Re: Alt-Svc Privacy Concerns
Matthew Kerwin <matthew@kerwin.net.au> Sun, 10 April 2016 04:52 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2516E12D0CD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 9 Apr 2016 21:52:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.916
X-Spam-Level:
X-Spam-Status: No, score=-7.916 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.996, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NGbyXt50-6Yl for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 9 Apr 2016 21:52:34 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6232812D0C4 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 9 Apr 2016 21:52:34 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ap7Hf-0005Ln-A7 for ietf-http-wg-dist@listhub.w3.org; Sun, 10 Apr 2016 04:47:39 +0000
Resent-Date: Sun, 10 Apr 2016 04:47:39 +0000
Resent-Message-Id: <E1ap7Hf-0005Ln-A7@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <phluid61@gmail.com>) id 1ap7Hb-0005Kt-Qi for ietf-http-wg@listhub.w3.org; Sun, 10 Apr 2016 04:47:35 +0000
Received: from mail-ig0-f182.google.com ([209.85.213.182]) by maggie.w3.org with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) (Exim 4.80) (envelope-from <phluid61@gmail.com>) id 1ap7HY-00006X-JI for ietf-http-wg@w3.org; Sun, 10 Apr 2016 04:47:34 +0000
Received: by mail-ig0-f182.google.com with SMTP id gy3so39234357igb.0 for <ietf-http-wg@w3.org>; Sat, 09 Apr 2016 21:47:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc; bh=CAkENuNY8g/Sn2Mn8OAjsaKw1LJbP9QACWxkV3sRNQU=; b=fYJwjPHT9t0TVxkVgKnEksRUk87KZ0PBZi0OXZuj0pmAJSJr5huo/fqu2yhB7S9Q4u sSconzwYnUgMCy4Y+xNiqe8so/hEckcBa2E/moWxRyBxMo8hSj3fSOhrWc41gicjIkzJ f3/HVk5Z0YYj4+Aap0RCJnu/iEId3c0ak/K/rJiewu0ONQra895+8WKN/utK+Z2xJMwk JG/wv2VDX1ejB46FVnq35UHTZvgVmZO03jpnWjnXdayj4Guj/QU4OPx1WTPYOqTQCULT 4z583WnYEb3SHaK1nezx0gF/uFmQOdiHnUoDIdDxdLP++Q8QRU6jumyfZmtXWBB8gUqO mBjQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc; bh=CAkENuNY8g/Sn2Mn8OAjsaKw1LJbP9QACWxkV3sRNQU=; b=Td4pagOcaxwGPaFF9K1uE4UVJiN8uYTad3nfCBPZNG36lLOlRaW9Q4y8pP2gnO3W0a bjD/9hWm6yskSxwCFl3YzOFqu1J29psBbSJpNDIZevdoFOAxt0C4GFdhTWMp4cLSEEBi /6zuvM5xpOSdqiuI70/TW2AyMWFV70kZocfyRoEeRyRiBVP8eeTOfZByXaph0s7ZsFfn 6oABz9gQEHJclNNhAyX/u2UkfnMdLZ+3JeDHUZtufsDbX2n5QtOOJLIAI0QJEEL+o+yS vYW1OugmfGAbyL7f8YixHFnmPftsGjL0AqUuAf29BhZAQZtzTe9jXOsD+lyHnzafofO4 2PuQ==
X-Gm-Message-State: AD7BkJINw6WMviFiaoRGdevGaMgeJU0CL/x1+R93Fqm0Wmk6ltPwmUjOlE2jkjh0fW+yJV+3Pv+dNvdvS8tpPg==
MIME-Version: 1.0
X-Received: by 10.50.64.179 with SMTP id p19mr11360145igs.25.1460263626463; Sat, 09 Apr 2016 21:47:06 -0700 (PDT)
Sender: phluid61@gmail.com
Received: by 10.107.166.78 with HTTP; Sat, 9 Apr 2016 21:47:06 -0700 (PDT)
Received: by 10.107.166.78 with HTTP; Sat, 9 Apr 2016 21:47:06 -0700 (PDT)
In-Reply-To: <CAPofZaEzobDStP9Pm2kSBZOMmmziu5N8bkALvb++ETdnva0K3A@mail.gmail.com>
References: <CAPofZaEG3gm79CznQuB8RdZb6hXYV7ZiBNTwYj=autVP1=_Cng@mail.gmail.com> <CABkgnnUr4bif_sLGYWq2CWEcZFzucjapjghF9E4HjnTvVGGfXw@mail.gmail.com> <CAPofZaEzobDStP9Pm2kSBZOMmmziu5N8bkALvb++ETdnva0K3A@mail.gmail.com>
Date: Sun, 10 Apr 2016 14:47:06 +1000
X-Google-Sender-Auth: gAJ_Fn0qDIXmkMs0UVOo5Nc8FXk
Message-ID: <CACweHNBoAOX4mWjyeAw7QWmsdb=zGVkx4-t2ftpcLzZg6k1sGg@mail.gmail.com>
From: Matthew Kerwin <matthew@kerwin.net.au>
To: Phil Lello <phil@dunlop-lello.uk>
Cc: ietf-http-wg@w3.org
Content-Type: multipart/alternative; boundary="047d7bd75cecbbdd6f05301a1e71"
Received-SPF: pass client-ip=209.85.213.182; envelope-from=phluid61@gmail.com; helo=mail-ig0-f182.google.com
X-W3C-Hub-Spam-Status: No, score=-5.1
X-W3C-Hub-Spam-Report: AWL=-0.783, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1ap7HY-00006X-JI 9e39ac3308abb77f7dc0bd5996d68248
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Alt-Svc Privacy Concerns
Archived-At: <http://www.w3.org/mid/CACweHNBoAOX4mWjyeAw7QWmsdb=zGVkx4-t2ftpcLzZg6k1sGg@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31406
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 10/04/2016 4:33 AM, "Phil Lello" <phil@dunlop-lello.uk> wrote: > > This is a slightly different issue than the described scenario, and I'm far from certain that the risks are adequately highlighted there. > > "By using unique names, servers could conceivably track client requests." seems incredibly weak to the point of being dismissive, since it suggests a per-client hostname being generated, and that it's incredibly unlikely anyone would bother. > > IMHO, it's quite likely that multiple seemingly unrelated sites operated by the same entity might legitimately converge users to a common servername. It's quite likely that at this point that the user agent would see these as candidates for sharing the same connection. It seems reasonable that there should at least be a recommendation for a user agent to warn users that there is significant potential for being tracked, and gain consent. > This sounds like a UX thing -- incognito sessions oughtn't reuse connections for different URI hostnames, even if the alt-svcs point to the same name. The consent, then, is not being incognito. Is it worth documenting this risk/advice somewhere, or is it already self-evident?
- Alt-Svc Privacy Concerns Phil Lello
- Re: Alt-Svc Privacy Concerns Martin Thomson
- Re: Alt-Svc Privacy Concerns Phil Lello
- Re: Alt-Svc Privacy Concerns Ryan Hamilton
- Re: Alt-Svc Privacy Concerns Matthew Kerwin
- Re: Alt-Svc Privacy Concerns Phil Lello
- Re: Alt-Svc Privacy Concerns Phil Lello
- Re: Alt-Svc Privacy Concerns Matthew Kerwin
- Re: Alt-Svc Privacy Concerns Phil Lello
- Re: Alt-Svc Privacy Concerns Erik Nygren
- Re: Alt-Svc Privacy Concerns Phil Lello
- Re: Alt-Svc Privacy Concerns Mark Nottingham
- Re: Alt-Svc Privacy Concerns Phil Lello