> -----Original Message----- On Friday, April 17, 2015, at 4:30 AM, Stephen Farrell wrote: > ... > Please discuss those here and/or send 'em to the IESG or to some > random AD or to me. But discussing 'em on this list is way better, > and of course even betterer is to write an I-D (and please do point > again at ones you've written, just to refresh folks' minds).
OK Stephen, since you asked... In general, I think of privacy mitigation in three steps. First, we have to deploy encryption, and make sure that it actually works. We have lots of activity on that. Second, we have to consider all the metadata that is not covered by encryption, such as header elements or management protocols. We should apply data minimization to mitigate that. We have some activity starting therewith the DHCP anonymity profile in DHC and the data minimization work in DNSOP. We need more of that, there are plenty protocols that leaks unencrypted information, we have to scrub them. Finally, we have to look at the "end-to-end" issues, such as all the tracking that is taking place by means of cookies, cached files, browser fingerprinting or e-mail analysis. I understand that the latter issue is a bit controversial. The "pervasive monitoring" work concentrates on a threat actor that can passively monitor a bunch of links, typically a state actor with very big budgets. But protecting against this passive monitoring is not sufficient. Suppose that an advertising system collects enough data to understand the type of chocolate that consumers prefer, their age, or the time they drive their car. Suppose that this advertising company receives a visit of the "men in black." They ask a simple question: please run this filter for us, we really need to identify the "youth morning driver chocolate liberation front." For the company, that is very much an "offer they cannot refuse." For the men in black, that's way more effective than having to install a bunch of taps everywhere and run a lot of data collection. And it doesn't matter that all the traffic from the members of the liberation front was encrypted... -- Christian Huitema _______________________________________________ perpass mailing list perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass
