPv6 Day.
“One ISP by itself made a significant difference in the adoption of IPv6 in Japan,’’ Colitti added.
Donn Lee, a network engineer at Facebook, said the social media site saw more than 1 million IPv6 users on World IPv6 Day, which represented 0.20 percent of its users. The number of users suffering from dual-stack IPv6 brokenness was 0.02 percent, which was down from measurements of 0.03 percent prior to the event.
“We sent a message to broken users that said on June 8 we’ll be participating in World IPv6 Day and it looks like your computer may not be ready,’’ Lee said, adding that IPv6 brokenness “seems to be declining after World IPv6 Day.’’
The preparation work helped Facebook to experience no technical difficulties on World IPv6 Day. In fact, Facebook permanently dual stacked its developer’s site after the event ended.
Facebook was pleasantly surprised that all of its Facebook Connect Widgets—served up by 2.5 million Web sites—worked on World IPv6 Day in dual-stack mode.
“We also found with moving to IPv6 that there is nothing to fear,’’ Lee said. “It works. It’s ready to deploy. It wasn’t that hard to do.’’
Igor Gashinsky, a principal architect with Yahoo, said World IPv6 Day not only helped encourage IPv6 adoption, it also helped shrink the number of users suffering from IPv6 brokenness from 0.078 percent to 0.022 percent in less than two years.
“Over 30 different Yahoo markets participated… All of the markets are served in 10 different data centers,’’ Gashinsky said. “Our initial plan was to complete IPv6 in all of these sites sometime in 2010, but we had problems with just about every vendor’s implementation in their switching gear. As a result, we have seven IPv6 proxy locations.’’
After extensive preparations to its infrastructure along with outreach to its users about the issue of IPv6 brokenness, Yahoo had a successful World IPv6 Day experience.
“We served over 2.2 million users via IPv6. We saw over 1 million visits to Yahoo’s IPv6 help pages. At the peak, 0.229 percent of our users were via IPv6,’’ Gashinsky said. “Over 1.2 million IPv6 users were from France, which was almost double the U.S.’’
Still, Gashinsky pointed out that IPv6 is not widely deployed enough for Yahoo to support IPv6 permanently.
“That was a lot of work for 0.229 percent of our users,’’ he said. “We need more IPv6 access… Can we break single digits, please, and then we can talk about leaving it on?’’
Telefonica enabled Web sites in Spain and Brazil for World IPv6 Day. Network engineer Carlos Ralli said its user brokenness stayed below 0.04 percent.
“We saw no related call center activity. This is good news,’’ Ralli added.
Cisco experienced the highest percentage of IPv6 users on World IPv6 Day, with 1.11 percent of its traffic coming to www.cisco.com via IPv6. Even better, the company saw zero tech support calls related to World IPv6 Day. As a result of this positive experience, Cisco left one of its Web sites—www. scansafe.com—up in dual-stack mode when the event ended.
“Cisco customers and users are more interested in IPv6 than the broader population of users,’’ said Cisco Fellow Mark Townsley, who pointed out that 2.26 percent of the company’s logged- in users on World IPv6 Day had IPv6 capabilities.
Jens Grossklags, assistant professor at Pennsylvania State University’s College of Information Sciences and Technology, kicked off the privacy panel with a discussion of several experiments that he has conducted on how privacy concerns impact consumer behavior.
Grossklags has discovered that whether people were identified as privacy fundamentalists, profiling concerned, identity concerned or unconcerned about privacy, they gave away more information about themselves online than they had anticipated.
“Across all scenarios, the degree of information revelation is higher than you would expect from a rational consumer,’’ he said, adding that privacy is about “hard decision making over time, with actions now having consequences later.’’
In one experiment, Grossklags discovered that user attitudes were affected when consumers received before and after notifications with warnings about the risks of downloading software. However, when he paid people to download unknown executables, they were willing to forego their privacy concerns.
“People who should have known better participated once the price was right,’’ he said. “Seventy percent of the participants knew it would be dangerous to download unknown programmes, but all of them did it anyway.’’
His takeaway is that users are subject to immediate gratification, and that the users with more protection such as antivirus software are more likely to take risks, such as downloading executables, than those who are unprotected.
Fred Carter, senior policy and technology advisor for the Office of the Information and Privacy Commissioner for Ontario, gave a regulator’s perspective on information privacy issues. He said the key issues around information privacy online were minimizing the use, sharing, and collection of personally identifiable information (PII), thereby enhancing data security and engaging individuals in managing their own PII.
Carter discussed the concept of “Privacy by Design,’’ which has been adopted by privacy regulators worldwide. Privacy by Design has seven foundational principals, which include having privacy as a default setting, offering full functionality along with privacy, and providing visibility and transparency about information gathering.
Privacy by Design “is gaining ground as a high-level normative framework,’’ Carter says. “Work is still needed on how to operationalize it and apply it to information infrastructures, networked [systems], and related engineering standards.’’
Carter urged IETF participants to consider the Privacy by Design framework in protocol design. “The next stage is to have people like yourselves apply it to particular cases and teach us what the best practices are,’’ he added.
Andy Zeigler, a programmes manager with Microsoft’s Internet Explorer team, gave IETF participants background on privacy-related issues that have cropped up for browser makers with such technologies as CSS 2.1 and geolocation.
“Privacy risks exist in most technologies, even ones that might appear to have little risk,’’ Zeigler said, pointing out that its best to take privacy into consideration when authoring specifications. “Privacy risks can be very difficult to fix after a spec is implemented.’’
Zeigler discussed how users are surreptitiously tracked as they browse the Web and that there are many benefits to this tracking, including personalization. “The problem is the ownership and control of the information,’’ he said.
Zeigler pointed out that Microsoft was an early adopter of privacy controls with its support of the W3C’s P3P standards. But P3P proved to be too complex for users, too simple for nuanced business relationships, and was not being implemented by many Web sites.
Today, Microsoft is supporting the idea of Tracking Protection Lists, which block tracking content, in IE9. This version of its Web browser also supports the “Do Not Track” header for HTTP.
To wrap up the privacy panel, Alissa Cooper described the IAB’s Privacy Programme, which aims to develop privacy thinking within the technical standards community. Cooper outlined an approach to protocol design that would involve systemic privacy threat modeling similar to how security considerations are taken into account during the standards development process.
Cooper outlined several challenges for IETF participants as they scope privacy threats, including the diversity of user privacy preferences, a lack of incentives for supporting privacy features, and the fact that common practices or laws might dictate the emphasis for online privacy.
“One of the big questions that we are trying to grapple with is how do we become more systemic at building threat models for privacy,’’ Cooper said. “That begs the question of how to decide what threats are in scope and what threats are not in scope.’’
Cooper asked participants to review a document (draft-morris-privacy-considerations-03) and comment.
This article was posted on 27 October 2011 .