IETF Logo Mail Archive

Re: [Privacy-pass] Question on proposed charter

Christopher Wood <caw@heapingbits.net> Wed, 20 May 2020 19:03 UTC

Return-Path: <caw@heapingbits.net>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C1903A053E for <privacy-pass@ietfa.amsl.com>; Wed, 20 May 2020 12:03:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=IEStRnZN; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=NhBpPJyc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9FYpnkJHj1q3 for <privacy-pass@ietfa.amsl.com>; Wed, 20 May 2020 12:03:05 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 268023A0797 for <privacy-pass@ietf.org>; Wed, 20 May 2020 12:03:02 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 655535C009D for <privacy-pass@ietf.org>; Wed, 20 May 2020 15:03:01 -0400 (EDT)
Received: from imap4 ([10.202.2.54]) by compute1.internal (MEProxy); Wed, 20 May 2020 15:03:01 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type:content-transfer-encoding; s=fm1; bh=HyB+v p8HM5t9Jx2vUyX1WvmJESw5JPJCl8wRsLDjnEc=; b=IEStRnZNrShndAqrmwVM7 hC2wODVA2W/VgeJDJ/jxjg2G8YRrQo51m5kOMgg/feJkviRSKXCF4q1WV0d9O/O1 egyPyOBInVB2Ga9yHMsrUbjckkZVFTLbPTR12RTYUCTBQZNPkzSXF4tyZuqtmpHE LQWFuHyIJVendBOCY0sEvLXVWtEzemsYTfoBqmufc2UQVwjD6hfxHjydJqFbhbkd wKyOHaFKj/qzlH9v5WZCJgJ7lNb9e2M/uaSJ8wU1rNzUJZBwrj5ESKi0fTaIin7G k1EmV6J1gZFlcEbT7tRJt3jtxZDDY5zHlg+E66smBgmjaO0E09qc78fJSlthKnqS A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=HyB+vp8HM5t9Jx2vUyX1WvmJESw5JPJCl8wRsLDjn Ec=; b=NhBpPJycGmUCWR4dMGCi2mMC3uVg8O+/w6sHGfrON+1EDKrn6fNJNoHi2 sTWX0IkJa7JeGguqUXnYi2Z3PhHtHkBz0fMFNet4KMzcRfInnrznx7U4h+wDkJ04 GbtbBFk6qnm5exY6uxMVBRnQ4W0HdoJWUHvYdBfJyT/gg8diTbqNp6G1NS9oFVAB 6Aqpldy1NyB+dTl5c8wQdl0mIzcDDlQYMmAZDhLGfrCiZj5hIY2Ak466XpZiPrSG EmF7EtI3kZBp5ZoUOEPTxtj5K00FiU5f+G2C/tqiEoR8EjzlV76kJipQSCmajrvD X9soaHZelK1vpWKiM6b8+P5UBflhQ==
X-ME-Sender: <xms:5H7FXlmQfmfMaB5Na4SvjKfzRUHn97yv45dhzNxwCCGLmR9evy6yXA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedruddtledgudeftdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgfgse htqhertderreejnecuhfhrohhmpedfvehhrhhishhtohhphhgvrhcuhghoohgufdcuoegt rgifsehhvggrphhinhhgsghithhsrdhnvghtqeenucggtffrrghtthgvrhhnpeffkefhud ethfelleeuteelkedvfeehleefvdefieeggeejteevhfegffejffettdenucffohhmrghi nhepghhithhhuhgsrdgtohhmpdhivghtfhdrohhrghenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegtrgifsehhvggrphhinhhgsghithhsrdhn vght
X-ME-Proxy: <xmx:5X7FXg2IlU4FfgELluuIG_d5gVg4uiH4QbmUqsnUJdymTyu-pQ8m8w> <xmx:5X7FXrrzQnd99TPGAcLOEs-3gQYqg7yGQghbDjAcBdfXQAcUzwNA7w> <xmx:5X7FXllO1i5zNcz5DdwrO2A3PY8PsFM1pBpPJVNU8_akAkUToNUXIQ> <xmx:5X7FXq3lxoSx8Hvw7WcYUMiK9XYOKdotO87YOQyXnpiLMSmTGhz30w>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id E88C93C00A1; Wed, 20 May 2020 15:03:00 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-487-g38013f6-fm-20200519.001-g38013f6c
Mime-Version: 1.0
Message-Id: <2ae48631-e172-4545-968c-1fd4461805dd@www.fastmail.com>
In-Reply-To: <90498E82-0AB5-41D7-9783-40DE13D24339@cloudflare.com>
References: <CAOgPGoDwbfTXkX4zr0hPwkWFGk7pw8LGu=ST6t_mLGFRSEe7Jw@mail.gmail.com> <CANduzxDkuJ-MOFLAc1JkABWu0KyvaV0tqXYR6ChafcJcs=zN0w@mail.gmail.com> <FD3EEA91-F9C6-4B3F-82A7-A478AC91BAC1@cloudflare.com> <CAHbrMsBpwnaM7cmU4_XD7sxk+Ae-S5i_YyKk6UeKQ8GOjVN4Hg@mail.gmail.com> <CAOgPGoDwhpKxDokfgaan_YB1Fa59-Y8JFO8_dwGozhj4wu=Xdg@mail.gmail.com> <90498E82-0AB5-41D7-9783-40DE13D24339@cloudflare.com>
Date: Wed, 20 May 2020 12:02:24 -0700
From: Christopher Wood <caw@heapingbits.net>
To: privacy-pass@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/K5n3blsTkVUPPCWWBuMGgLcwhKk>
Subject: Re: [Privacy-pass] Question on proposed charter
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2020 19:03:08 -0000

I found the new unlinkability text somewhat confusing, so I proposed a slight variant in the following PR (along with a couple other nits). With or without this PR, this looks good to go!

   https://github.com/alxdavids/privacy-pass-ietf/pull/28

Best,
Chris

On Wed, May 20, 2020, at 1:28 AM, Alex Davidson wrote:
> Great, I’ve merged it.
> 
> > On 20 May 2020, at 04:58, Joseph Salowey <joe@salowey.net> wrote:
> > 
> > Good, I think we should merge the change. 
> > 
> > On Tue, May 19, 2020 at 5:43 PM Ben Schwartz <bemasc@google.com> wrote:
> >> Thanks. With those changes I think this is ready to go.
> >> 
> >> On Tue, May 19, 2020 at 5:16 AM Alex Davidson <adavidson=40cloudflare.com@dmarc.ietf.org> wrote:
> >>> Hi all,
> >>> 
> >>>> "Negotiation of cryptographic parameters during the protocol is an application-specific property and thus out of scope for the Working Group."
> >>>> 
> >>>> What are the cryptographic parameters and why would they not need to be negotiated for interoperability?
> >>>> 
> >>>> Also, is the following text a result of the algorithms being worked on in CFRG vs. this working group?
> >>>> 
> >>>> I suspect this would be things like the curves and configuration used for the underlying crypto primitives. I think the idea is that the core PrivacyPass protocol wouldn't support any sort of negotiation, and the applications built on top of PrivacyPass would either specify the properties in their implementation or provide their own negotiation mechanism (for example an HTTP application might have the curves it supports hard-coded based on what the relevant clients/servers want to support for compatibility or have some HTTP-application-layer mechanism to choose corresponding server configurations..
> >>>> 
> >>>> Though it might be worth specifying at the PrivacyPass layer what the actual "acceptable" combination of parameters is to maintain security/privacy properties.
> >>> 
> >>> So I think the core of the matter here is that the ciphersuite is chosen by the Issuer ahead of time, and it is assumed that the client can retrieve this information apriori. So we can change this to: "The cryptographic profile used by the protocol participants will be determined by the specific instantiation of the protocol, and it will be chosen ahead of time.”
> >>> 
> >>>> 
> >>>> "Specification of the underlying cryptographic algorithms or protocols is also out of scope."
> >>>> 
> >>>> If so we might mention that this work depends on the work in the CFRG. 
> >>> 
> >>> I agree, perhaps we could replace this with: "We will work closely with the CFRG to determine acceptable cryptographic ciphersuites and parameters that satisfy the security/privacy properties of the protocol” to follow on from the sentence above?
> >>> 
> >>> Additional changes:
> >>> 
> >>> It was brought up off-list by Ben Schwartz that using the term “unlinkability” in the charter may lead to confusion, so I have replaced: 
> >>> 
> >>> "Any token granted by a given Issuer is unlinkable with all other
> >>> tokens granted by the same Issuer.”
> >>> 
> >>> With:
> >>> 
> >>> "Any token granted by a given Issuer is indistinguishable from all
> >>> other tokens granted by the same Issuer key at redemption
> >>> time.”
> >>> 
> >>> I’ve created a new PR with these proposed changes: https://github.com/alxdavids/privacy-pass-ietf/pull/27.
> >>> 
> >>> Cheers,
> >>> Alex
> >>> -- 
> >>>  Privacy-pass mailing list
> >>> Privacy-pass@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/privacy-pass
> 
> -- 
> Privacy-pass mailing list
> Privacy-pass@ietf.org
> https://www.ietf.org/mailman/listinfo/privacy-pass
>

v2.23.0 | Report a Bug | By Email