IETF Logo Mail Archive

Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?

邓灵莉/Lingli Deng <denglingli@chinamobile.com> Wed, 02 July 2014 04:04 UTC

Return-Path: <denglingli@chinamobile.com>
X-Original-To: alto@ietfa.amsl.com
Delivered-To: alto@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 492551A03CD for <alto@ietfa.amsl.com>; Tue, 1 Jul 2014 21:04:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.87
X-Spam-Level: *
X-Spam-Status: No, score=1.87 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RELAY_IS_221=2.222, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 61jxfzRJzdKB for <alto@ietfa.amsl.com>; Tue, 1 Jul 2014 21:04:36 -0700 (PDT)
Received: from cmccmta1.chinamobile.com (cmccmta1.chinamobile.com [221.176.66.79]) by ietfa.amsl.com (Postfix) with SMTP id 392E41A00E5 for <alto@ietf.org>; Tue, 1 Jul 2014 21:04:35 -0700 (PDT)
Received: from spf.mail.chinamobile.com (unknown[172.16.121.11]) by rmmx-syy-dmz-app01-12001 (RichMail) with SMTP id 2ee153b384ccfc2-f7fc2; Wed, 02 Jul 2014 12:04:28 +0800 (CST)
X-RM-TRANSID: 2ee153b384ccfc2-f7fc2
Received: from cmccPC (unknown[10.2.43.183]) by rmsmtp-syy-appsvr06-12006 (RichMail) with SMTP id 2ee653b384cabb8-a0bd3; Wed, 02 Jul 2014 12:04:28 +0800 (CST)
X-RM-TRANSID: 2ee653b384cabb8-a0bd3
From: 邓灵莉/Lingli Deng <denglingli@chinamobile.com>
To: "'Y. Richard Yang'" <yry@cs.yale.edu>, 'Sebastian Kiesel' <ietf-alto@skiesel.de>
References: <655C07320163294895BBADA28372AF5D16593352@FR712WXCHMBA13.zeu.alcatel-lucent.com> <53ADA6E0.3030503@bell-labs.com> <20140630143552.GB4608@gw01.ehlo.wurstkaes.de> <CANUuoLoNSD5m7TkQgVmCaQxM4iZWFzuf_aYPvCknobH7zuOWiA@mail.gmail.com>
In-Reply-To: <CANUuoLoNSD5m7TkQgVmCaQxM4iZWFzuf_aYPvCknobH7zuOWiA@mail.gmail.com>
Date: Wed, 02 Jul 2014 12:04:30 +0800
Message-ID: <01a701cf95aa$b9686800$2c393800$@com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_01A8_01CF95ED.C78BA800"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac+VJVF1fGsHE7ZXQmaTsWh0vbRlowAhMBPQ
Content-Language: zh-cn
Archived-At: http://mailarchive.ietf.org/arch/msg/alto/CoAHJvqaaODwCryR__9NmRRL65k
Cc: 'IETF ALTO' <alto@ietf.org>
Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/alto/>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jul 2014 04:04:38 -0000

 

 

From: alto [mailto:alto-bounces@ietf.org] On Behalf Of Y. Richard Yang
Sent: Tuesday, July 01, 2014 8:09 PM
To: Sebastian Kiesel
Cc: IETF ALTO
Subject: Re: [alto] Potential privacy issue in draft-deng-alto-p2p-ext-01?

 

 

On Mon, Jun 30, 2014 at 10:35 AM, Sebastian Kiesel <ietf-alto@skiesel.de> wrote:

On Fri, Jun 27, 2014 at 12:16:16PM -0500, Vijay K. Gurbani wrote:
> On 06/26/2014 04:58 AM, Scharf, Michael (Michael) wrote:
> >Haibin asked me to send the following comment from a private
> >discussion also to the list:
> >
> >Section 3.3 of draft-deng-alto-p2p-ext-01 suggest a new Endpoint
> >Property Type "network_access" for P2P peer selection. As far as I
> >recall, this type of ALTO guidance was discussed in the past quite a
> >bit, and there may have been privacy concerns. For instance,
> >draft-ietf-alto-deployments-09 Section 3.2.4. includes the following
> >statement:
> >
> >o  Performance metrics that raise privacy concerns.  For instance,
> >it has been questioned whether an ALTO service could publicly expose
> >the provisioned access bandwidth, e.g. of cable / DSL customers,
> >because this could enables identification of "premium" customers.
> >
> >That text was already in draft-ietf-alto-deployments before I started
> >to edit this document.
> >
> >For P2P use cases, I wonder whether that concern might (still) apply
> >to endpoint properties such as DSL vs. FTTH as currently suggested
> >draft-deng-alto-p2p-ext-01.
>
> [As individual, of course.]
>
> I suspect the type of network access (DSL, cable, FTTH, satellite) is
> probably okay.  Commercial companies often publicly tout the deployment
> of certain access technologies in neighbourhoods.

I know some neighborhoods where FTTH is available, but at very high
prices.  Consequently, many people there prefer to keep their existing
xDSL or cable based Internet service.  If we used ALTO to announce who
decided to pay the high price for FTTH, I would consider this as a
potential privacy concern, because this would be some kind of list of
households with better-than-average income and/or computer professionals
or enthusiasts living there.

 

This is an interesting example, and provides a case where access control may be used. I always expect that there should be an access control mechanism, in given settings, to limit the information exposure of ALTO info. I can imagine that this can be endhost opt-in, or provider control (e.g., only certain trusted entities can access the URL).

[邓灵莉/Lingli Deng] Good idea. Greater flexibility can be delivered by access control at the discretion of both the network operator and the individual subscriber. 

 

Richard

 


Sebastian


_______________________________________________
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto

v2.23.0 | Report a Bug | By Email