Re: [alto] Eric Rescorla's Discuss on draft-ietf-alto-multi-cost-08: (with DISCUSS)
"Randriamasy, Sabine (Nokia - FR/Nozay)" <sabine.randriamasy@nokia-bell-labs.com> Tue, 25 April 2017 17:36 UTC
Return-Path: <sabine.randriamasy@nokia-bell-labs.com>
X-Original-To: alto@ietfa.amsl.com
Delivered-To: alto@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FFF2131634; Tue, 25 Apr 2017 10:36:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.701
X-Spam-Level:
X-Spam-Status: No, score=-4.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xKLDQmrjWm8U; Tue, 25 Apr 2017 10:36:51 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on0101.outbound.protection.outlook.com [104.47.0.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85BE01316D4; Tue, 25 Apr 2017 10:36:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector2-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=V2Zdgwwuq43bahnvP2DyiM02zhNZrMrsJ97/JKTz4co=; b=ZQv6lVjsy5VmtItF+KY+61KaApjvl7sX8a9ryBO8JRDqNvE/jcnVVSwyxg6mEzHBKhkh8W4u9q4cqQQO9Lp29QE+hbOEXPuMLuY6tRLFg8CmPngYvRAccSfDZaBI6D1JnagkYRfDQLuZko0OcuXgFyzPmHyV0NDs1zwmJsZxVrg=
Received: from DB6PR0701MB2454.eurprd07.prod.outlook.com (10.168.75.147) by DB6PR0701MB2456.eurprd07.prod.outlook.com (10.168.75.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1061.6; Tue, 25 Apr 2017 17:36:48 +0000
Received: from DB6PR0701MB2454.eurprd07.prod.outlook.com ([10.168.75.147]) by DB6PR0701MB2454.eurprd07.prod.outlook.com ([10.168.75.147]) with mapi id 15.01.1061.011; Tue, 25 Apr 2017 17:36:48 +0000
From: "Randriamasy, Sabine (Nokia - FR/Nozay)" <sabine.randriamasy@nokia-bell-labs.com>
To: Eric Rescorla <ekr@rtfm.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-alto-multi-cost@ietf.org" <draft-ietf-alto-multi-cost@ietf.org>, Jan Seedorf <ietf@j-f-s.de>, "alto-chairs@ietf.org" <alto-chairs@ietf.org>, "ietf@j-f-s.de" <ietf@j-f-s.de>, "alto@ietf.org" <alto@ietf.org>
Thread-Topic: Eric Rescorla's Discuss on draft-ietf-alto-multi-cost-08: (with DISCUSS)
Thread-Index: AQHSsxeykvXSyB2hDEeHNZAOAQklyKHWbcyg
Date: Tue, 25 Apr 2017 17:36:48 +0000
Message-ID: <DB6PR0701MB2454099B8928AC25AB935219951E0@DB6PR0701MB2454.eurprd07.prod.outlook.com>
References: <149195174602.15710.12028453376853096422.idtracker@ietfa.amsl.com>
In-Reply-To: <149195174602.15710.12028453376853096422.idtracker@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: rtfm.com; dkim=none (message not signed) header.d=none;rtfm.com; dmarc=none action=none header.from=nokia-bell-labs.com;
x-originating-ip: [135.245.212.18]
x-microsoft-exchange-diagnostics: 1; DB6PR0701MB2456; 7:0raxL9Qg831Kzizx3pxm/8+p9g0XHyEYch8dqFbhtjFeeuyyXY2u67NnLeVwUpPexvh8qVaZ/isn49svIdInG3NaUchtvdzE7W/LfR7FFA6tXBDuE2FfE2NpRW+HAZMkVOZPxobt6nLLuXgTE911MI52oLXZjxejTq9TiWCObmzvsDFcW3pmKtVGBz/Ji8/PAPtSRTxHKERx7lCDcKb56hvJ4uVkkK7x86fqGdeqVOWE4Xd5puby8PvN+Z1bo86zxsoWKe22Fy3iJ68VzFDgREhVhrBVVuZhelFJt4eWImC7tSoAGx3DR5itco7Jatx0MFH0HeGL7dEcAuPTr8aIvA==
x-ms-office365-filtering-correlation-id: d7de8c13-3676-42e7-a181-08d48c01a681
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081); SRVR:DB6PR0701MB2456;
x-microsoft-antispam-prvs: <DB6PR0701MB24560911EDD9C85637A62F88951E0@DB6PR0701MB2456.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(278428928389397)(120809045254105)(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(93006095)(93001095)(6055026)(6041248)(20161123564025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123562025)(20161123560025)(6072148); SRVR:DB6PR0701MB2456; BCL:0; PCL:0; RULEID:; SRVR:DB6PR0701MB2456;
x-forefront-prvs: 0288CD37D9
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39410400002)(39840400002)(39400400002)(39850400002)(39450400003)(39860400002)(13464003)(3846002)(53936002)(2900100001)(189998001)(7696004)(8676002)(229853002)(6116002)(7736002)(77096006)(102836003)(2950100002)(6246003)(81166006)(8936002)(66066001)(2906002)(230783001)(76176999)(3660700001)(33656002)(54356999)(3280700002)(54906002)(9686003)(55016002)(99286003)(86362001)(50986999)(25786009)(6306002)(4326008)(122556002)(74316002)(6506006)(5660300001)(38730400002)(305945005)(6436002)(90052001); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR0701MB2456; H:DB6PR0701MB2454.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nokia-bell-labs.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Apr 2017 17:36:48.1140 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0701MB2456
Archived-At: <https://mailarchive.ietf.org/arch/msg/alto/AtP3rqg00ZrPCuGZeSB7n0oWVzs>
Subject: Re: [alto] Eric Rescorla's Discuss on draft-ietf-alto-multi-cost-08: (with DISCUSS)
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/alto/>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Apr 2017 17:36:53 -0000
Hello Eric, Thanks a lot for your feedback and suggested text on privacy or security issues. I have added it to section 7 "Privacy And Security Considerations" of the draft update that has just been posted and can be found at https://tools.ietf.org/html/draft-ietf-alto-multi-cost-09 . Best regards, Sabine >>-----Original Message----- >>From: Eric Rescorla [mailto:ekr@rtfm.com] >>Sent: 12 April 2017 01:02 >>To: The IESG <iesg@ietf.org> >>Cc: draft-ietf-alto-multi-cost@ietf.org; Jan Seedorf <ietf@j-f-s.de>; alto- >>chairs@ietf.org; ietf@j-f-s.de; alto@ietf.org >>Subject: Eric Rescorla's Discuss on draft-ietf-alto-multi-cost-08: (with >>DISCUSS) >> >>Eric Rescorla has entered the following ballot position for >>draft-ietf-alto-multi-cost-08: Discuss >> >>When responding, please keep the subject line intact and reply to all email >>addresses included in the To and CC lines. (Feel free to cut this introductory >>paragraph, however.) >> >> >>Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >>for more information about IESG DISCUSS and COMMENT positions. >> >> >>The document, along with other ballot positions, can be found here: >>https://datatracker.ietf.org/doc/draft-ietf-alto-multi-cost/ >> >> >> >>---------------------------------------------------------------------- >>DISCUSS: >>---------------------------------------------------------------------- >> >>This document states: >>"This document does not introduce any privacy or security issues not >> already present in the ALTO protocol." >> >>This may be true, but it's not obvious it is, because when questions are asked >>together, that's more of a privacy signature than independently. >>So, suppose that application A asks for metric A and application B asks for >>metric B and application C asks for A and B. If these applications are mixed >>behind a CGN, with single queries then you don't know whether you have >>some A clients and some B clients, but if you do multi-query, it's clear these >>are C clients. This is a potentially serious issue if (for instance) Bittorrent >>always asks for a very distinguished set of parameters, so an ALTO server >>might use this to find Bittorrent clients. >> >> >>
- [alto] Eric Rescorla's Discuss on draft-ietf-alto… Eric Rescorla
- Re: [alto] Eric Rescorla's Discuss on draft-ietf-… Mirja Kuehlewind (IETF)
- Re: [alto] Eric Rescorla's Discuss on draft-ietf-… Randriamasy, Sabine (Nokia - FR/Nozay)
- Re: [alto] Eric Rescorla's Discuss on draft-ietf-… Eric Rescorla
- Re: [alto] Eric Rescorla's Discuss on draft-ietf-… Randriamasy, Sabine (Nokia - FR/Nozay)