[Privacy-pass] Private Access Tokens and Privacy Pass Architecture
Steven Valdez <svaldez@google.com> Thu, 16 December 2021 16:41 UTC
Return-Path: <svaldez@google.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D37E3A1153 for <privacy-pass@ietfa.amsl.com>; Thu, 16 Dec 2021 08:41:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.599
X-Spam-Level:
X-Spam-Status: No, score=-17.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KjMVV_-tS2gH for <privacy-pass@ietfa.amsl.com>; Thu, 16 Dec 2021 08:41:33 -0800 (PST)
Received: from mail-ua1-x933.google.com (mail-ua1-x933.google.com [IPv6:2607:f8b0:4864:20::933]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E87783A1152 for <privacy-pass@ietf.org>; Thu, 16 Dec 2021 08:41:32 -0800 (PST)
Received: by mail-ua1-x933.google.com with SMTP id w23so48159772uao.5 for <privacy-pass@ietf.org>; Thu, 16 Dec 2021 08:41:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=jAcDH1+XkmvABp8XbkA0r3+YJCe4hV1jWj2mNymJaPo=; b=OprqpDw9GOJDqYbQn5q9eyXYsYJXzhzpxv347vqAENKkTaSmZQgmxRDzumu1uffQUM G6ZJD1585zm7XonpJy/NKLs4BG6bCpnoQcugRvMdpuLiQ+09cEVCyfj8kofbavAHxxVk OjGqoSLd2ORy1AJr9pK9Dy+uRDJFVlQ0Choh1WlefrdwkqiDBXcta+9fOz6T71vQTRkK ZueUH+nwUGIax4VeA3iStF3iUQIHHdjRP+vsUTnLGgasMXFYgpOYHIhKjdmyQ1n5PV9r Nq9gS/akpFZnwULf9scYvJCdW36Q60RToQh/7zL/woLoOAVNSum53bTgCWGsRm4STBwT mkFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=jAcDH1+XkmvABp8XbkA0r3+YJCe4hV1jWj2mNymJaPo=; b=MLFIuAUqIA5suGGBuxWUFfZDwMMK0zqqDrk1fCcodijmls7pFQw1jnbnOfFmwq6Lp+ Bw6006AwBg1EjnDsvi1smcLNRiw3rOcIwhV0RpMMYzq3Yn0bSpO7DJ5rf2SsxjIf8DfQ qITBe0GBzAOpyc61D048KtWxiBHC0QctEJuG3RcAswQRn0r8QvW5Ec1OhBX1ufWSqKzF YHkO3yrKrCsqV7j/9QsOH1cylS+cpBZk6xbYtoFkY1T7JjpaFaXP+hB+aMGExjjKCPl6 VQuyl+RdDa0sqfsSp0UermfF0u8q/PYJps97XQFxlneDIFciRr4+Y/vXxt2ah+ac5956 3x6A==
X-Gm-Message-State: AOAM531GHky/wq/LXtzTC3MqkC9UtDr9T6e1fFSKM9eakgcJt9qpOCbW BVM8J3oklY1ILbg/YLGQBntWSROIQ2K0XrdMWmll/APkDW8xnw==
X-Google-Smtp-Source: ABdhPJyxjvWxyJwQgTJbEjnBN1ETx8e0T1jyvVkjsRL1GzruvI1QpEXSYytlq8cHUuaKt3rcPFXk+cC9OCDxeVHlAKI=
X-Received: by 2002:ab0:77c3:: with SMTP id y3mr12583089uar.67.1639672890233; Thu, 16 Dec 2021 08:41:30 -0800 (PST)
MIME-Version: 1.0
From: Steven Valdez <svaldez@google.com>
Date: Thu, 16 Dec 2021 11:41:19 -0500
Message-ID: <CANduzxCU3wqZAptjBRrgtJuZymAReqxtKLf5BopTvbwD3tuJSQ@mail.gmail.com>
To: privacy-pass@ietf.org
Content-Type: multipart/alternative; boundary="0000000000002c16c905d3461823"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/DRhiWkDb7n444xDmZDdJl2Uj2DE>
Subject: [Privacy-pass] Private Access Tokens and Privacy Pass Architecture
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Dec 2021 16:41:37 -0000
Following up on IETF 112, and discussions about Private Access Tokens ( https://www.ietf.org/archive/id/draft-private-access-tokens-00.html) in SECDISPATCH to move it to PRIVACYPASS, the authors have been working on a proposed re-architecture of the PRIVACYPASS documents to support both the existing privately verifiable construction (based on VOPRFs), as well as the publicly verifiable construction (based on RSA Blind Signatures) and the Private Access Tokens design. Links and a discussion to the proposed drafts are below. Please review them and provide feedback! Due to the scope of the changes, it might be useful to go over these drafts in a meeting. Chairs, would it be possible to get an interim scheduled in January to discuss these changes? --- Current proposed drafts of the documents are: Architecture: https://ietf-wg-privacypass.github.io/base-drafts/caw/arch-refactor/draft-ietf-privacypass-architecture.html HTTP Auth Scheme: https://tfpauly.github.io/privacy-proxy/draft-pauly-privacypass-auth-scheme.html PrivacyPass Issuance Protocol: https://ietf-wg-privacypass.github.io/base-drafts/caw/pp-issuance/draft-ietf-privacypass-protocol.html Rate-limited Token Issuance Protocol (Private Access Tokens): https://tfpauly.github.io/privacy-proxy/draft-privacypass-rate-limit-tokens.html The Architecture document provides the shared architecture that different tokens build on top of, generalizing the existing architecture of Issuer, Client, Origin to include an Attester (which is currently implicit in the existing architecture). It defines the purpose and requirements for Privacy pass issuance and redemption. The HTTP Auth Scheme document is a new document to provide an HTTP authentication scheme for Privacy Pass redemption. This can be used with any issuance protocol. The Issuance Protocol documents provide the protocol details for each issuance protocol (the PrivacyPass token protocol includes the VOPRF and RSA Blind Signature forms).
- [Privacy-pass] Private Access Tokens and Privacy … Steven Valdez
- Re: [Privacy-pass] Private Access Tokens and Priv… Alex Davidson
- Re: [Privacy-pass] Private Access Tokens and Priv… Christopher Wood