IETF Logo Mail Archive

Re: [Privacy-pass] The PRIVACYPASS WG has placed draft-wood-privacypass-auth-scheme-extensions in state "Call For Adoption By WG Issued"

Eli-Shaoul Khedouri <eli@intuitionmachines.com> Thu, 22 February 2024 17:33 UTC

Return-Path: <eli@intuitionmachines.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCF81C180B75 for <privacy-pass@ietfa.amsl.com>; Thu, 22 Feb 2024 09:33:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intuitionmachines.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MGUV-6ukuOdr for <privacy-pass@ietfa.amsl.com>; Thu, 22 Feb 2024 09:33:03 -0800 (PST)
Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38F56C17C884 for <privacy-pass@ietf.org>; Thu, 22 Feb 2024 09:33:03 -0800 (PST)
Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-6e4784216cbso513533b3a.0 for <privacy-pass@ietf.org>; Thu, 22 Feb 2024 09:33:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intuitionmachines.com; s=default; t=1708623182; x=1709227982; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=7DkBmOftFWmGjmrzsnfgVuCdyqpsR+rQsePU/h1/ptk=; b=F4Cyd8/gjRlQzPTqnYP4dRXFngd6FzjklzieMvIErT3/ltTo7TGOSN4/O5VS13Rqa/ 2oj9MpUaKybwt34AKSObW1iZuxNn7If5LscQl3VqwBgMhQYQctrZDAR3pbs52wk/p5yd KQzX9o11nxIDghxy1DxQO7toUQRWxVt+0h6WyMJn+syEJJCWt8Bo8Bdvpil3nBHxFGzZ kDZVOVD/ZQ6hGnhrsSLAzq0luxVHdxNOhnljVJB1+GrcBYhF57Hc/M9ZH8ADO5B5dBrT orTYAO8pnpqwOydvfcA8CsCso9RATFCZpYqD5oIwD62TCMmfeLGvEfjx2GMolfz4TirN 0cDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708623182; x=1709227982; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7DkBmOftFWmGjmrzsnfgVuCdyqpsR+rQsePU/h1/ptk=; b=oBZ0X1dNzaCxdcoBiocO3pl9oW08sp/VGJC5Sy7FBxR6GelgWW4fAA9AOpOGaaljGI ljsKXDJ0jiDUi67B+xYUYpSB/Urb6DLDGT/9Xointjhv33miXxmA8if8zqo6T/Ot4WFX khL2a+1NCg3Xw/krKgBmC//ioypwww771ejDg7UC6RbI4RgHQdckWAcKKjAYXff8Z8jo C6kqiaGiG75n3AI117Y9Zk5SjSSM5QtvLWzpgAF5WE/Oot8UN+J5qW9+xaGWneQ5APi5 yOcAmZfFcpHnbL+599EffFMhIMUuZKOVFYuGt8vjm6A00XfoFJ32XxCBPQ0ZUKTPo97v gQrQ==
X-Gm-Message-State: AOJu0YztawuhzT23yvjVaskAKOfUS+2ddeS8GyOTqnq1OoFSU9Qxjyyu AlZdoQS+EePBDIHOI8ePet4WFX0skd1SL5UcZLKQoXvIYms2rLU1WHZ6OMG4S9aYOFS1c67fH2j Z
X-Google-Smtp-Source: AGHT+IHCRasxeMsw+S9gwW3V5ZTBNuNVUEFYA4JbKitsKhJTmhz9NOyJGpNWL8hzpFOKqX3JmmWH9g==
X-Received: by 2002:a05:6a00:1995:b0:6e4:cf8e:52e3 with SMTP id d21-20020a056a00199500b006e4cf8e52e3mr2050527pfl.1.1708623181964; Thu, 22 Feb 2024 09:33:01 -0800 (PST)
Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com. [209.85.210.179]) by smtp.gmail.com with ESMTPSA id m5-20020a62f205000000b006e468cd0a5asm7986548pfh.178.2024.02.22.09.33.01 for <privacy-pass@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 22 Feb 2024 09:33:01 -0800 (PST)
Received: by mail-pf1-f179.google.com with SMTP id d2e1a72fcca58-6e47a104c2eso2279323b3a.2 for <privacy-pass@ietf.org>; Thu, 22 Feb 2024 09:33:01 -0800 (PST)
X-Received: by 2002:a05:6a21:3991:b0:19e:cd13:eebf with SMTP id ad17-20020a056a21399100b0019ecd13eebfmr24469050pzc.40.1708623181137; Thu, 22 Feb 2024 09:33:01 -0800 (PST)
MIME-Version: 1.0
References: <170664197290.48538.11458873071334659518@ietfa.amsl.com> <SA1PR15MB437035BCB976667A27F13212B37D2@SA1PR15MB4370.namprd15.prod.outlook.com> <SA1PR15MB4370AC2E72FD41FA8277F9DFB37D2@SA1PR15MB4370.namprd15.prod.outlook.com> <F235DBE1-19B7-4738-BCEF-D2E4911206BD@apple.com> <V0hOXeWZP7Z3xxD5m4oK4ROqOtCUSG9JyxkMcpSwhrLLTxyEN-ZdfP1rC-ER87due5C6zv47H-wkPkowuvk-lEQJk53mfl57rKiHoggSI9c=@thibault.uk> <CANduzxBX63BzUa4Y8vtRkkhs+5wXUf2a_Vnt3+yvksjBcRfQrA@mail.gmail.com> <CAPDSy+5Ty1aYkaKTq1TCQ16L7q3dsZMUUuM0h1RzGesBVFzWnw@mail.gmail.com> <CACOcZTjz8a8h1sjMxjuEoTcnvJ94DWfKNq4eRGTXAB=xGL14LA@mail.gmail.com>
In-Reply-To: <CACOcZTjz8a8h1sjMxjuEoTcnvJ94DWfKNq4eRGTXAB=xGL14LA@mail.gmail.com>
From: Eli-Shaoul Khedouri <eli@intuitionmachines.com>
Date: Thu, 22 Feb 2024 12:32:49 -0500
X-Gmail-Original-Message-ID: <CA+AE54efErWqJrF5JEXRND674pZ5i7GuB32-sWS9cVY+Ln9RYQ@mail.gmail.com>
Message-ID: <CA+AE54efErWqJrF5JEXRND674pZ5i7GuB32-sWS9cVY+Ln9RYQ@mail.gmail.com>
To: Aykut Bulut <aykutb=40google.com@dmarc.ietf.org>
Cc: privacy-pass@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c44fbf0611fbd503"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/K6bDigEzFmk5oR58TF_cUN_Y7Nk>
Subject: Re: [Privacy-pass] The PRIVACYPASS WG has placed draft-wood-privacypass-auth-scheme-extensions in state "Call For Adoption By WG Issued"
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Feb 2024 17:33:07 -0000

Some typos here, but nothing that changes the intent. PR has been opened.

I support adoption of these items. We (hCaptcha) have brought up this topic
several times over the years, as one bit is not sufficient in many
applications.

There is not much benefit to preventing the token from affirming coarse
details otherwise expressed by the client, e.g. those contained in a user
agent string transmitted in parallel.

One item not covered in the drafts: is it worth introducing a revocation
concept for extensions at this stage?

Eli

On Thu, Feb 22, 2024 at 10:52 AM Aykut Bulut <aykutb=
40google.com@dmarc.ietf.org> wrote:

> I support the adoption of these two drafts as WG items.
>
> Aykut
>
>
> On Tue, Feb 20, 2024 at 3:04 PM David Schinazi <dschinazi.ietf@gmail.com>
> wrote:
>
>> Hi there,
>>
>> I'm supportive of adoption of both documents. Over at Google we're
>> working towards deploying our IP Protection feature to all Chrome users,
>> and that relies heavily on public metadata. So we'll have folks reviewing
>> and implementing these. I agree with Tommy that this will require privacy
>> analysis, but we can perform that analysis as a WG before WGLC - it doesn't
>> need to gate adoption.
>>
>> David
>>
>> On Tue, Feb 20, 2024 at 7:08 AM Steven Valdez <svaldez=
>> 40google.com@dmarc.ietf.org> wrote:
>>
>>> I support the adoption of these two drafts as WG items. I think having
>>> support for some kind of metadata will be critical for a number of
>>> applications of privacypass tokens.
>>>
>>> For the sake of having a possible extension for the WG to build around,
>>> it may also be worth trying to adopt either one of the extension drafts or
>>> coming up with another extension with WG support. Maybe some time at 119
>>> can be spent on either figuring out next steps for those?
>>>
>>> It would also be good to see if there are other crypto primitives that
>>> could be used to provide the metadata capability, but using partially blind
>>> RSA as a starting point seems reasonable for privacypass (though that draft
>>> should probably get some more reviews from the CFRG).
>>>
>>>
>>> On Mon, Feb 19, 2024 at 12:10 PM Thibault Meunier <ot-ietf@thibault.uk>
>>> wrote:
>>>
>>>> I'm currently going over the two documents (and the associated cfrg
>>>> draft) about Privacy Pass with metadata.
>>>>
>>>> During the review, I've found these additional documents helpful:
>>>>
>>>>    - Two possible extensions for the registry created in
>>>>    draft-wood-privacypass-auth-scheme-extension: geo-extension
>>>>    <https://datatracker.ietf.org/doc/draft-hendrickson-privacypass-geo-extension/>,
>>>>    expiration-extension
>>>>    <https://datatracker.ietf.org/doc/draft-hendrickson-privacypass-expiration-extension/01/>
>>>>    - Partially Blind RSA draft at CFRG:
>>>>    draft-amjad-cfrg-partially-blind-rsa-02.html
>>>>    <https://www.ietf.org/archive/id/draft-amjad-cfrg-partially-blind-rsa-02.html>
>>>>
>>>>
>>>> Best,
>>>> Thibault
>>>>
>>>> On Monday, 19 February 2024 at 17:56, Tommy Pauly <tpauly=
>>>> 40apple.com@dmarc.ietf.org> wrote:
>>>>
>>>> The core privacy pass architecture talks about metadata-supporting
>>>> token types, so overall I think the WG needs to say *something* in
>>>> this space.
>>>>
>>>> Looking at the two documents here:
>>>>
>>>> - draft-wood-privacypass-auth-scheme-extensions is a very minimal and
>>>> reasonable mechanism. Assuming that we have drafts (like the other one)
>>>> that will use it, I support adopting this document as the starting place
>>>> for allowing the auth scheme to support extensions.
>>>>
>>>> - draft-hendrickson-privacypass-public-metadata, for an approach to
>>>> adding metadata, also seems like a nice minimal approach. In general, I’m
>>>> still concerned about metadata and the implication on privacy analysis. I
>>>> think the document will need to say a lot more on what kind of metadata
>>>> would be safe, how to guarantee consistency, and how to not allow the
>>>> metadata to become a way to identify a single client across the issuance
>>>> and redemption contexts. For example, if the metadata item is something
>>>> that the client already is sharing with *both* the issuance and
>>>> redemption contexts, and knows will be visible to everyone already, then
>>>> adding the metadata doesn’t leak any additional state. However, if this is
>>>> not the case, then it may be risky to reveal information to the issuance
>>>> path that would otherwise not be visible. Providing some very concrete
>>>> examples of what metadata can be would help immensely in the discussion.
>>>>
>>>> So, for this one, I am provisionally supportive of adoption if we can
>>>> better articulate the bounds on usage and some clear cases that we can
>>>> agree are admissible.
>>>>
>>>> As a nit on draft-hendrickson-privacypass-public-metadata: it uses the
>>>> Blind(), BlindSign(), and Finalize() functions from RSA Blinding with extra
>>>> parameters for the extensions that aren’t defined in the main RSA Blinding
>>>> spec. Are these concatenations, or just cases of running the functions
>>>> twice?
>>>>
>>>> Thanks,
>>>> Tommy
>>>>
>>>> On Jan 30, 2024, at 11:28 AM, Ben Schwartz <bemasc=
>>>> 40meta.com@dmarc.ietf.org> wrote:
>>>>
>>>> -extra aliases.
>>>> ------------------------------
>>>> *From:* Ben Schwartz <bemasc@meta.com>
>>>> *Sent:* Tuesday, January 30, 2024 2:21 PM
>>>> *To:* IETF Secretariat <ietf-secretariat-reply@ietf.org>;
>>>> draft-wood-privacypass-auth-scheme-extensions@ietf.org <
>>>> draft-wood-privacypass-auth-scheme-extensions@ietf.org>;
>>>> privacy-pass@ietf.org <privacy-pass@ietf.org>;
>>>> privacypass-chairs@ietf.org <privacypass-chairs@ietf.org>
>>>> *Subject:* Re: [Privacy-pass] The PRIVACYPASS WG has placed
>>>> draft-wood-privacypass-auth-scheme-extensions in state "Call For Adoption
>>>> By WG Issued"
>>>>
>>>> Hi PRIVACYPASS,
>>>>
>>>> draft-hendrickson-privacypass-public-metadata and
>>>> draft-wood-privacypass-auth-scheme-extensions have a mutual normative
>>>> dependency, so (as previously discussed) the chairs have put them forward
>>>> for a joint adoption call.  We hope that 3 weeks will be enough time for
>>>> everyone to read both drafts and comment on their suitability for adoption.
>>>>
>>>> If you support or oppose adoption, please comment in this thread.
>>>>
>>>> --Ben Schwartz
>>>> ------------------------------
>>>> *From:* Privacy-pass <privacy-pass-bounces@ietf.org> on behalf of IETF
>>>> Secretariat <ietf-secretariat-reply@ietf.org>
>>>> *Sent:* Tuesday, January 30, 2024 2:12 PM
>>>> *To:* draft-wood-privacypass-auth-scheme-extensions@ietf.org <
>>>> draft-wood-privacypass-auth-scheme-extensions@ietf.org>;
>>>> privacy-pass@ietf.org <privacy-pass@ietf.org>;
>>>> privacypass-chairs@ietf.org <privacypass-chairs@ietf.org>
>>>> *Subject:* [Privacy-pass] The PRIVACYPASS WG has placed
>>>> draft-wood-privacypass-auth-scheme-extensions in state "Call For Adoption
>>>> By WG Issued"
>>>>
>>>> !-------------------------------------------------------------------|
>>>>   This Message Is From an External Sender
>>>>
>>>> |-------------------------------------------------------------------!
>>>>
>>>>
>>>> The PRIVACYPASS WG has placed
>>>> draft-wood-privacypass-auth-scheme-extensions
>>>> in state Call For Adoption By WG Issued (entered by Benjamin Schwartz)
>>>>
>>>> The document is available at
>>>>
>>>> https://datatracker.ietf.org/doc/draft-wood-privacypass-auth-scheme-extensions/
>>>>
>>>> Comment:
>>>> Joint adoption call for draft-hendrickson-privacypass-public-metadata
>>>> and
>>>> draft-wood-privacypass-auth-scheme-extensions.
>>>>
>>>> --
>>>> Privacy-pass mailing list
>>>> Privacy-pass@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/privacy-pass
>>>> --
>>>> Privacy-pass mailing list
>>>> Privacy-pass@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/privacy-pass
>>>>
>>>>
>>>>
>>>> --
>>>> Privacy-pass mailing list
>>>> Privacy-pass@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/privacy-pass
>>>>
>>>
>>>
>>> --
>>>
>>>  Steven Valdez |  Chrome Privacy Sandbox |  svaldez@google.com |  Cambridge,
>>> MA
>>> --
>>> Privacy-pass mailing list
>>> Privacy-pass@ietf.org
>>> https://www.ietf.org/mailman/listinfo/privacy-pass
>>>
>> --
>> Privacy-pass mailing list
>> Privacy-pass@ietf.org
>> https://www.ietf.org/mailman/listinfo/privacy-pass
>>
> --
> Privacy-pass mailing list
> Privacy-pass@ietf.org
> https://www.ietf.org/mailman/listinfo/privacy-pass
>

v2.23.0 | Report a Bug | By Email