[Model-t] data minimization and previous work on privacy considerations
Nick Doty <ndoty@cdt.org> Tue, 26 July 2022 17:18 UTC
Return-Path: <ndoty@cdt.org>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EF9FC13CCCB for <model-t@ietfa.amsl.com>; Tue, 26 Jul 2022 10:18:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.109
X-Spam-Level:
X-Spam-Status: No, score=-7.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jocDxKKRksHC for <model-t@ietfa.amsl.com>; Tue, 26 Jul 2022 10:18:38 -0700 (PDT)
Received: from mail-oi1-x22b.google.com (mail-oi1-x22b.google.com [IPv6:2607:f8b0:4864:20::22b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09068C13CCCA for <model-t@iab.org>; Tue, 26 Jul 2022 10:18:37 -0700 (PDT)
Received: by mail-oi1-x22b.google.com with SMTP id u9so17829970oiv.12 for <model-t@iab.org>; Tue, 26 Jul 2022 10:18:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:from:date:message-id:subject:to; bh=S02/Dp/2HrUH/G5Af7XFjffOeIlOEI//vz5wBewATp8=; b=ELCg1qqbxXnAdq+YPSLcBBmKTn/RTt+oWjkZ7LZPDjH2asewI0ywVr72hGkC8guPB/ C9IVrtQQGJXCCmz2cZ1nR9jeyyAT856NVrN2tky4hWdIBwANDOKh6wO/u48eGxUPyWqu IFeLYe8FsQUYfOlxx493SENYQdF3HcuaU8vwQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=S02/Dp/2HrUH/G5Af7XFjffOeIlOEI//vz5wBewATp8=; b=KHhplh9e84+Kn7YGd+fW0j0WXjGI/MK+QEawcT5u84evnvE2mwxORJ8hBCMlYjS0Rw xLxM+RN5fhDPQ4F0wQ4Iw3k2eq+Ttqup7UJZsCV1u2Oht3VB9PUag++OBzflN6WU6QLQ qOH5kAoiKqC44bl2AP010CQAWJ/S1N8i8W/d2wZoVartsV+A5rc1x+LQw06OP8yFvIvP L8eKULFroOBHmZ8hxw4yHxAZ+Y8SnHDAk66q2GCFKnYtv/EKRROHcVV62CXfPDy2i3A4 OzfJm81ibkwsgcV5sW3tLsfXHwm9gjkPn72bWzft1wcGIVwtoSSUUOqk1ZBhQfX3vC3f 1brQ==
X-Gm-Message-State: AJIora9w6gbdcNgocuBaUMWXfhi/VE5rEm4Iapb/WDB1TT7HfF9P2iYq AObDePWKgtydy2KambHwx5SOff1hPr1L7+PyXENwCmP5sZWbqw==
X-Google-Smtp-Source: AGRyM1sFG9X4NyrePrxwZA2TyR6km9ZtzlZtuJqL82OYZDHiyRFEPw/5ER9KW8BHTZBrSJ9QHSKeRyVAGtZQorVtajk=
X-Received: by 2002:a05:6808:1983:b0:33a:a390:8457 with SMTP id bj3-20020a056808198300b0033aa3908457mr101464oib.169.1658855916779; Tue, 26 Jul 2022 10:18:36 -0700 (PDT)
MIME-Version: 1.0
From: Nick Doty <ndoty@cdt.org>
Date: Tue, 26 Jul 2022 13:18:26 -0400
Message-ID: <CA+tYtvHS78r6nkqS-vrJ9qCWS50XdSo+w=PiyW3bkCRiueY_ag@mail.gmail.com>
To: model-t@iab.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/Ijlid4p1mmawzCt_Sip9_iu6uyo>
Subject: [Model-t] data minimization and previous work on privacy considerations
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2022 17:18:42 -0000
Reading over draft-arkko-iab-data-minimization-principle-02 just prior to the meeting, so apologies for the short notice, and I'm happy to discuss this briefly in the meeting today. Is there a particular reason that this doesn't cite or mention RFC 6973 Privacy Considerations for Internet Protocols? Work on basic privacy principles and threat model updates is extremely welcome (we are undergoing some similar updates/codifications at W3C) and explaining data minimization, why it's important and how to accomplish it in protocol design is welcome. But RFC 6973 already includes a section on Data Minimization as a threat mitigation with a particular focus on minimization of identifiability and several questions to consider in applying data minimization to protocol design. https://datatracker.ietf.org/doc/html/rfc6973#section-6.1 https://datatracker.ietf.org/doc/html/rfc6973#section-7.1 I would expect that a new IAB statement would build on that one. If I missed something in my quick reading or if there's a particular reasoning behind starting fresh, please let me know! RFC 6973 also considers minimization along with other principles, which I think is pretty significant. I appreciate the shift to considering threats of the endpoint on minimization as well, but that suggests also considering user participation and security at the same time. I would be happy to see some work on -- and I would volunteer to contribute -- to reviewing and updating 6973 to see whether privacy considerations for Internet protocols requires some updates (perhaps considering broader senses of privacy and a more established set of threats that we've seen over the past 9 years). Cheers, Nick -- Nick Doty | https://npdoty.name Senior Fellow, Internet Architecture Center for Democracy & Technology | https://cdt.org