Jan Zorz was recently invited to speak at a workshop held by the Estonian Presidency of the Council of the EU and Europol. Jan gave a well-received talk about how Slovenia widely deployed IPv6 and encouraged EU policymakers and law enforcement officials to do the same across Europe.
Per the press release, the workshop was “to address the increasing problem of non-crime attribution associated with the widespread use of Carrier Grade Network Address Translation (CGN) technologies by companies that provide access to the internet.”
With IPv4 address space depleting, CGNs have been widely implemented to conserve public IPv4 address space. In other words, many customers are sharing a single public IPv4 address that often also changes over time. Problems with sharing IP addresses (and therefore CGNs) are well outlined in RFC 6269: “Such issues include application failures, additional service monitoring complexity, new security vulnerabilities, and so on.”
CGNs also present a problem for law enforcement agencies looking to investigate and prosecute crimes online, as it’s much more difficult to narrow down the culprit. This workshop had several IPv6 experts speak of their experiences, partially on the assertion that IPv6 deployment would eliminate CGNs and once again allow law enforcement to track individual users via their IP addresses.
The Internet Society strongly believes in enabling private communications over the Internet, though we understand this can be a divisive issue as law enforcement has legitimate concerns relating to public safety and security and the ability to prosecute criminals. This is a policy discussion we won’t delve into here, but you can read about our upcoming Chatham House Roundtable on Encryption and Lawful Access to learn more about our work.
Back to the topic of IPv6, we are encouraged to see Europol and the EU discussing the need for full IPv6 deployment in public meetings. CGNs are not a sustainable path forward for a variety of reasons, and the faster we fully deploy IPv6, the better off the Internet will be.
If you’d like to get started with your own IPv6 deployment, check out our Deploy360 Start Here page where we have created a series of pages pointing to specific resources that are relevant to different audiences.