Re: [Pearg] Call for Adoption: Two drafts on Numeric IDs

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 22 August 2019 03:20 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EE62120018 for <pearg@ietfa.amsl.com>; Wed, 21 Aug 2019 20:20:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=T0rH65zi; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=I76ddltw
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W02hTojCOiVd for <pearg@ietfa.amsl.com>; Wed, 21 Aug 2019 20:20:11 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55F1E12008B for <pearg@irtf.org>; Wed, 21 Aug 2019 20:20:10 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1566444009; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=q5NypR1E6bjiZE9gWeapPCDqbuCmwZEKXiH8ziZ26b0=; b=T0rH65zid6bbzq0jjrWRtONq/3aVm5RATbqNUPAnGJJSGEljDp8epGtJ ZByWR+ZMzjKbutUd5M7vv+lq9CF9Bw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1566444009; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=q5NypR1E6bjiZE9gWeapPCDqbuCmwZEKXiH8ziZ26b0=; b=I76ddltw6kGSAF8VyMrG1mZdzSFhCERKjV/P1b+hbKxg1a3D48xGPPua I+VsvGQ+Lk4L74RnTuN8JQybtzBQ+Xekz70TOXL52f1JNdkBM8FJ4mFxTp JxBI/ztBJVgQQAxP7Q4+9dZWlbg8DpaQwW8HVmOb/aaShZOI5V1RDi/1be 7lWht69Nsc7/cMycxTcoz7NrkUfrAhrO8IL/VdEYDrVGCk3+S+2fbmqbVv t+tyUPFjmvanKDzwDHfEBsXV4hYlwmXIzkZw+proiU2udx1sCPprYIVw8r GDSFu0UDyz+H/q8oVzPHgyKHkJViTXeq6xZUs0ZE1KyrGnrpNMkUjg==
Received: from fifthhorseman.net (ool-6c3a0662.static.optonline.net [108.58.6.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 6064DF99D for <pearg@irtf.org>; Wed, 21 Aug 2019 23:20:09 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 8D19C20316; Wed, 21 Aug 2019 23:20:06 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: pearg@irtf.org
In-Reply-To: <7973027D-7548-446D-9F88-D7863514C177@sinodun.com>
References: <7973027D-7548-446D-9F88-D7863514C177@sinodun.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Wed, 21 Aug 2019 23:20:06 -0400
Message-ID: <87d0gxdgyh.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/2rHrWi_njfzexGrVc_3OTzsy8CE>
Subject: Re: [Pearg] Call for Adoption: Two drafts on Numeric IDs
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Aug 2019 03:20:14 -0000

Hi pearg folks--

On Wed 2019-08-07 12:56:35 +0100, Sara Dickinson wrote:
> This email starts a two week Call for Adoption for two of these drafts which have been proposed as suitable work for PEARG:
>
> 1) Unfortunate History of Transient Numeric Identifiers: https://tools.ietf.org/html/draft-gont-numeric-ids-history-05
>
> 2) On the Generation of Transient Numeric Identifiers: https://tools.ietf.org/html/draft-gont-numeric-ids-generation-04

I think these drafts should be adopted by the PEARG.  Thanks to Fernando
for his persistence in working on them thus far!

At the IETF we've had a difficult time thinking systemically about these
problems, both for security and privacy implications.

The work in these drafts is some of the only attempts i've seen at a
larger overview of IETF work, looking for patterns, trying to learn from
our past mistakes, and formulating guidance for future IETF work based
on that research.  It's all done with an eye toward privacy concerns as
well, something we have traditionally not been as good about within the
IETF.

This is precisely the sort of research that i think the IRTF should be
supporting in PEARG.

As for the two documents -- i don't have a strong feeling about whether
they should stay separate or merged together, and i don't think it's
something that we need to decide before RG adoption.  For maintenance
work, i think it's useful to be able to update the documents in the
future separately.  if we have new guidance for generation there's no
need to update the history draft.  and if someone uncovers some
additional use of transient numeric identifiers, we can update the
history draft without needing to touch the guidance document.

        --dkg