Re: [Privacy-pass] Privacy Pass draft comments
Steven Valdez <svaldez@google.com> Fri, 24 July 2020 22:04 UTC
Return-Path: <svaldez@google.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0CAC3A07B6 for <privacy-pass@ietfa.amsl.com>; Fri, 24 Jul 2020 15:04:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.599
X-Spam-Level:
X-Spam-Status: No, score=-17.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wuHeg7VPxMjS for <privacy-pass@ietfa.amsl.com>; Fri, 24 Jul 2020 15:04:04 -0700 (PDT)
Received: from mail-oi1-x231.google.com (mail-oi1-x231.google.com [IPv6:2607:f8b0:4864:20::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 749733A090B for <privacy-pass@ietf.org>; Fri, 24 Jul 2020 15:04:03 -0700 (PDT)
Received: by mail-oi1-x231.google.com with SMTP id x83so9245257oif.10 for <privacy-pass@ietf.org>; Fri, 24 Jul 2020 15:04:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=k8e1SwEcdQq5OwHHn2/XAuYQ7qadt1FDhU4lVxInNbY=; b=if5BC6JNMazvTTDjnq3yxIlUOR/+H66a2QwBSFjhodWUyvHNLwbTRf69BUD/bldgAG tBPsWoeTX1ainzeBQUuSwuUX1waoRaEIJPVBwgSLIrbwDfFMgZSNLSDlmzJr2B78onAw No6xHN0kNWIy9tq5kMJ1tXwcWp8wApKolj/5RJrA2mWPu+MXyEuuhCgAQQupDQJ+gd/z OuLkmbNjzArvdY5PSAepFD0/wHIcm6oPAWRc5PmMf15J3vsh/HbdHR2/34B4bJBUJ0Sl CjCP2KTsYC/1vqbuTGErinwBHS76B/WW5JvvXyIcXubV78sDSSqzPwZfz8O9KgkrN/Oq fKVg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=k8e1SwEcdQq5OwHHn2/XAuYQ7qadt1FDhU4lVxInNbY=; b=egQPO8pnZYIcKtaVsLrfRGcDOmm9msDBObHYa03UudwfSQN0MgTUIn3wrdSYmojK7u CYJ1dRNvfmGcELNcAMlpO//ivgJHzdr3Zw5vZc/Raf0TAguy3JZBI9VAdeE16x0fxgYY s8Zih8uH7EOm9+IE6aLpZJE5fXYM6g03urt5ACWIELlfaJj8j807ASMviF5fd3HbJnCG PO+ub6q1gG8FRjV27apB1O/64gADmVNu5IUI0AGlW160G30dNZQkQdhip2u8cO0SB92v l4LMHY4QoSCOUtfaK4Vg5IqXpIfqOhq+9tfsD05i3Xhnt4Fbu4dLvbip++CcLFsRahyH 1JiQ==
X-Gm-Message-State: AOAM5315fybxw8jQ+aB0/f8CEtCkRRa/R9qiu8SopIMkVkg3Ct/s6Zmq Njyc2poymsj9xqw9wx0sR/UU7ojVtlrR9qxXCI/70LcH
X-Google-Smtp-Source: ABdhPJwm9c6tkPtrBFYus9ke/q4uTFia+LDiLFP+zE5hLBk5YfA1B9e3hTpP3gvDwJOyrRtkyefglow72UkqFGA9DAU=
X-Received: by 2002:aca:3305:: with SMTP id z5mr867303oiz.120.1595628242242; Fri, 24 Jul 2020 15:04:02 -0700 (PDT)
MIME-Version: 1.0
References: <CAHbrMsCTo6sYDKNgTNfsk2aJvzGO_uEWiA8u+d5_qah0nsXPJA@mail.gmail.com>
In-Reply-To: <CAHbrMsCTo6sYDKNgTNfsk2aJvzGO_uEWiA8u+d5_qah0nsXPJA@mail.gmail.com>
From: Steven Valdez <svaldez@google.com>
Date: Fri, 24 Jul 2020 18:03:50 -0400
Message-ID: <CANduzxDrUFj2=ZA8EzJsnR0mL73piYTh3gQakih-dN5Rgu25Ng@mail.gmail.com>
To: Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>
Cc: privacy-pass@ietf.org
Content-Type: multipart/alternative; boundary="00000000000092edaf05ab37264c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/MJ8woQT0bAMX0hEgiq52GznZnYM>
Subject: Re: [Privacy-pass] Privacy Pass draft comments
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2020 22:04:14 -0000
In terms of the bit of metadata, in the current drafts it's not currently tied to a specific proposal and doesn't have a protocol to support it, but one potential way to support it is building on top of the PMBToken primitive which provides the one bit of metadata property. Unless I'm looking at the wrong section, it currently uses a bit of metadata as an example of the privacy considerations that metadata introduces. (As for the specific PMBToken case, it lets an issuer set a token to be one of two values, that are both cryptographically signed. I think the one you're looking at is the other construction for a PrivacyPass token without the ZKPs?) --- For the HTTP API, one open question (short list in the presentation for 108), includes whether the API recommended in the WG document should be tied to .well-known endpoints or if we should generalize it to allow the issuer to provide the capabilities on top of any endpoint. But yes, the current draft has a foot in both worlds, and once we resolve that question either moving it to a REST API on the well-known or omitting the well known entirely is probably the right move. Keeping it at .well-known would mean doing something like: https://captcha.example/submit-challenge-answer (sets state with the result of the challenge). https://captcha.example/.well-known/privacy-pass (Does the actual issuance via PrivacyPass) Potentially a server might want something like: https://captcha.example/submit-challenge-answer and if the client attaches an issuance request in the Sec-Privacy-Pass header, the response could return PrivacyPass tokens directly. On Fri, Jul 24, 2020 at 5:43 PM Ben Schwartz <bemasc= 40google.com@dmarc.ietf.org> wrote: > Some comments on the drafts scheduled for discussion in our session next > week: > > On the architecture: > The draft mentions a use case for "1 bit of metadata" without further > explanation. Is this in reference to the PMBToken proposal? I think it > would be worth clarifying the reference. > > Regarding PMBToken, I'm not sure that proposal necessarily reduces the > anonymity set in the way that the architecture draft describes. It sounds > like the server returns either a valid token, which the server can later > verify, or an invalid token, which the server cannot distinguish from > client-generated garbage. If so, we might avoid reduction of client > anonymity by encouraging all clients to attempt to send garbage tokens > occasionally. "Don't Take Any Wooden Nickels" [1]. > > On the HTTP API: > There's no explanation of why this is all being jammed into a > Sec-Privacy-Pass header. This is very much unlike a typical REST API. > What's the goal here? I think it would be worth clarifying. > > If this design is to allow tacking redemptions onto arbitrary HTTP > requests like a cookie, then could issuance still be a normal REST API? > Then we probably wouldn't need the "type" field for redemption; it could be > implicit. > > --Ben > > [1] https://en.wiktionary.org/wiki/don%27t_take_any_wooden_nickels > -- > Privacy-pass mailing list > Privacy-pass@ietf.org > https://www.ietf.org/mailman/listinfo/privacy-pass > -- Steven Valdez | Chrome Privacy Sandbox | svaldez@google.com | 210-692-4742
- [Privacy-pass] Privacy Pass draft comments Ben Schwartz
- Re: [Privacy-pass] Privacy Pass draft comments Steven Valdez
- Re: [Privacy-pass] Privacy Pass draft comments Ben Schwartz