Re: [alto] Last Call: <draft-ietf-alto-protocol-25.txt> (ALTO Protocol) to Proposed Standard
Enrico Marocco <enrico.marocco@telecomitalia.it> Mon, 03 February 2014 08:21 UTC
Return-Path: <enrico.marocco@telecomitalia.it>
X-Original-To: alto@ietfa.amsl.com
Delivered-To: alto@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C8D31A0170; Mon, 3 Feb 2014 00:21:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.978
X-Spam-Level:
X-Spam-Status: No, score=0.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FH_RELAY_NODNS=1.451, HELO_EQ_IT=0.635, RDNS_NONE=0.793, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IB1j2-NnxMZJ; Mon, 3 Feb 2014 00:21:03 -0800 (PST)
Received: from TELEDG001RM001.telecomitalia.it (unknown [217.169.121.18]) by ietfa.amsl.com (Postfix) with ESMTP id C75A51A0099; Mon, 3 Feb 2014 00:21:01 -0800 (PST)
Received: from grfhub703rm001.griffon.local (10.19.3.10) by TELEDG001RM001.telecomitalia.it (10.19.3.111) with Microsoft SMTP Server (TLS) id 14.3.174.1; Mon, 3 Feb 2014 09:20:53 +0100
Received: from MacLab.local (163.162.173.12) by smtp.telecomitalia.it (10.19.9.236) with Microsoft SMTP Server (TLS) id 8.3.342.0; Mon, 3 Feb 2014 09:20:47 +0100
Message-ID: <52EF515E.2020307@telecomitalia.it>
Date: Mon, 03 Feb 2014 09:20:46 +0100
From: Enrico Marocco <enrico.marocco@telecomitalia.it>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: joel jaeggli <joelja@bogus.com>, ietf@ietf.org
References: <20140121123422.16733.7314.idtracker@ietfa.amsl.com> <52EF4537.5030501@bogus.com>
In-Reply-To: <52EF4537.5030501@bogus.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms090807070205090001070107"
X-TI-Disclaimer: Disclaimer1
Cc: alto@ietf.org
Subject: Re: [alto] Last Call: <draft-ietf-alto-protocol-25.txt> (ALTO Protocol) to Proposed Standard
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/alto/>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Feb 2014 08:21:05 -0000
On 03/02/14 08:28, joel jaeggli wrote: > Section 12.3 > > http://tools.ietf.org/html/draft-ietf-alto-protocol-25#section-12.3 > > seems ripe for inadvertent information disclosure and or deliberate > abuse. it's certainly not something that I would ask my ISP. ... and the document tries to do its job by warning against it, in section 15.4 ("Privacy for ALTO Users"), and pointing to the problem statement part that deals with the issue in detail (RFC 6708, S. 5.2). Just to confirm that client information inadvertent disclosure is a well perceived issue (whose severity varies on a case by case basis though, as probably one wouldn't care much if such sharing was done by the Spotify app running on their laptop). Do you have any text change/addition to suggest to make it even clearer? Enrico
- [alto] Last Call: <draft-ietf-alto-protocol-25.tx… The IESG
- Re: [alto] Last Call: <draft-ietf-alto-protocol-2… joel jaeggli
- Re: [alto] Last Call: <draft-ietf-alto-protocol-2… Enrico Marocco