[apps-discuss] Privacy Considerations for Internet Protocols (was: Fwd: I-D Action: draft-yevstifeyev-ftp-uri-scheme-04.txt)
SM <sm@resistor.net> Sat, 09 July 2011 17:10 UTC
Return-Path: <sm@resistor.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A8C721F877B; Sat, 9 Jul 2011 10:10:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mkj1BR9ygdib; Sat, 9 Jul 2011 10:10:56 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B74121F8888; Sat, 9 Jul 2011 10:10:55 -0700 (PDT)
Received: from subman.resistor.net (IDENT:sm@localhost [127.0.0.1]) by mx.elandsys.com (8.14.4/8.14.5.Beta0) with ESMTP id p69HAgxm012813; Sat, 9 Jul 2011 10:10:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1310231450; bh=Wsl/ozWYRdNRZgVNAHoFvdsnYwXjHvUlC/LFF1lwLdg=; h=Message-Id:X-Mailer:Date:To:From:Subject:Cc:In-Reply-To: References:Mime-Version:Content-Type; b=Wh/TOWWo7zyVHPEcYZmyJPpPX8Bk0GEbgxqmPSe62yQrOw8d2nj9mipgyVWc7k5Zv /R1CI8MPQo28cXdvmIvlgH+CJJ5LgCYGFCnsl5dwwxHPQrlEtIaLJMphM5z52tgqeS RzPNRepw9PITaSP40g7Fye+EGwRpUBwIlGQmEFuc=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1310231450; bh=Wsl/ozWYRdNRZgVNAHoFvdsnYwXjHvUlC/LFF1lwLdg=; h=Message-Id:X-Mailer:Date:To:From:Subject:Cc:In-Reply-To: References:Mime-Version:Content-Type; b=PcLOYYdTsd7+yx62SxbW34ebfFQBqaRCjFMe/xKS8fp0WbLttBqsq/j0br6G9IIxB dguRWLKAmrgGyME48+uB1VxpDn2W9cj9AgmdGZ4Ufv9FSJ7pUIEc1oWwa9QnE04wgA mHHe01/LZVPQoxuaaV4S34v6M4+FjeMQ4Z1dycUM=
Message-Id: <6.2.5.6.2.20110709074757.04899d20@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Sat, 09 Jul 2011 10:09:09 -0700
To: Frank Ellermann <hmdmhdfmhdjmzdtjmzdtzktdkztdjz@gmail.com>
From: SM <sm@resistor.net>
In-Reply-To: <CAHhFybry+kayJ4-Z+JuA0iY3rALSiB=OKn5zC8VUFcUMuUtwcQ@mail.g mail.com>
References: <4E15C895.6020701@gmail.com> <CAHhFybq563a9+ivYuk83J3po_02nopeiu=mB3fO26f-o1Mwt0A@mail.gmail.com> <6.2.5.6.2.20110708105100.02fa9298@resistor.net> <CAHhFybry+kayJ4-Z+JuA0iY3rALSiB=OKn5zC8VUFcUMuUtwcQ@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: ietf-privacy@ietf.org, Apps-discuss list <apps-discuss@ietf.org>
Subject: [apps-discuss] Privacy Considerations for Internet Protocols (was: Fwd: I-D Action: draft-yevstifeyev-ftp-uri-scheme-04.txt)
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Jul 2011 17:10:58 -0000
Hi Frank, I added a Cc to the ietf-privacy mailing list. I suggest using that mailing list for further discussion. At 13:04 08-07-2011, Frank Ellermann wrote: >I'd like to have "privacy considerations" in all future I-Ds - >it could be merged with the "security considerations" or even >omitted as beside the point depending on the final RFC, but an >indication in I-Ds that the authors "considered privacy" like >"security" or "i18n" or "IANA" would be good. If authors then >decide that this is bureaucratic nonsense to be ignored for >their purposes it worked as designed: At least they spent the >milliseconds to think about it. draft-morris-policy-cons-00 discusses about Policy Considerations for Internet Protocols. There is another I-D, draft-morris-privacy-considerations-03, that discusses about Privacy Considerations for Internet Protocols. The term "Network Access Identifier" is used in RFC 4282; it is the user identity submitted by the client during network access authentication. A common identifier which is picked for user authentication is an email address as it offers uniqueness and it is easy for the user to remember. That has privacy implications. Disallowing "anonymous" (FTP) as the user name and the email address as the password does not solve the problem as credentials are required to access a protected resource. Reality check, some users will: (i) provide their email address (ii) use guest@example.com (iii) pick a random email address which does not belong to them The is ongoing work in the OAUTH WG on access to a protected resource using an intermediary which provides the access token. That's one way to deal with the question of providing credentials to an unknown party. draft-mayer-do-not-track-00 discusses about a HTTP header-based mechanism for users to express their preferences about tracking. draft-vandergaast-edns-client-ip defines an EDNS0 extension to carry relevant (client) network range information. If you do not provide information within the layer, the information will be gleaned from other layers. There are times when user consent is an explicit decision about the information to provide (see reality check) and there are times when it is an implicit decision; e.g. the terms of service that the user did not read. If you would like to have "privacy considerations" in all future I-Ds, the above could get you started. Regards, -sm
- [apps-discuss] Fwd: I-D Action: draft-yevstifeyev… Mykyta Yevstifeyev
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Frank Ellermann
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… John C Klensin
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Frank Ellermann
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… SM
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Frank Ellermann
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Mykyta Yevstifeyev
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… SM
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Frank Ellermann
- [apps-discuss] Privacy Considerations for Interne… SM
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Mykyta Yevstifeyev
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Mykyta Yevstifeyev
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Frank Ellermann
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Mykyta Yevstifeyev
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Frank Ellermann
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Mykyta Yevstifeyev
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Martin J. Dürst
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Frank Ellermann
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Martin J. Dürst
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Frank Ellermann
- [apps-discuss] RFC 5147 implementations (was: Fwd… Mykyta Yevstifeyev
- Re: [apps-discuss] Fwd: I-D Action: draft-yevstif… Mykyta Yevstifeyev
- Re: [apps-discuss] RFC 5147 implementations Julian Reschke