[Privacy-pass] Searching for simplicity
Ben Schwartz <bemasc@google.com> Thu, 24 March 2022 20:34 UTC
Return-Path: <bemasc@google.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1BAB3A12CC for <privacy-pass@ietfa.amsl.com>; Thu, 24 Mar 2022 13:34:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.61
X-Spam-Level:
X-Spam-Status: No, score=-17.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zDG3NF6nGRtY for <privacy-pass@ietfa.amsl.com>; Thu, 24 Mar 2022 13:34:32 -0700 (PDT)
Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B74A3A0B28 for <privacy-pass@ietf.org>; Thu, 24 Mar 2022 13:34:32 -0700 (PDT)
Received: by mail-io1-xd2a.google.com with SMTP id k25so6772401iok.8 for <privacy-pass@ietf.org>; Thu, 24 Mar 2022 13:34:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=nnVqxdgjlGWJ2qv5dfhrqjqG2mH6AupbgmSjyt0xnpU=; b=HHqtJ+8oUVpazQ5ZJt/ZhqCx4GM38GRJyMipvlJEbW5EDy8zZ9jl8BbhrS7wtyMJnd AEh2aDd4KgALkN3hfFETk97SFEV+7je+9B6CkyuIFxkIrmefEOjHVlFs0uMcBfMX3CNz M2S6H1+pvgogFso96wsQ59zjGRsgZbq2iBRErw4tC5gqLBes9eIv3RkYaM+056Tapo0h EWv5iX4ZKE2wlDzSYjGoQn3MZXphe/BsAfsqI11elaDY1Ykv55AvVDrGHD5OoHvmPjg3 BoJqcmBTA8PLBhWv71NFLnbOHQbgW+hUWiNdGHyelPRcxFc3e3UOPVKbZUIiCvbpc2e6 A9bg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=nnVqxdgjlGWJ2qv5dfhrqjqG2mH6AupbgmSjyt0xnpU=; b=8CzTAYTJAmEaxzUyI27BqhRF2PAffuPQK7/V8kfB4hP5KgBSDaKAUf2tpdk//ssvtp rZ6eA7ZRtKyTa1l8yf62LxHVmU5U6LEms3aRUMVC9oBuEMN1dIBH6nEMBxI4y1asqwx1 YGyuLHr/lO5qBHt2opbKlHfLbzL+fKe9krgwdHn/CO8TCP8G0kCD22eT6i3pcT2QUxDe i23eTHM47J7cuA/zCawU+31AJETFJYD+1CMT/XeDwpzULLQwqY/VO7hA47ZlCy2UGRP8 vZgtKk93tPZVYo+CbCfGeP2N7RNDANMp5WvnJEO3ncud6hSeX6sMgFGiGi24BUQH/Psn 9RaA==
X-Gm-Message-State: AOAM530NLbTiISbQnNcNQNcmMvaRJ7/S1iz/8laiWDeG8ct5epg3Z23Q Bwzpv/rV+gtd2iVNc4Mey9h123PjbeV67sQkIueW5guwFxRILQ==
X-Google-Smtp-Source: ABdhPJzXUBgPPE3rCIy4FF3wA+WNUIOZFx7ox/wNfsqc8V67u6YhLezPlyw1T1acQWpNVMOkwOZANLC8N9Cka/zqz7k=
X-Received: by 2002:a5d:8796:0:b0:645:bd36:3833 with SMTP id f22-20020a5d8796000000b00645bd363833mr3707310ion.158.1648154071076; Thu, 24 Mar 2022 13:34:31 -0700 (PDT)
MIME-Version: 1.0
From: Ben Schwartz <bemasc@google.com>
Date: Thu, 24 Mar 2022 16:34:20 -0400
Message-ID: <CAHbrMsD8D6Qrt=swviv1uaf2DS5tTU6POJMJRXs=vpncFPmGdA@mail.gmail.com>
To: privacy-pass@ietf.org
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000f79ba905dafcc594"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/DRIIfvR0dIE064GSFZDVEo35SHM>
Subject: [Privacy-pass] Searching for simplicity
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2022 20:34:37 -0000
Hi all, Not as chair. I found the discussion today of "preventing abusive account creation", and the goal of "ensuring that no single party knows both the stable client ID and the origin name", very helpful to understand the requirements for the rate-limiting proposal. After reviewing the draft, it seems that it has already been simplified substantially (no Schnorr proofs!), so I can certainly believe that this is the simplest instantiation. Some questions for the authors: * Are you assuming that the client enforces some limit on the number of distinct Issuers, as discussed in other Privacy Pass drafts? If any origin operates its own private Issuer, the Attester ends up learning that the user visited that origin, violating the separation goal. Do you intend to prevent this? * The draft notes that "The Origin does not learn which Attester was used by a Client for issuance". Is this a requirement? Would relaxing it allow any simplifications? Does this hold true if there is an Issuer that issues tokens to only one Attester? I would also appreciate some thought on the post-compromise properties of this system, e.g. describing the downstream implications of a misbehavior of one of these parties. Thanks, Ben Schwartz
- [Privacy-pass] Searching for simplicity Ben Schwartz
- Re: [Privacy-pass] Searching for simplicity Tommy Pauly