Hi Ted, The term needs to be refined based on this discussion.
I want to have a term for a common aspect in security protocol design where you create a linkage between an initial protocol run and a subsequent one with the help of some state information where. For example, in case of TLS session resumption or the TLS ticket mechanism allows you to link the initial exchange (the full exchange) to subsequent exchanges from the perspective of the TLS server. The purpose of this exchange is exactly that the server is able to refer to an earlier exchange. Ciao Hannes On Feb 13, 2012, at 8:54 PM, Ted Hardie wrote: > 2012/2/13 Hannes Tschofenig <[email protected]>: >> Hey Ted, >> >> yes, I should have been more precise. >> >> Here is the current definition of "unlinkable sessions": >> >> Definition: The term "unlinkable session" refers the ability of the >> system to render a set of actions by a subject unlinkable from one >> another over a sequence of protocol runs (sessions). >> >> This definition talks about the "system" and it should rather talk about >> eavesdroppers instead. >> Better wording may also be needed since I just created it when I updated the >> most recent draft version and I couldn't really find something else that >> worked nicely. >> > > > If you updated to say "render a set of actions by a subject > unlinkable by either party or eavesdroppers > over a sequence of protocol runs (sessions)", does that meet your > intent? Or do you mean a more limited > form? > > Note that when I think about the subject've view as a party, the > property I expect is that the subject knows > that they are linked, but could not prove it based on data from the > protocol sessions. > > regards, > > Ted Hardie _______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
