Replying to Avatar Jivan Pal

> NAT has not stopped it to happen.

I never said that it does. But do you care about increased latency, decreased throughput, more centralised points of failure? If so, then you should prefer avoiding the use of relays to facilitate P2P traffic, because relays result in all of these things.

> Moreover, sharing an IP address has protected a P2P user from legal consequences

Such protection/anonymity does not come from address sharing due to NAT, it comes from some combination of network sharing (e.g. at a public place), proxying (e.g. using a public VPN service), and/or local laws restricting access to certain kinds of data/logs. All of these factors being the same, you have exactly the same level of anonymity with IPv6 as with IPv4.

The particular case you cited hinges on the specifics of Spanish Law 25/2007, which states that data such as NAT mappings must be retained by the relevant orgs, such as ISPs, for at least 12 months, and only shared following a judicial order:

> > imposibilidad dada por la Ley 25/2007, de 18 de Octubre, de conservación de datos relativos a las comunicaciones electrónicas y a las redes públicas de comunicaciones, que circunscribe la posibilidad de exigir la identificaci a supuestos de detección, investigación y enjuiciamiento de delitos graves

> > ***

> > impossibility given by Law 25/2007, of October 18, on the conservation of data related to electronic communications and public communications networks, which limits the possibility of requiring identification to cases of detection, investigation, and prosecution of serious crimes

In other words, the crime was not serious enough to legally compel the ISP to disclose the identifying data (the NAT mappings); it did not meet the standard of "delito grave" in Spanish law. In an IPv6 context, it would be the specific IPv6 subnet (address/network prefix) delegated/assigned to the customer by the ISP that the plaintiff would need to know. This identifying data is, again, something that only the ISP and the customer know by default, and would require legal warrant for the plaintiff to obtain. Thus, the outcome of the case should be the same in an IPv6 context.

***

Amusingly, the article highlights a negative point about NAT that I have already mentioned — one user's actions unfairly negatively affecting many other unrelated users due to a subsequent restriction of access to services by the offending IP addresses.

> > Además, aparte de a "nito75" el alcance de la sentencia perjudicará a todos aquellos que usen esa misma conexión a internet.

> > ***

> > In addition, apart from "nito75" the scope of the sentence will harm all those who use the same internet connection.

This would not happen in an IPv6 context, because the offended service can simply block traffic from the particular subnet. In other words, with IPv6 rather than NAT/CGNAT, endpoints can distinguish different households and users but still can't identify them without extra info.
Avatar
DZC 1mo ago

"This would not happen in an IPV6 context, because the offended service can simply block traffic from the particular subnet. In other words, with IPV6 rather than NAT/ CGNAT, endpoints can distinguish different households and users"

That's the point: NAT allows "mixing users behind a common IP".

If you can not be distinguished from other users, that's privacy.

Reply to this note

Please Login to reply.

Discussion

Avatar
Jivan Pal 1mo ago

You misunderstand my use of "distinguish" there. Even with IPv4, you can already be distinguished from other users when it comes to your identity/fingerprint, because such fingerprinting doesn't come from IP metadata, but from application-layer data. However, filtering based on this requires deeper packet inspection, which is more resource-intensive.

With IPv6, endpoints can distinguish your IP packets from those of other users/households based solely on the IP address. That doesn't increase or decrease your privacy in any way; they still don't know *who*, only *what*. The only thing an endpoint gains from this is the ability to more selectively block/filter packets based on IP address alone. That's good for both you and the endpoint, not bad.

In other words, you have no good reason to think that distinguishing household A from household B, whilst still not knowing anything more specific about A and B, such as their street addresses, is harmful to privacy. Or at least, so far, you have failed to convince me that this actually harms your privacy. Perhaps you could give a concrete example of where this would be the case?

Avatar
DZC 1mo ago

Sorry, butI didn't misunderstand anything, in any case you didn't explain yourself properly. If you didn't want me to read it as "distinguish", maybe don't use that word.

And I also didn't failed to convince you of anything. I'm not trying to do that actually.

You are already completely convinced that you have the right opinion here.

I'm old enough to know that when people argue on the internet with the dedication that you're showing here, they don't want to be convinced, but they want to be right.

Anyway, if fingerprinting a device were enough, and knowing the final IP were of no use, there wouldn't be forcing the ISPs to keep one year of logs.

🫂

Avatar
Jivan Pal 1mo ago

"Distinguish" means "tell two things apart", e.g. one household from another. It doesn't mean "identify".

Fingerprinting is likewise a means of distinguishing, but not necessarily identifying. The need for law enforcement to identify is where the need for the logs arises.

I assure you that I don't care about whether I'm right, I just care about the reasoning and what the correct conclusion is. If being willing to engage in discussion about something comes across to you as wanting to be right, that's just your personal inference.