On 6/5/2014 1:28 PM, Brian E Carpenter wrote:
...
As a matter of fact I tend to agree with many of your criticisms
of the draft, and I like the idea (below) of adding what we might
call the misuse cases. That's a discussion the intarea WG could have.
Brian
I'd vote for WG adoption, and agree with the above with the caveat that
such "misuse" should focus on:
a) ways proposed mechanisms "undo" current mechanisms that *might* have
been intended to preserve privacy (e.g., NATs are deployed for lots of
reasons, and we never know intent per se, but privacy preservation CAN
be a reason)
b) ways proposed mechanisms can exceed restoring what such devices
"undo" and be used to track hosts, processes, or other identities beyond
what the original packet *would have already exposed*.
I.e., for a device that inserts the source IP address and TCP source
port for NAT traversal, it would at best be considered to 'undo' the
potential privacy-creation intent of a NAT, but would NOT be considered
to exceed what the original packet conveyed.
Joe
_______________________________________________
ietf-privacy mailing list
ietf-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy
