Re: [ietf-privacy] Fwd: draft-huitema-dnssd-privacy-01.txt

S Moonesamy <sm+ietf@elandsys.com> Thu, 23 June 2016 09:59 UTC

Return-Path: <sm@elandsys.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9694D12E040 for <ietf-privacy@ietfa.amsl.com>; Thu, 23 Jun 2016 02:59:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.216
X-Spam-Level:
X-Spam-Status: No, score=-3.216 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.426, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=opendkim.org header.b=BAoHHcpC; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=elandsys.com header.b=MB6u60Xi
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DMaNwFoiJ2OW for <ietf-privacy@ietfa.amsl.com>; Thu, 23 Jun 2016 02:59:05 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 35A5212E182 for <ietf-privacy@ietf.org>; Thu, 23 Jun 2016 02:54:34 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([197.226.53.177]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id u5N9sHiQ024015 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 23 Jun 2016 02:54:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1466675669; x=1466762069; bh=9oo1M00f3UFf0dockVzmwxuoXjplq4UgkiCMCLp/DCA=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=BAoHHcpCq9tNEOwBw6oL/GTcseA0hqGfZYKFI50cBCB9yctaxeAGFFCYhgha892pg vSpB/zyq5qlknFgN/w9CV64eTKdhdGqgEta28mSTntduXonjA1F135jM0Yf0svChbu EMXgmqbmEGNhDylFFLpOVIiNyh51nLhKpGlOempU=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1466675669; x=1466762069; i=@elandsys.com; bh=9oo1M00f3UFf0dockVzmwxuoXjplq4UgkiCMCLp/DCA=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=MB6u60XiX9UE1VpBhRXtZd8JUV5oGzuD6GXrh5H6g2gb6l7nNDvQdrtR5M11TsdNi mUeeoizKuITpIcYPPJQlGfpTFjE93DZh99z9QLbLOHLS6/NlQ51XgPGd4F1KjTYuIe jyGynhT8cc+LODapprplEvT9ALdTKjgm5o52YDG0=
Message-Id: <6.2.5.6.2.20160623020221.0b6b9df0@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Thu, 23 Jun 2016 02:53:09 -0700
To: Tim Chown <Tim.Chown@jisc.ac.uk>, ietf-privacy@ietf.org
From: S Moonesamy <sm+ietf@elandsys.com>
In-Reply-To: <FC54AE01-0E03-4414-809E-5A5460F2FCFF@jisc.ac.uk>
References: <DM2PR0301MB0655DA3D2AA9FD4FF08E5CA4A8500@DM2PR0301MB0655.namprd03.prod.outlook.com> <FC54AE01-0E03-4414-809E-5A5460F2FCFF@jisc.ac.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-privacy/gOmw0p1voDCQyL15M0kPyxAQoYY>
Cc: Ralph Droms <rdroms.ietf@gmail.com>
Subject: Re: [ietf-privacy] Fwd: draft-huitema-dnssd-privacy-01.txt
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jun 2016 09:59:06 -0000

Hi Tim,
At 05:18 22-06-2016, Tim Chown wrote:
>We're encouraging discussion of privacy considerations in the WG. As 
>a result, we now have a draft (see below), including an initial 
>proposal for a solution, for which we'd welcome wider review. The 
>draft also addresses mDNS/DNS-SD privacy within single subnet scenarios.

One of the privacy issue identified in the draft (Section 2.4) is 
device fingerprinting.  In Section 3.1, it is proposed to solve the 
privacy issues described in Section 2.1 by obfuscating instance 
names.  If I had to pick one privacy threat for that I would choose 
"correlation".  Obfuscating service names would not address that.

If I understood the draft correctly, the solution "to prevent 
tracking over time and location, different string values would be 
used at different locations, or at different times".  QR-codes are 
used to generate a shared secret and establish trust between two or 
more "friends".

The draft identifies the problem.

Regards,
S. Moonesamy