Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
From: alto [mailto:alto-boun...@ietf.org] On Behalf Of Y. Richard Yang Sent: Tuesday, July 01, 2014 8:09 PM To: Sebastian Kiesel Cc: IETF ALTO Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01? On Mon, Jun 30, 2014 at 10:35 AM, Sebastian Kiesel ietf-a...@skiesel.de wrote: On Fri, Jun 27, 2014 at 12:16:16PM -0500, Vijay K. Gurbani wrote: On 06/26/2014 04:58 AM, Scharf, Michael (Michael) wrote: Haibin asked me to send the following comment from a private discussion also to the list: Section 3.3 of draft-deng-alto-p2p-ext-01 suggest a new Endpoint Property Type network_access for P2P peer selection. As far as I recall, this type of ALTO guidance was discussed in the past quite a bit, and there may have been privacy concerns. For instance, draft-ietf-alto-deployments-09 Section 3.2.4. includes the following statement: o Performance metrics that raise privacy concerns. For instance, it has been questioned whether an ALTO service could publicly expose the provisioned access bandwidth, e.g. of cable / DSL customers, because this could enables identification of premium customers. That text was already in draft-ietf-alto-deployments before I started to edit this document. For P2P use cases, I wonder whether that concern might (still) apply to endpoint properties such as DSL vs. FTTH as currently suggested draft-deng-alto-p2p-ext-01. [As individual, of course.] I suspect the type of network access (DSL, cable, FTTH, satellite) is probably okay. Commercial companies often publicly tout the deployment of certain access technologies in neighbourhoods. I know some neighborhoods where FTTH is available, but at very high prices. Consequently, many people there prefer to keep their existing xDSL or cable based Internet service. If we used ALTO to announce who decided to pay the high price for FTTH, I would consider this as a potential privacy concern, because this would be some kind of list of households with better-than-average income and/or computer professionals or enthusiasts living there. This is an interesting example, and provides a case where access control may be used. I always expect that there should be an access control mechanism, in given settings, to limit the information exposure of ALTO info. I can imagine that this can be endhost opt-in, or provider control (e.g., only certain trusted entities can access the URL). [邓灵莉/Lingli Deng] Good idea. Greater flexibility can be delivered by access control at the discretion of both the network operator and the individual subscriber. Richard Sebastian ___ alto mailing list alto@ietf.org https://www.ietf.org/mailman/listinfo/alto ___ alto mailing list alto@ietf.org https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
On 06/28/2014 01:00 AM, Songhaibin (A) wrote:
Perhaps a midway could be to see if we can use the provisioned
bandwidth for a set of (anonymous) subscribers instead of singleton
subscribers. That way, the larger herd provides some modicum of
anonymity to an individual subscriber who is part of the herd.
So just ranking a list of endpoints from the perspective of
provisioned bandwidth will alleviate the privacy issue. I think it is
possible to do it in this way.
Haibin: Yes, that is one potential way to alleviate the privacy issue
if a provisioned bandwidth is necessary for an ALTO service. Reinaldo
has provided some input as well; my preference would be to start
thinking of such privacy issues right at the onset so we have a
reasonable idea of the pros and cons of any solution that the WG
comes up with.
Cheers,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
On 06/28/2014 12:55 AM, Songhaibin (A) wrote:
However, I also suspect that the privacy concerns on *provisioned*
access bandwidth are still intact since they will tend to point to
subscribers that are outliers.
I'm not sure I understand this sentence due to my poor English. By
outlier do you mean some exceptional/abnormal provisioned bandwidth
value bound to an endpoint property?
Haibin: Your English is excellent, and yes, that is what I meant.
If the endpoints with higher provisioned access bandwidth would be
pointed more often than other endpoints, you imply the privacy
concern is: those endpoints do not want to be recognized?
It's more than those endpoints don't want to be recognized, the question
is: has the subscriber corresponding to the endpoint provided consent
to allow his/her provisioned bandwidth to be distributed by ALTO?
Thanks,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
On Fri, Jun 27, 2014 at 12:16:16PM -0500, Vijay K. Gurbani wrote: On 06/26/2014 04:58 AM, Scharf, Michael (Michael) wrote: Haibin asked me to send the following comment from a private discussion also to the list: Section 3.3 of draft-deng-alto-p2p-ext-01 suggest a new Endpoint Property Type network_access for P2P peer selection. As far as I recall, this type of ALTO guidance was discussed in the past quite a bit, and there may have been privacy concerns. For instance, draft-ietf-alto-deployments-09 Section 3.2.4. includes the following statement: o Performance metrics that raise privacy concerns. For instance, it has been questioned whether an ALTO service could publicly expose the provisioned access bandwidth, e.g. of cable / DSL customers, because this could enables identification of premium customers. That text was already in draft-ietf-alto-deployments before I started to edit this document. For P2P use cases, I wonder whether that concern might (still) apply to endpoint properties such as DSL vs. FTTH as currently suggested draft-deng-alto-p2p-ext-01. [As individual, of course.] I suspect the type of network access (DSL, cable, FTTH, satellite) is probably okay. Commercial companies often publicly tout the deployment of certain access technologies in neighbourhoods. I know some neighborhoods where FTTH is available, but at very high prices. Consequently, many people there prefer to keep their existing xDSL or cable based Internet service. If we used ALTO to announce who decided to pay the high price for FTTH, I would consider this as a potential privacy concern, because this would be some kind of list of households with better-than-average income and/or computer professionals or enthusiasts living there. Sebastian ___ alto mailing list alto@ietf.org https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
-Original Message-
From: alto [mailto:alto-boun...@ietf.org] On Behalf Of Reinaldo Penno
(repenno)
Sent: Saturday, June 28, 2014 7:55 PM
To: Songhaibin (A); Vijay K. Gurbani; alto@ietf.org
Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
I'm not talking about on-demand available bandwidth,
It is the bandwidth configured in the application. It is a configured value.
Just
take a look at any utorrent client.
[邓灵莉/Lingli Deng] I am a little bit confused here. If the cap is configured in
the app, then why would the app's tracker bother to query a ALTO server for
this value?
It seems to me that ALTO should be providing more general information that
would assist a group of applications, rather than a single one. Make sense?
A utorrent client will never use more than that amount of bandwidth, no
matter your provisioned bandwidth.
From: Songhaibin (A) [haibin.s...@huawei.com]
Sent: Friday, June 27, 2014 11:09 PM
To: Reinaldo Penno (repenno); Vijay K. Gurbani; alto@ietf.org
Subject: RE: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Hi Reinaldo,
Thank you and I think you raised a very good question. I totally agree that
available bandwidth is more useful than provisioned bandwidth. But available
bandwidth is rather dynamic, and it is very hard to measure it and provide the
real-time status to ALTO clients.
With providing provisioned bandwidth, it can be seen with a high probability a
client can select a better peer. It is better than random IMO. But if there
is
an easy method to rank the available bandwidth of a peer list, I will be very
interested.
BR,
-Haibin
-Original Message-
From: alto [mailto:alto-boun...@ietf.org] On Behalf Of Reinaldo Penno
(repenno)
Sent: Saturday, June 28, 2014 1:33 AM
To: Vijay K. Gurbani; alto@ietf.org
Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Another point is how¹s the provisioned access bandwidth really help decide
which peers are better. Today most P2P software allow caps to be put for
upload/download and people use it. Some come with a default based on the %
of the detect access speed. So, saying a user has 1Gb/s does not really mean
you will get better performance when connecting to him(er). I mean, it would
more inline with better than random to get the actual bandwidth allowed.
On 6/27/14, 10:26 AM, Vijay K. Gurbani v...@bell-labs.com wrote:
[Still as individual.]
On 06/26/2014 05:10 AM, Songhaibin (A) wrote:
Sebastian gave an idea that we can use relative numbers to indicate
the endpoint's provisioned bandwidth instead of access type, which is
similar to what we have used to indicate the cost in the alto
protocol.
The difference, of course, being that the ISP in some manner consented
to having a normalized value of cost to be distributed in order to
allow for better than random selections to improve network performance.
In the case under discussion, the issue is does the subscriber consent
to having their provisioned bandwidth be part of ALTO calculations?
Remember, if the WG decides to go ahead and use provisioned bandwidth
anyway, it could always do so. But then we'd better be prepared to
deal with the eventuality on when (and if) the IESG challenges us on
this privacy leak. If that happens, we'd better have a good response.
Perhaps a midway could be to see if we can use the provisioned
bandwidth for a set of (anonymous) subscribers instead of singleton
subscribers.
That way, the larger herd provides some modicum of anonymity to an
individual subscriber who is part of the herd.
Cheers,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Hi Vijay,
Thanks again,
-Original Message-
From: alto [mailto:alto-boun...@ietf.org] On Behalf Of Vijay K. Gurbani
Sent: Saturday, June 28, 2014 1:27 AM
To: alto@ietf.org
Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
[Still as individual.]
On 06/26/2014 05:10 AM, Songhaibin (A) wrote:
Sebastian gave an idea that we can use relative numbers to indicate
the endpoint's provisioned bandwidth instead of access type, which is
similar to what we have used to indicate the cost in the alto
protocol.
The difference, of course, being that the ISP in some manner consented to
having a normalized value of cost to be distributed in order to allow for
better
than random selections to improve network performance.
In the case under discussion, the issue is does the subscriber consent to
having
their provisioned bandwidth be part of ALTO calculations?
Remember, if the WG decides to go ahead and use provisioned bandwidth
anyway, it could always do so. But then we'd better be prepared to deal with
the eventuality on when (and if) the IESG challenges us on this privacy leak.
If
that happens, we'd better have a good response.
Perhaps a midway could be to see if we can use the provisioned bandwidth for a
set of (anonymous) subscribers instead of singleton subscribers.
That way, the larger herd provides some modicum of anonymity to an individual
subscriber who is part of the herd.
So just ranking a list of endpoints from the perspective of provisioned
bandwidth will alleviate the privacy issue. I think it is possible to do it in
this way.
BR,
-Haibin
Cheers,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Hi Reinaldo,
Thank you and I think you raised a very good question. I totally agree that
available bandwidth is more useful than provisioned bandwidth. But available
bandwidth is rather dynamic, and it is very hard to measure it and provide the
real-time status to ALTO clients.
With providing provisioned bandwidth, it can be seen with a high probability a
client can select a better peer. It is better than random IMO. But if there
is an easy method to rank the available bandwidth of a peer list, I will be
very interested.
BR,
-Haibin
-Original Message-
From: alto [mailto:alto-boun...@ietf.org] On Behalf Of Reinaldo Penno
(repenno)
Sent: Saturday, June 28, 2014 1:33 AM
To: Vijay K. Gurbani; alto@ietf.org
Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Another point is how¹s the provisioned access bandwidth really help decide
which peers are better. Today most P2P software allow caps to be put for
upload/download and people use it. Some come with a default based on the %
of the detect access speed. So, saying a user has 1Gb/s does not really mean
you will get better performance when connecting to him(er). I mean, it would
more inline with better than random to get the actual bandwidth allowed.
On 6/27/14, 10:26 AM, Vijay K. Gurbani v...@bell-labs.com wrote:
[Still as individual.]
On 06/26/2014 05:10 AM, Songhaibin (A) wrote:
Sebastian gave an idea that we can use relative numbers to indicate
the endpoint's provisioned bandwidth instead of access type, which is
similar to what we have used to indicate the cost in the alto
protocol.
The difference, of course, being that the ISP in some manner consented
to having a normalized value of cost to be distributed in order to
allow for better than random selections to improve network performance.
In the case under discussion, the issue is does the subscriber consent
to having their provisioned bandwidth be part of ALTO calculations?
Remember, if the WG decides to go ahead and use provisioned bandwidth
anyway, it could always do so. But then we'd better be prepared to
deal with the eventuality on when (and if) the IESG challenges us on
this privacy leak. If that happens, we'd better have a good response.
Perhaps a midway could be to see if we can use the provisioned
bandwidth for a set of (anonymous) subscribers instead of singleton
subscribers.
That way, the larger herd provides some modicum of anonymity to an
individual subscriber who is part of the herd.
Cheers,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
I'm not talking about on-demand available bandwidth,
It is the bandwidth configured in the application. It is a configured value.
Just take a look at any utorrent client.
A utorrent client will never use more than that amount of bandwidth, no matter
your provisioned bandwidth.
From: Songhaibin (A) [haibin.s...@huawei.com]
Sent: Friday, June 27, 2014 11:09 PM
To: Reinaldo Penno (repenno); Vijay K. Gurbani; alto@ietf.org
Subject: RE: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Hi Reinaldo,
Thank you and I think you raised a very good question. I totally agree that
available bandwidth is more useful than provisioned bandwidth. But available
bandwidth is rather dynamic, and it is very hard to measure it and provide the
real-time status to ALTO clients.
With providing provisioned bandwidth, it can be seen with a high probability a
client can select a better peer. It is better than random IMO. But if there
is an easy method to rank the available bandwidth of a peer list, I will be
very interested.
BR,
-Haibin
-Original Message-
From: alto [mailto:alto-boun...@ietf.org] On Behalf Of Reinaldo Penno
(repenno)
Sent: Saturday, June 28, 2014 1:33 AM
To: Vijay K. Gurbani; alto@ietf.org
Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Another point is how¹s the provisioned access bandwidth really help decide
which peers are better. Today most P2P software allow caps to be put for
upload/download and people use it. Some come with a default based on the %
of the detect access speed. So, saying a user has 1Gb/s does not really mean
you will get better performance when connecting to him(er). I mean, it would
more inline with better than random to get the actual bandwidth allowed.
On 6/27/14, 10:26 AM, Vijay K. Gurbani v...@bell-labs.com wrote:
[Still as individual.]
On 06/26/2014 05:10 AM, Songhaibin (A) wrote:
Sebastian gave an idea that we can use relative numbers to indicate
the endpoint's provisioned bandwidth instead of access type, which is
similar to what we have used to indicate the cost in the alto
protocol.
The difference, of course, being that the ISP in some manner consented
to having a normalized value of cost to be distributed in order to
allow for better than random selections to improve network performance.
In the case under discussion, the issue is does the subscriber consent
to having their provisioned bandwidth be part of ALTO calculations?
Remember, if the WG decides to go ahead and use provisioned bandwidth
anyway, it could always do so. But then we'd better be prepared to
deal with the eventuality on when (and if) the IESG challenges us on
this privacy leak. If that happens, we'd better have a good response.
Perhaps a midway could be to see if we can use the provisioned
bandwidth for a set of (anonymous) subscribers instead of singleton
subscribers.
That way, the larger herd provides some modicum of anonymity to an
individual subscriber who is part of the herd.
Cheers,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Hi Reinaldo,
Right. This kind of configured fixed bandwidth cap is useful, and we could also
collect that information as an Endpoint property.
Configuration can be in several different ways. When an endpoint sets its
percentage of bandwidth for this particular application, in this case, the
bandwidth is dynamic, due to in peak hours, the ISP may not guarantee bandwidth
for the subscribers (at least it is true for the ISPs in China, during the
evening hours). And an endpoint can also configure one type of application with
having higher priority than other types, for example, web browsing has priority
over p2p. In this case, the available bandwidth is also dynamic for p2p.
BR,
-Haibin
-Original Message-
From: Reinaldo Penno (repenno) [mailto:repe...@cisco.com]
Sent: Saturday, June 28, 2014 7:55 PM
To: Songhaibin (A); Vijay K. Gurbani; alto@ietf.org
Subject: RE: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
I'm not talking about on-demand available bandwidth,
It is the bandwidth configured in the application. It is a configured value.
Just take a look at any utorrent client.
A utorrent client will never use more than that amount of bandwidth, no matter
your provisioned bandwidth.
From: Songhaibin (A) [haibin.s...@huawei.com]
Sent: Friday, June 27, 2014 11:09 PM
To: Reinaldo Penno (repenno); Vijay K. Gurbani; alto@ietf.org
Subject: RE: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Hi Reinaldo,
Thank you and I think you raised a very good question. I totally agree that
available bandwidth is more useful than provisioned bandwidth. But available
bandwidth is rather dynamic, and it is very hard to measure it and provide the
real-time status to ALTO clients.
With providing provisioned bandwidth, it can be seen with a high probability a
client can select a better peer. It is better than random IMO. But if there
is an easy method to rank the available bandwidth of a peer list, I will be
very interested.
BR,
-Haibin
-Original Message-
From: alto [mailto:alto-boun...@ietf.org] On Behalf Of Reinaldo Penno
(repenno)
Sent: Saturday, June 28, 2014 1:33 AM
To: Vijay K. Gurbani; alto@ietf.org
Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Another point is how¹s the provisioned access bandwidth really help
decide which peers are better. Today most P2P software allow caps to
be put for upload/download and people use it. Some come with a default
based on the % of the detect access speed. So, saying a user has 1Gb/s
does not really mean you will get better performance when connecting
to him(er). I mean, it would more inline with better than random to get the
actual bandwidth allowed.
On 6/27/14, 10:26 AM, Vijay K. Gurbani v...@bell-labs.com wrote:
[Still as individual.]
On 06/26/2014 05:10 AM, Songhaibin (A) wrote:
Sebastian gave an idea that we can use relative numbers to indicate
the endpoint's provisioned bandwidth instead of access type, which
is similar to what we have used to indicate the cost in the alto
protocol.
The difference, of course, being that the ISP in some manner
consented to having a normalized value of cost to be distributed in
order to allow for better than random selections to improve network
performance.
In the case under discussion, the issue is does the subscriber
consent to having their provisioned bandwidth be part of ALTO calculations?
Remember, if the WG decides to go ahead and use provisioned bandwidth
anyway, it could always do so. But then we'd better be prepared to
deal with the eventuality on when (and if) the IESG challenges us on
this privacy leak. If that happens, we'd better have a good response.
Perhaps a midway could be to see if we can use the provisioned
bandwidth for a set of (anonymous) subscribers instead of singleton
subscribers.
That way, the larger herd provides some modicum of anonymity to an
individual subscriber who is part of the herd.
Cheers,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar:
http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
On 06/26/2014 04:58 AM, Scharf, Michael (Michael) wrote:
Haibin asked me to send the following comment from a private
discussion also to the list:
Section 3.3 of draft-deng-alto-p2p-ext-01 suggest a new Endpoint
Property Type network_access for P2P peer selection. As far as I
recall, this type of ALTO guidance was discussed in the past quite a
bit, and there may have been privacy concerns. For instance,
draft-ietf-alto-deployments-09 Section 3.2.4. includes the following
statement:
o Performance metrics that raise privacy concerns. For instance,
it has been questioned whether an ALTO service could publicly expose
the provisioned access bandwidth, e.g. of cable / DSL customers,
because this could enables identification of premium customers.
That text was already in draft-ietf-alto-deployments before I started
to edit this document.
For P2P use cases, I wonder whether that concern might (still) apply
to endpoint properties such as DSL vs. FTTH as currently suggested
draft-deng-alto-p2p-ext-01.
[As individual, of course.]
I suspect the type of network access (DSL, cable, FTTH, satellite) is
probably okay. Commercial companies often publicly tout the deployment
of certain access technologies in neighbourhoods.
However, I also suspect that the privacy concerns on *provisioned*
access bandwidth are still intact since they will tend to point to
subscribers that are outliers.
Thanks,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
[Still as individual.]
On 06/26/2014 05:10 AM, Songhaibin (A) wrote:
Sebastian gave an idea that we can use relative numbers to indicate
the endpoint's provisioned bandwidth instead of access type, which
is similar to what we have used to indicate the cost in the alto
protocol.
The difference, of course, being that the ISP in some manner consented
to having a normalized value of cost to be distributed in order to allow
for better than random selections to improve network performance.
In the case under discussion, the issue is does the subscriber consent
to having their provisioned bandwidth be part of ALTO calculations?
Remember, if the WG decides to go ahead and use provisioned bandwidth
anyway, it could always do so. But then we'd better be prepared to deal
with the eventuality on when (and if) the IESG challenges us on this
privacy leak. If that happens, we'd better have a good response.
Perhaps a midway could be to see if we can use the provisioned bandwidth
for a set of (anonymous) subscribers instead of singleton subscribers.
That way, the larger herd provides some modicum of anonymity to an
individual subscriber who is part of the herd.
Cheers,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Another point is how¹s the provisioned access bandwidth really help decide
which peers are better. Today most P2P software allow caps to be put for
upload/download and people use it. Some come with a default based on the %
of the detect access speed. So, saying a user has 1Gb/s does not really
mean you will get better performance when connecting to him(er). I mean,
it would more inline with better than random to get the actual bandwidth
allowed.
On 6/27/14, 10:26 AM, Vijay K. Gurbani v...@bell-labs.com wrote:
[Still as individual.]
On 06/26/2014 05:10 AM, Songhaibin (A) wrote:
Sebastian gave an idea that we can use relative numbers to indicate
the endpoint's provisioned bandwidth instead of access type, which
is similar to what we have used to indicate the cost in the alto
protocol.
The difference, of course, being that the ISP in some manner consented
to having a normalized value of cost to be distributed in order to allow
for better than random selections to improve network performance.
In the case under discussion, the issue is does the subscriber consent
to having their provisioned bandwidth be part of ALTO calculations?
Remember, if the WG decides to go ahead and use provisioned bandwidth
anyway, it could always do so. But then we'd better be prepared to deal
with the eventuality on when (and if) the IESG challenges us on this
privacy leak. If that happens, we'd better have a good response.
Perhaps a midway could be to see if we can use the provisioned bandwidth
for a set of (anonymous) subscribers instead of singleton subscribers.
That way, the larger herd provides some modicum of anonymity to an
individual subscriber who is part of the herd.
Cheers,
- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurb...@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
___
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
Hi Michael, Thank you very much for your comments and sending the comment to the list! And in my memory, this was debate in this working group about the privacy of network access type. But I do not remember there was a consensus. Thank you very much for pointing it out. I think even some people may have concern on it, but those properties could be used in some constraint environment. Or use it in another way. Sebastian gave an idea that we can use relative numbers to indicate the endpoint's provisioned bandwidth instead of access type, which is similar to what we have used to indicate the cost in the alto protocol. I think this is more useful than access type, and can also in somewhat relief the privacy concern? BR, -Haibin -Original Message- From: Scharf, Michael (Michael) [mailto:michael.sch...@alcatel-lucent.com] Sent: Thursday, June 26, 2014 5:59 PM To: IETF ALTO Cc: Songhaibin (A) Subject: Potential privacy issue in draft-deng-alto-p2p-ext-01? Haibin asked me to send the following comment from a private discussion also to the list: Section 3.3 of draft-deng-alto-p2p-ext-01 suggest a new Endpoint Property Type network_access for P2P peer selection. As far as I recall, this type of ALTO guidance was discussed in the past quite a bit, and there may have been privacy concerns. For instance, draft-ietf-alto-deployments-09 Section 3.2.4. includes the following statement: o Performance metrics that raise privacy concerns. For instance, it has been questioned whether an ALTO service could publicly expose the provisioned access bandwidth, e.g. of cable / DSL customers, because this could enables identification of premium customers. That text was already in draft-ietf-alto-deployments before I started to edit this document. For P2P use cases, I wonder whether that concern might (still) apply to endpoint properties such as DSL vs. FTTH as currently suggested draft-deng-alto-p2p-ext-01. Michael ___ alto mailing list alto@ietf.org https://www.ietf.org/mailman/listinfo/alto
