Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?

[Sebastian Kiesel <ietf-alto@skiesel.de>]

On Fri, Jun 27, 2014 at 12:16:16PM -0500, Vijay K. Gurbani wrote:
> On 06/26/2014 04:58 AM, Scharf, Michael (Michael) wrote:
> >Haibin asked me to send the following comment from a private
> >discussion also to the list:
> >
> >Section 3.3 of draft-deng-alto-p2p-ext-01 suggest a new Endpoint
> >Property Type "network_access" for P2P peer selection. As far as I
> >recall, this type of ALTO guidance was discussed in the past quite a
> >bit, and there may have been privacy concerns. For instance,
> >draft-ietf-alto-deployments-09 Section 3.2.4. includes the following
> >statement:
> >
> >o  Performance metrics that raise privacy concerns.  For instance,
> >it has been questioned whether an ALTO service could publicly expose
> >the provisioned access bandwidth, e.g. of cable / DSL customers,
> >because this could enables identification of "premium" customers.
> >
> >That text was already in draft-ietf-alto-deployments before I started
> >to edit this document.
> >
> >For P2P use cases, I wonder whether that concern might (still) apply
> >to endpoint properties such as DSL vs. FTTH as currently suggested
> >draft-deng-alto-p2p-ext-01.
> 
> [As individual, of course.]
> 
> I suspect the type of network access (DSL, cable, FTTH, satellite) is
> probably okay.  Commercial companies often publicly tout the deployment
> of certain access technologies in neighbourhoods.

I know some neighborhoods where FTTH is available, but at very high
prices.  Consequently, many people there prefer to keep their existing
xDSL or cable based Internet service.  If we used ALTO to announce who
decided to pay the high price for FTTH, I would consider this as a
potential privacy concern, because this would be some kind of list of
households with better-than-average income and/or computer professionals
or enthusiasts living there.

Sebastian