[Privacy-pass] Related Work: Private Access Tokens
Steven Valdez <svaldez@google.com> Mon, 25 October 2021 20:07 UTC
Return-Path: <svaldez@google.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B69D23A0A78 for <privacy-pass@ietfa.amsl.com>; Mon, 25 Oct 2021 13:07:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.599
X-Spam-Level:
X-Spam-Status: No, score=-17.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OIoBJzw8VuOU for <privacy-pass@ietfa.amsl.com>; Mon, 25 Oct 2021 13:06:59 -0700 (PDT)
Received: from mail-pf1-x433.google.com (mail-pf1-x433.google.com [IPv6:2607:f8b0:4864:20::433]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E6AB3A0879 for <privacy-pass@ietf.org>; Mon, 25 Oct 2021 13:06:32 -0700 (PDT)
Received: by mail-pf1-x433.google.com with SMTP id m26so11880109pff.3 for <privacy-pass@ietf.org>; Mon, 25 Oct 2021 13:06:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=FAYBvHH7Gmn5oWZWxUr9mJFfwjz4JMsbygrmFM8X0HU=; b=Y5g1lcCJO7gERe2v3nTtk+LTYg6f9i/MpRdwVWuEzttkMQ1D8JxQ+XmFP8x8WRWAis 11iaR87wvUkLea2WJxyu+2SvMGwkNAX8V2h5Y0wveqWxJh81IsdykZpwfXSmYg3Zp9vE pzm+YFVBNi27HDWjPXUhcR3SIyAKmesJcFPobFVK0jcaw5pEPOMQ1Siak1gORlgQToAr s/tEjgxcZ+4/oCY4RktezmfiXni+CFO28ur5qGv+A3ICI+qiN2kS1Au/qrJ9vqRVsxB1 7f/jx7YUI9+t5I+6vgwZLpLw0lZz1zHy4W4R64hZSuInJNhJE4CW7eXwV5AIb1wcmiSf 4L0w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=FAYBvHH7Gmn5oWZWxUr9mJFfwjz4JMsbygrmFM8X0HU=; b=IuS76VYZjyIBMMVP4xw4Nt5Fc5qIZo6wB9tCloc5/MI33rfzZ50O+9X6dSOv/ujep/ 3KIoH6kGcu6kA8+HLaY93qFlqkL1a8C1ZZDFErYlIRyLFo2veUI1ArwxcXWI3p3jMdv2 30ao9tWvowtbteNjwyLIyPQmQoS7tvuIkNJKbTwaypFmOr9K3zL2Q+7lKDkKrsod6xqu BSGfmtyN00YIAD94sWxRw0KYOKPSSS1Kw6IinpBSoCVpvTDEiBqpKikzQGEJsVUB0PIC alZkz9gjJecY4VOaa/FhvfnPQmBufF26B78yD95A4I0+84YeX+f7pSozhiuoVr4WmlXJ A6aQ==
X-Gm-Message-State: AOAM530oCtMISxM0BO/U61e3CKOU7hOcZmY1KHBsxejCaEpLrcD0r1X8 XVivbGM8BNIyNR5JnW5Bz1Xcs21ygVwGVlLg3lsFZ3rVdTOZpw==
X-Google-Smtp-Source: ABdhPJyJzhJK7sf5Knf4h/+jV0q7S1QP5aH30mFoF6Apa9wFHdaEBHLRC+miAJLSQFmOPRIhXnIGL6cfaeSFWdnMD0c=
X-Received: by 2002:a62:194d:0:b0:47b:e3ee:6d43 with SMTP id 74-20020a62194d000000b0047be3ee6d43mr12421147pfz.82.1635192388766; Mon, 25 Oct 2021 13:06:28 -0700 (PDT)
MIME-Version: 1.0
References: <163519158647.7470.5967840992186527470@ietfa.amsl.com> <A204B94F-77CC-4D3C-8FA6-F6F68ED3D32F@apple.com>
In-Reply-To: <A204B94F-77CC-4D3C-8FA6-F6F68ED3D32F@apple.com>
From: Steven Valdez <svaldez@google.com>
Date: Mon, 25 Oct 2021 16:06:17 -0400
Message-ID: <CANduzxCFdXitoqsOXskMNXU+pzggABtQcFLYkuumvzv5HSn7Tw@mail.gmail.com>
To: privacy-pass@ietf.org
Content-Type: multipart/alternative; boundary="00000000000079336405cf32e555"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/M7QitcnUIOtifz03osQy9XcRwPI>
Subject: [Privacy-pass] Related Work: Private Access Tokens
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Oct 2021 20:07:10 -0000
There's some potentially related work that will potentially be discussed at IETF 112 in SECDISPATCH on other forms of anonymous tokens. There's some overlap with the Privacy Pass use cases, though a fair number of differences ( https://github.com/tfpauly/privacy-proxy/blob/main/draft-private-access-tokens.md#related-work-privacy-pass-privacy-pass ). -Steven ---------- Forwarded message --------- From: Tommy Pauly <tpauly@apple.com> Date: Mon, Oct 25, 2021 at 4:00 PM Subject: Requesting agenda time for draft-private-access-tokens To: <Secdispatch@ietf.org> Cc: Jana Iyengar <jri@fastly.com>, Christopher Wood <caw@heapingbits.net>, Steven Valdez <svaldez@google.com>, Scott Hendrickson <shendrick@google.com> Hi SECDISPATCH, Several of us have been developing a new protocol spec called Private Access Tokens. This is a publicly verifiable anonymous token (based on RSA blind signatures) that can be presented to origins as HTTP authentication, based on a system of token issuance that allows anonymous per-origin rate limiting. The goal here is to make it possible to work with metered paywalls and fraud prevention systems even when clients are using anonymous IP addresses to access origins. We’d like to discuss this at IETF 112, and we’d love to hear thoughts on comments on this list before then as well. https://www.ietf.org/archive/id/draft-private-access-tokens-00.html Best, Tommy, Chris, Jana, Steven, & Scott Begin forwarded message: *From: *internet-drafts@ietf.org *Subject: **New Version Notification for draft-private-access-tokens-00.txt* *Date: *October 25, 2021 at 12:53:06 PM PDT *To: *"Christopher A. Wood" <caw@heapingbits.net>, Christopher Wood < caw@heapingbits.net>, Jana Iyengar <jri@fastly.com>, Scott Hendrickson < scott@shendrickson.com>, Steven Valdez <svaldez@chromium.org>, Tommy Pauly < tpauly@apple.com> A new version of I-D, draft-private-access-tokens-00.txt has been successfully submitted by Tommy Pauly and posted to the IETF repository. Name: draft-private-access-tokens Revision: 00 Title: Private Access Tokens Document date: 2021-10-25 Group: Individual Submission Pages: 37 URL: https://www.ietf.org/archive/id/draft-private-access-tokens-00.txt Status: https://datatracker.ietf.org/doc/draft-private-access-tokens/ Html: https://www.ietf.org/archive/id/draft-private-access-tokens-00.html Htmlized: https://datatracker.ietf.org/doc/html/draft-private-access-tokens Abstract: This document defines a protocol for issuing and redeeming privacy- preserving access tokens. These tokens can adhere to an issuance policy, allowing a service to limit access according to the policy without tracking client identity. Discussion Venues This note is to be removed before publishing as an RFC. Source for this draft and an issue tracker can be found at https://github.com/tfpauly/privacy-proxy. The IETF Secretariat -- Steven Valdez | Chrome Privacy Sandbox | svaldez@google.com | 210-692-4742 <(210)%20692-4742>
- [Privacy-pass] Related Work: Private Access Tokens Steven Valdez