IETF Logo Mail Archive

Re: [apps-discuss] Comments on draft-ietf-appsawg-http-forwarded-02

Alissa Cooper <acooper@cdt.org> Mon, 21 May 2012 13:42 UTC

Return-Path: <acooper@cdt.org>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5FB321F859E for <apps-discuss@ietfa.amsl.com>; Mon, 21 May 2012 06:42:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.639
X-Spam-Level:
X-Spam-Status: No, score=-101.639 tagged_above=-999 required=5 tests=[AWL=0.960, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k0ekJnt+HWVW for <apps-discuss@ietfa.amsl.com>; Mon, 21 May 2012 06:42:57 -0700 (PDT)
Received: from mail.maclaboratory.net (mail.maclaboratory.net [209.190.215.232]) by ietfa.amsl.com (Postfix) with ESMTP id 2AF2C21F8599 for <apps-discuss@ietf.org>; Mon, 21 May 2012 06:42:57 -0700 (PDT)
X-Footer: Y2R0Lm9yZw==
Received: from localhost ([127.0.0.1]) by mail.maclaboratory.net (using TLSv1/SSLv3 with cipher AES128-SHA (128 bits)); Mon, 21 May 2012 09:42:50 -0400
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Alissa Cooper <acooper@cdt.org>
In-Reply-To: <4FB66EA4.9000703@sbin.se>
Date: Mon, 21 May 2012 09:42:49 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <ABF741AC-46F2-490F-9DDA-DA77112F0C73@cdt.org>
References: <6.2.5.6.2.20120502074325.0ababa28@elandnews.com> <4FAFA51F.4040508@sbin.se> <6.2.5.6.2.20120513074613.092bab70@resistor.net> <4FB0D246.4020608@cs.tcd.ie> <20120514122954.242cb1be@hetzer> <4FB0E828.9040405@cs.tcd.ie> <20120514134501.067cbd96@hetzer> <4FB18597.1020703@cs.tcd.ie> <6.2.5.6.2.20120514155407.099847c8@resistor.net> <B3876539-F25E-4519-99CF-04A59D5E36D0@cdt.org> <4FB66EA4.9000703@sbin.se>
To: Andreas Petersson <andreas@sbin.se>
X-Mailer: Apple Mail (2.1084)
Cc: apps-discuss@ietf.org
Subject: Re: [apps-discuss] Comments on draft-ietf-appsawg-http-forwarded-02
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 May 2012 13:42:57 -0000

Hi Andreas,

A few responses inline.

On May 18, 2012, at 11:45 AM, Andreas Petersson wrote:
>> Notes:
>> 
>> 1. Section 5.2 says that the typical value of the forwarded-for
>> parameter is an IP address but that it MAY be some other kind of
>> identifier. What other identifiers might it be? Are there any
>> identifiers that should be taken off the table (e.g., subscriber
>> IDs, MAC addresses, credit card numbers)? Obviously some of these
>> are more likely to have value than others but I think it's
>> important to scope this if possible. Just because a proxy may know
>> some persistent host identifier doesn't mean it should be forwarded
>> around in an HTTP header.
> 
> Essentially, any token you like that fits in the obf-node. What this
> translates depends highly on the environment.
> Of course some things are more suitable than others to use as
> identifier. Putting a credit card number there and send it around the
> Internet seems stupid. I don't believe someone will do that, and if
> they would, the would do it regardless of this header field.

So, is there some recommendation you can make to limit the scope of identifiers? Or to caution against the use of permanent, unique identifiers in public network environments?

> 
>> 3. In general it seems like somewhere -- not sure if it should be
>> here, or in the nat-reveal draft, or somewhere else -- the
>> interactions between different mechanisms for IP address hiding and
>> sharing need to be addressed. For example, if my request goes
>> through multiple middleboxes that implement the TCP option for
>> nat-reveal
>> (http://tools.ietf.org/html/draft-wing-nat-reveal-option-03) and
>> then hits an HTTP proxy, can I expect the proxy to take my IP
>> address out of the TCP option and insert it into a Forwarded
>> header? If I want to hide my IP address from the combination of
>> these mechanisms, what do I need to do?
>> 
> 
> I don't think you can expect anything. The fact is that a lot of
> proxies are already adding X-Forwarded-For header field though. This
> is only a formal specification of that, with extra features.

Obviously people will implement and use all kinds of features as they wish, but the formal specification phase is often a good time to assess the consequences of widespread implementation and use.  If discussing those consequences here causes some implementers and users to be more thoughtful about the privacy impact of what they do, that's an additional benefit of standardization.

Alissa

v2.23.0 | Report a Bug | By Email