IETF Logo Mail Archive

[Privacy-pass] Updated WG charter text

Alex Davidson <adavidson@cloudflare.com> Tue, 21 April 2020 15:07 UTC

Return-Path: <adavidson@cloudflare.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E61933A0D9A for <privacy-pass@ietfa.amsl.com>; Tue, 21 Apr 2020 08:07:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TptTyVgDKXos for <privacy-pass@ietfa.amsl.com>; Tue, 21 Apr 2020 08:07:24 -0700 (PDT)
Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DD193A0DE4 for <privacy-pass@ietf.org>; Tue, 21 Apr 2020 08:00:50 -0700 (PDT)
Received: by mail-wr1-x434.google.com with SMTP id i10so16797543wrv.10 for <privacy-pass@ietf.org>; Tue, 21 Apr 2020 08:00:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=from:mime-version:subject:message-id:date:to; bh=4bLlEKltxUvLIOzgwvncK//4BKXmDE7b6/twB+Iunek=; b=xowKGow4IQy2io1z5mUQoisZ3g98HBC4WIOsEySqfe7KWdG9IUccZQTTSu92LQlPz9 DhRa7DHdsrAIF57AxJyGLGcLz47reuKsn/F2muRFWhgyPhyaM0q48H6wizP+VcI9qLfs dP9Mzx1B7UZk0Vy0TGdyJSxl2/sHvsJFoScBE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=4bLlEKltxUvLIOzgwvncK//4BKXmDE7b6/twB+Iunek=; b=IAO2SrZWaG1THG5aIHBHwoRQt1m4zHNTp0m06MG5p2lFfuoaqnoKuHZCMDUe5QKcZ1 GUo36+gXPv91tTMb2Zq8VvVqxonrYONGywInYGGMI20Cl45o1LUZoXsR41sbmXNmhcng CH0rsKc+d86dmZOC92CPnITxI42b2c+ys6d53Eqz+Gshx3PoZdMFTiE9OFwrLNUnaY/k /mmP/Trjt/9WMcLs0/UlGQiDiBlEDDDlnJWG/U8CaoTUzCKUZgT1+XcA7+/6E9mGVStx 1A+FPTk8Ux6iv1c/67oxc6KmIoAIzL5U1FRc+tvpqSG/auzbGOF8zqUfsOXYMxKXZ1jx Ca2A==
X-Gm-Message-State: AGi0Pua2Cn/7Uf8eowYXGS2szxYKxUrLsC8YRe2ueDJB3E9rr/JnNfP5 UEhsmg/lDUaxRPt+w4rr+VaOr0oQjys=
X-Google-Smtp-Source: APiQypIV+IiRAiZxEO5gmhwKQi6OlmB1yiJglMeYC9iJzi6Fb2jm7Ikj57ZjtSmVHHBrFVGtrxMHwQ==
X-Received: by 2002:adf:e58d:: with SMTP id l13mr25676063wrm.187.1587481239204; Tue, 21 Apr 2020 08:00:39 -0700 (PDT)
Received: from ?IPv6:2001:8a0:7ac8:f600:300d:2bae:dc83:301a? ([2001:8a0:7ac8:f600:300d:2bae:dc83:301a]) by smtp.gmail.com with ESMTPSA id m188sm3754418wme.47.2020.04.21.08.00.37 for <privacy-pass@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 21 Apr 2020 08:00:38 -0700 (PDT)
From: Alex Davidson <adavidson@cloudflare.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_492370A8-3FCF-4F83-B4FC-8590144866C2"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Message-Id: <40600024-A6F1-41D7-B7A8-4B4D7D48201B@cloudflare.com>
Date: Tue, 21 Apr 2020 16:00:36 +0100
To: privacy-pass@ietf.org
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/4-vlcTI09IKo8B0Xtc8MUxGD9t0>
Subject: [Privacy-pass] Updated WG charter text
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Apr 2020 15:07:31 -0000

Hi all,

I took the opportunity to write up a new candidate WG charter following the feedback that we have received so far. I’ve submitted the new charter text as a GitHub PR here: https://github.com/alxdavids/privacy-pass-ietf/pull/12 <https://github.com/alxdavids/privacy-pass-ietf/pull/12>. If anyone has any comments/feedback on this version please feel free to add them to the PR. I’ve also pasted the new text below in case anyone wants to raise any points on the mailing list directly.

Cheers,
Alex

p.s. I’m currently working in a personal GitHub repo but I could move everything to a separate privacypass-specific working space, if that would be preferable?

Charter text
=========

The Privacy Pass protocol provides a performant, application-layer
mechanism for anonymous token creation and redemption. Servers (Issuers)
create and later verify tokens that are redeemed by an ecosystem of
clients, such that:

- Any token granted by a given Issuer is unlinkable with all other
  tokens granted by the same Issuer.
- Clients can verify that a token granted by an Issuer corresponds to a
  committed keypair.
- Tokens are unforgeable.
- The token issuance and redemption mechanisms are efficient.

The primary purpose of the Privacy Pass Working Group is to develop and
standardize a protocol that meets these requirements, influenced by
applications that have arisen from the wider community. The aims of the
Working Group can be split into three distinct goals:

First, specify an extensible protocol for creating and redeeming
anonymous and transferrable tokens. The protocol should permit suitable
cryptographic ciphersuites and security parameterization for
cryptographic agility. Negotiation of cryptographic parameters is an
application-specific property and thus out of scope for the Working
Group. Specification of the underlying cryptographic algorithms or
protocols is also out of scope. The Working Group will specify a
preliminary set of extensions, including Issuer-supplied metadata and
public verifiability, as well as any additional extensions that may
arise in the future. Security and privacy properties of the protocol
shall be well-documented.

Second, describe and develop protocol use cases and properties thereof.
This includes, though is not limited to:

1. Describing use cases and interfaces that allow the protocol to be
   used for those use cases.
2. Defining the privacy goals for each Client during protocol execution,
   along with expectations placed on the Issuers and the ecosystem at
   large.
3. Describing parameterizations that control the Client privacy budget
   and Issuer security parameters.
4. Describing verification mechanisms for sanctioning or trusting
   Issuers and their corresponding keying material.
5. Describing where key material is stored and how it is accessed.
6. Specifying mechanisms for ensuring that Issuers are not acting
   maliciously.
7. Describing the procedure for including small amounts of metadata with
   Issued tokens, as well as the associated impacts on privacy.
8. Describing the risk and possible ramifications of Issuer
   centralization, and exploring possible mechanisms to mitigate these
   risks.

Third, and finally, specify a HTTP-layer API for the protocol. This
includes a common understanding of how Privacy Pass is integrated with
HTTP requests and responses for web-based applications.

Note that the specifications developed by this working group will be
informed by the following initial drafts:

- draft-davidson-pp-protocol-00;
- draft-davidson-pp-architecture-00;
- draft-svaldez-pp-http-api-00.

These existing drafts may be further developed into the core
deliverables of the working group, supplemented by any additional
extensions. Alternatively, they may contribute indirectly to a future
set of documents that meet the core goals of the working group.

v2.23.0 | Report a Bug | By Email