Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05

Lester Caine <lester@lsces.co.uk> Fri, 30 January 2015 17:57 UTC

Return-Path: <lester@lsces.co.uk>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7480F1A9132 for <ietf-privacy@ietfa.amsl.com>; Fri, 30 Jan 2015 09:57:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id onTyeuGd9Fp7 for <ietf-privacy@ietfa.amsl.com>; Fri, 30 Jan 2015 09:57:32 -0800 (PST)
Received: from mail4.serversure.net (mail4-2.serversure.net [217.147.176.214]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B9811A00BE for <ietf-privacy@ietf.org>; Fri, 30 Jan 2015 09:57:32 -0800 (PST)
Received: (qmail 14736 invoked by uid 89); 30 Jan 2015 17:57:30 -0000
Received: by simscan 1.3.1 ppid: 14729, pid: 14732, t: 0.0812s scanners: attach: 1.3.1 clamav: 0.96/m:52/d:10677
Received: from unknown (HELO ?10.0.0.8?) (lester@rainbowdigitalmedia.org.uk@86.189.147.37) by mail4.serversure.net with ESMTPA; 30 Jan 2015 17:57:30 -0000
Message-ID: <54CBC609.4010309@lsces.co.uk>
Date: Fri, 30 Jan 2015 17:57:29 +0000
From: Lester Caine <lester@lsces.co.uk>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, saag@ietf.org, ietf-privacy@ietf.org, Eliot Lear <lear@cisco.com>
References: <CADZyTkkLu6qQ9LCqDkTHA9o+-YVvQuaUp33kqkAt=PRaQS-Jew@mail.gmail.com> <CADZyTkkCrvTam_ba7Tq6A-cHAVZn+ktKqwWsr_PNQaz2jyTkUQ@mail.gmail.com> <874mr9aucv.fsf@alice.fifthhorseman.net>
In-Reply-To: <874mr9aucv.fsf@alice.fifthhorseman.net>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-privacy/rnS8Vn3ahmMf_OcakQjQ7YDPtIo>
X-Mailman-Approved-At: Fri, 30 Jan 2015 11:26:14 -0800
Cc: Time Zone Data Distribution Service <tzdist@ietf.org>
Subject: Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jan 2015 17:57:34 -0000

On 30/01/15 02:13, Daniel Kahn Gillmor wrote:
> Clients requesting multiple unusual TZs together are more easily
> identifiable to servers, than clients who request only one.  Should
> clients request all their interested TZs at once, or spread out their
> polling updates over time?  HTTP pipelining is clearly more efficient;
> but what are the privacy implications if you have a system service that
> does this?

I've cherry picked here since the one thing that seems to have been
missed is that the main target for tzdist is to provide a mirror of the
TZ data. This is a complete set of tz information, and if my own
distribution method is followed many of the  'security and tracking'
risks being listed can never arise?

The clients computer has a local copy of TZ, and any local processing is
done against that copy. On a regular basis they ask tzdist if there has
been an update to the version of TZ they are using. If yes then all of
the are pulled down. A monitoring tap has no idea where the client is?
The only know that someone has updated from v to v+1 of the TZ data?

Client using subsets of the data such as embedded devices will be asking
for a specific timezone, but that traffic will be within a local
network. We know already where they are so we don't need any cleaver
processing to hide the fact that we are in that physical location? I've
just posted about local servers providing a specific subset of data -
within the building it's serving - o you already have an even better
idea of location than timezone :)

As with just about any system, accessing the data can be abused exposing
other information. We do need to identify what are 'secure' ways of
accessing the data and what ars insecure, but not exposing anything that
could not be deduced by other means anyway.

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk