Re: [ietf-privacy] Is there an official working definition for Privacy Online?

Robin Wilton <wilton@isoc.org> Thu, 05 May 2016 16:09 UTC

Return-Path: <wilton@isoc.org>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D08F12D733 for <ietf-privacy@ietfa.amsl.com>; Thu, 5 May 2016 09:09:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isoc.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8K3pfXbEpb48 for <ietf-privacy@ietfa.amsl.com>; Thu, 5 May 2016 09:09:17 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0072.outbound.protection.outlook.com [207.46.100.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4BF212D6D4 for <ietf-privacy@ietf.org>; Thu, 5 May 2016 09:09:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isoc.onmicrosoft.com; s=selector1-isoc-org; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=lA5lwsR67S2XckrYLOdy5rUthcOeY3nHUTnSh9/NxSE=; b=Qaf+BGdwiAJAOh0dVqMcwphkHrwfHi/0kLvXPSVSiCEH8riwagZUTEDc+fCmaHqNo4tH4BWho9L+7LDnFNYYVd4dFMshQ6ZriYHEfoMoARQQKhsjAhBNjqsLYDylAaVvjcLE/swr+tZnNF2baW7Zpo6e2SaNnODN7b6LGWnW1l4=
Received: from SN1PR06MB1839.namprd06.prod.outlook.com (10.162.133.18) by SN1PR06MB1840.namprd06.prod.outlook.com (10.162.133.15) with Microsoft SMTP Server (TLS) id 15.1.485.9; Thu, 5 May 2016 16:09:15 +0000
Received: from SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) by SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) with mapi id 15.01.0485.011; Thu, 5 May 2016 16:09:15 +0000
From: Robin Wilton <wilton@isoc.org>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [ietf-privacy] Is there an official working definition for Privacy Online?
Thread-Index: AQHQeHhWsapnax08r0qQT1wnKkxEHJ1QMoAAgAAHKPiAARAlgIAABu8AgAARUACAAMeVAIAI42WAgkv/o4CAAXXrgIAESDmAgAAFSwCAAA/lgA==
Date: Thu, 5 May 2016 16:09:15 +0000
Message-ID: <A27977A0-DFAC-40D9-9A65-3ED9E5762CA2@isoc.org>
References: <552FCC84.6040305@gmail.com> <CA+9kkMCYuEGRidB1D=SGA0qxk+SuX6+HyqToYDmqQVmpBskWrw@mail.gmail.com> <5530329E.4060608@dcrocker.net> <01F784DA-5FD5-4D1F-8613-C2E668EDA765@isoc.org> <55311CE9.9040003@dcrocker.net> <DB3PR07MB138A042321BB99DF9AB94A4BCE30@DB3PR07MB138.eurprd07.prod.outlook.com> <55313140.9040400@dcrocker.net> <015a01d0798d$509954c0$f1cbfe40$@huitema.net> <CABtrr-X6CgN3J0dA1YBED0j6K7D5Mt2NAbUwGF5E67BoFX9JUQ@mail.gmail.com> <57268D25.3070708@dcrocker.net> <029801d1a4b9$c3b57850$4b2068f0$@huitema.net> <4826F2DD-7A3C-46ED-AB68-A1B1B1E5F30B@cooperw.in> <572B62D4.7090706@cs.tcd.ie>
In-Reply-To: <572B62D4.7090706@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: cs.tcd.ie; dkim=none (message not signed) header.d=none;cs.tcd.ie; dmarc=none action=none header.from=isoc.org;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [213.180.180.202]
x-ms-office365-filtering-correlation-id: a1d2efad-21cb-423f-fcd4-08d374ff9b01
x-microsoft-exchange-diagnostics: 1; SN1PR06MB1840; 5:zUHYTTn4rgLarAKCr9waVf0iap62+rU7All1epBX/n/vv3xcWLY4HZ2BeksHkPF1MVH076L85m4+6J9KQ/YNmDkCKVV2K16tc64vi7uWLNTdi8/3Q2axFWlS6DmqokEze7R40d6zov24OPijmHLMWA==; 24:tHfucpJNTYzu4bcUBFwtHyp0naUE8obQKU3jNttIUhma9boc0bSLmRWOxRYxpgdAeHtGgYiB+igWRwMamnnqO5bwZ8gKOsY2/G+MYyUOMEg=; 7:N3NNPGGu/BESwQN9C3oGtf3a9PdSqsRDw/r+1xhexugtjo71h7o+k/i9y3hbi5ChG9k7XobFJSZhBhP2Vmv4QIbikYuX/431ryFx5VUFX5G5Jli90GuM//fDfTxEmd+9KW2WHKkF/EpkL+VuXU+TKOHuGf5yTri+sLP6aBjknRf9qR88wxbTPcspccPE33CT
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR06MB1840;
x-microsoft-antispam-prvs: <SN1PR06MB1840DF7F4C851DF8980C398CBF7C0@SN1PR06MB1840.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(209352067349851);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102415293)(102615271)(9101521098)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001); SRVR:SN1PR06MB1840; BCL:0; PCL:0; RULEID:; SRVR:SN1PR06MB1840;
x-forefront-prvs: 0933E9FD8D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(24454002)(5002640100001)(2906002)(6116002)(189998001)(110136002)(102836003)(66066001)(3846002)(586003)(1220700001)(83716003)(87936001)(86362001)(5008740100001)(99936001)(4326007)(54356999)(76176999)(15975445007)(50986999)(2950100001)(2900100001)(11100500001)(92566002)(77096005)(8936002)(5004730100002)(99286002)(81166005)(122556002)(106116001)(36756003)(93886004)(10400500002)(3660700001)(82746002)(19580395003)(19580405001)(33656002)(3280700002)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR06MB1840; H:SN1PR06MB1839.namprd06.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; boundary="Apple-Mail=_D336A521-C0B0-41E0-B127-467D0D6FD6D7"; protocol="application/pkcs7-signature"; micalg=sha1
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 May 2016 16:09:15.3265 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR06MB1840
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-privacy/LyhVg8Q2YonidFUP9n3Z54QMhMo>
Cc: "ietf-privacy@ietf.org" <ietf-privacy@ietf.org>, "dcrocker@bbiw.net" <dcrocker@bbiw.net>, Josh Howlett <Josh.Howlett@jisc.ac.uk>
Subject: Re: [ietf-privacy] Is there an official working definition for Privacy Online?
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 May 2016 16:09:21 -0000

Apologies for top-posting, but this is a general reply rather than point-by-point responses…

It feels like a possible goal, then, is a short piece of text which contains sufficient “hooks” to link to other material (which in turn can define specific aspects of the problem in appropriately technical/engineering terms). That might reduce the need for the short piece of text to be magical, while still giving us the means to refer to facets of the privacy problem such as risk analysis, attack models, etc..

As I say, I’d be very happy to work with Dave and others on this, though in the immediate short term I am very limited for bandwidth. 

In terms of my own expectation: if we don’t achieve the magical two-liner, but we learn something about systematic description of privacy problems in technical/engineering terms, I’ll be happy. If we get a workable, non-engineering-precision two-liner plus some paragraphs in more technical terms, I’ll be radiant. On second thoughts, that prospect may put people off.

R

PS - now considering trademarking “SPOT” for “Short Piece Of Text” - as in “this is the SPOT definition of x”.


> On 5 May 2016, at 16:12, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> 
> 
> On 05/05/16 15:53, Alissa Cooper wrote:
>> +1. If people want to consider privacy as a heading under which we
>> group a bunch of different kinds of attacks, that works perfectly
>> well I think.
> 
> In the case of privacy, not all the bad things are correctly
> described as attacks IMO. E.g. leaving sensitive data in a
> log file for too long is not in itself an attack, but can be
> risky. Only emitting packets when a user is present similarly.
> 
> I'm not even sure the risk analysis method we use for security
> is the best way to try address privacy in IETF work. But I did
> raise that when 6973 was being done and given that I didn't
> have a better method to offer (and still don't) that didn't
> make it into the doc:-)
> 
>> 
>> Rather than spending a lot of time to try to find a magical
>> two-sentence definition that everyone can agree on (which I doubt is
>> feasible), I think the time would be better spent on refining how we
>> define the set of attacks and mitigations against them, building on
>> or fixing what’s in RFC 6973, possibly turning bits of that into a
>> BCP, etc. The two sentences will not be directly actionable no matter
>> what they say, whereas a comprehensive threat model and mitigations
>> suite could be.
> 
> Maybe. I still think that an introductory part of such a document
> would be better if we had some definition of what we mean by privacy
> when we use the term in IETF documents. (Note: I don't think we need
> the one true definition of privacy for the Internet, and I'd agree
> with you that we won't get that done.)
> 
> I do like the idea of BCP'ing bits of 6973 where it makes sense to
> do so regardless of whether or not we come up with some useful
> definition.
> 
> S.
> 
> _______________________________________________
> ietf-privacy mailing list
> ietf-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf-privacy