Re: [dnsext] Privacy in IP address indication (Was: I-D ACTION:draft-vandergaast-edns-client-ip-00.txt
Eric Brunner-Williams <ebw@abenaki.wabanaki.net> Mon, 01 February 2010 00:12 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7F73F3A67F2; Sun, 31 Jan 2010 16:12:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JWxFBr+KGJKd; Sun, 31 Jan 2010 16:12:37 -0800 (PST)
Received: from psg.com (psg.com [147.28.0.62]) by core3.amsl.com (Postfix) with ESMTP id ED00A3A67B6; Sun, 31 Jan 2010 16:12:36 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.71 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1NbjmM-0002ZH-QH for namedroppers-data0@psg.com; Mon, 01 Feb 2010 00:04:34 +0000
Received: from [65.99.1.130] (helo=abenaki.wabanaki.net) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.71 (FreeBSD)) (envelope-from <ebw@abenaki.wabanaki.net>) id 1NbjmK-0002YM-GF for namedroppers@ops.ietf.org; Mon, 01 Feb 2010 00:04:32 +0000
Received: from limpet.local (cpe-67-241-43-7.twcny.res.rr.com [67.241.43.7]) by abenaki.wabanaki.net (8.14.3/8.14.3) with ESMTP id o0VNs9NE057506; Sun, 31 Jan 2010 18:54:10 -0500 (EST) (envelope-from ebw@abenaki.wabanaki.net)
Message-ID: <4B661A76.6040702@abenaki.wabanaki.net>
Date: Sun, 31 Jan 2010 19:04:06 -0500
From: Eric Brunner-Williams <ebw@abenaki.wabanaki.net>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1
MIME-Version: 1.0
To: bmanning@vacation.karoshi.com
CC: Stephane Bortzmeyer <bortzmeyer@nic.fr>, Alex Bligh <alex@alex.org.uk>, namedroppers@ops.ietf.org
Subject: Re: [dnsext] Privacy in IP address indication (Was: I-D ACTION:draft-vandergaast-edns-client-ip-00.txt
References: <7c31c8cc1001271556w4918093er6e94e07cb92c4dc4@mail.gmail.com> <6184.1264657589@nsa.vix.com> <4966825a1001280807i768a33ccs98f809366bce33d8@mail.gmail.com> <48894.1264695230@nsa.vix.com> <50A91B20-5AC1-4819-91ED-E5141F068D48@wiggum.com> <52065.1264699087@nsa.vix.com> <FDD5D1103B8EA4D13C4A2C4C@Ximines.local> <20100129113813.GB32401@nic.fr> <20100131203055.GB7279@vacation.karoshi.com.>
In-Reply-To: <20100131203055.GB7279@vacation.karoshi.com.>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
in 8, there is a repetition of the choice (mistake in my opinion) that truncating a 32bit address to 24bits provided "privacy". there are two issues. first, what data is being collected by the server, independent of any assertions of preference by the address provisioning client? i'm not suggesting that the server should signal the client what its data collection practices are, but it is a possibility, this is what the w3c's p3p work has made possible, and there is a dcp element (data collection policy) in epp. the mistake made in the p3p spec group was to pick 24bits as providing "privacy". this choice was made without reference to the structure of any particular address allocation in which an address for which some "privacy" was desired, or to the temporal properties of addresses in the smallest block to which that address belong. in short, for the purposes of geo-mumble, a purpose this draft appears to share, no use was made of information that may be sufficient to identify the geo property sufficient for the proposed service, e.g., is this user on mars, for some value of mars, and, there was no awareness that dynamically provisioned 32bit identifiers are "static" of significant periods of time, and other correlative tools are available for user profiling business (and non-business) models which have access to "masked" data and other sources of data. second, there is the utility of the client, the address bits provisioning source, asserting what the provisioned bits are. this draft appears to comingle locality, which may be useful, and the frequently repeated "privacy toggle" semantics, which ignores the richer semantics of discovering the policy of the address bits collector, which should discard these bits as soon as the localized service is accomplished, but could keep them indefinitely, and corrolate them with other data sources (see "doubleclick" generally). eric
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Wilmer van der Gaast
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Tony Finch
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Carlo Contavalli
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Sean Leach
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Hoffman
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Wilmer van der Gaast
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Stephane Bortzmeyer
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Olafur Gudmundsson
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Joe Abley
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Mark Andrews
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Olafur Gudmundsson
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… George Barwood
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Martin Barry
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Jim Reid
- [dnsext] stupid dns tricks and transport paths Jim Reid
- Re: [dnsext] stupid dns tricks and transport paths Martin Barry
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Stephane Bortzmeyer
- [dnsext] Privacy in IP address indication (Was: I… Stephane Bortzmeyer
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Florian Weimer
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Marco Davids
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Roy Arends
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Federico Lucifredi
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Hoffman
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… sthaug
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Carlo Contavalli
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Carlo Contavalli
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Wilmer van der Gaast
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Joe Abley
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Tony Finch
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Privacy in IP address indication (Wa… bmanning
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… bmanning
- Re: [dnsext] Privacy in IP address indication (Wa… Eric Brunner-Williams
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ondřej Surý
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ondřej Surý
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Martin Barry
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Stephane Bortzmeyer
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Carlo Contavalli
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Hoffman
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… John Payne
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- [dnsext] Incoherency for the greater good, etc., … Edward Lewis
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Martin Barry
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- [dnsext] Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Brian Dickson
- Re: [dnsext] Privacy vs EDNS Client IP... Jim Reid
- [dnsext] EDNS client IP should be opt-in (Was: I-… Stephane Bortzmeyer
- [dnsext] Re: EDNS client IP should be opt-in (Was… Carlo Contavalli
- [dnsext] Re: EDNS client IP should be opt-in (Was… Ondřej Surý
- [dnsext] Re: EDNS client IP should be opt-in (Was… Stephane Bortzmeyer
- [dnsext] opt-in and draft-vandergaast-edns-client… Jim Reid
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… John Payne
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Stephane Bortzmeyer
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Jim Reid
- Re: [dnsext] opt-in and draft-vandergaast-edns-cl… Matthew Dempsky
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Matthew Dempsky
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Eric Brunner-Williams
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Jim Reid
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Tony Finch
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Wilmer van der Gaast
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Nicholas Weaver
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Matthew Dempsky
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ondřej Surý
- [dnsext] something for RFC2671-bis Jim Reid
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Nicholas Weaver
- [dnsext] EDNS behaviour and draft-vandergaast-edn… Jim Reid
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Wilmer van der Gaast
- Re: [dnsext] EDNS behaviour and draft-vandergaast… Nicholas Weaver
- Re: [dnsext] something for RFC2671-bis Michael Graff
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Michael Graff
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Michael Graff
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Matthew Dempsky
- [dnsext] Re: Privacy vs EDNS Client IP... Ted Hardie
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Michael Graff
- Re: [dnsext] Re: Privacy vs EDNS Client IP... bmanning
- [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: EDNS client IP should be opt-in … Paul Vixie
- Re: [dnsext] Re: EDNS client IP should be opt-in … Wilmer van der Gaast
- Re: [dnsext] Re: EDNS client IP should be opt-in … Michael Graff
- Re: [dnsext] Re: EDNS client IP should be opt-in … Wilmer van der Gaast
- Re: [dnsext] Re: EDNS client IP should be opt-in … Michael Graff
- Re: [dnsext] Re: EDNS client IP should be opt-in … Nicholas Weaver
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Mark Andrews
- [dnsext] Re: Privacy vs EDNS Client IP... Ted Hardie
- [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Wilmer van der Gaast
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Paul Vixie
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Matthew Dempsky
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Wilmer van der Gaast
- Re: [dnsext] Re: Privacy vs EDNS Client IP... William Allen Simpson
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Jacco Tunnissen
- RE: [dnsext] something for RFC2671-bis Greg Daley
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Paul Vixie
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… John Payne
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] something for RFC2671-bis Jim Reid
- RE: [dnsext] something for RFC2671-bis Greg Daley
- Re: [dnsext] Re: Privacy vs EDNS Client IP... bmanning
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Matthew Dempsky
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Matthew Dempsky
- Re: [dnsext] Re: Privacy vs EDNS Client IP... bmanning
- Re: [dnsext] Re: Privacy vs EDNS Client IP... bmanning
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Alex Bligh