IETF Logo Mail Archive

Re: [Privacy-pass] Working group last Call for batched Tokens

Tommy Pauly <tpauly@apple.com> Mon, 08 April 2024 15:36 UTC

Return-Path: <tpauly@apple.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C6E5C1516F3 for <privacy-pass@ietfa.amsl.com>; Mon, 8 Apr 2024 08:36:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.472
X-Spam-Level:
X-Spam-Status: No, score=-4.472 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.08, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bi4tg4mhSbUy for <privacy-pass@ietfa.amsl.com>; Mon, 8 Apr 2024 08:36:35 -0700 (PDT)
Received: from ma-mailsvcp-mx-lapp01.apple.com (ma-mailsvcp-mx-lapp01.apple.com [17.32.222.22]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80CA2C1516EB for <privacy-pass@ietf.org>; Mon, 8 Apr 2024 08:36:35 -0700 (PDT)
Received: from rn-mailsvcp-mta-lapp01.rno.apple.com (rn-mailsvcp-mta-lapp01.rno.apple.com [10.225.203.149]) by ma-mailsvcp-mx-lapp01.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPS id <0SBM010EDRCXPV00@ma-mailsvcp-mx-lapp01.apple.com> for privacy-pass@ietf.org; Mon, 08 Apr 2024 08:36:34 -0700 (PDT)
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-08_13,2024-04-05_02,2023-05-22_02
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=OEa+qN28cg3b58d3PshH3OhXVIhWqAeeB5kFD42+APE=; b=lCBXjL03G2YAkIRLXyrkp9hEzmBtobyjBg3PPvKGzGZmO9bMh2PfbsZYnhhPGPoQhrDg oUToHqXU5rYrz8Do+I48H+Sya8tNSBkFO2VaxBbLYcLIjIcXFT8f7+govOgO901eHqW0 6kDQR2GIGH9OFy1QdEO7KE5B7eV91GtcLx1oJCIjVoYJTcvlFyAdkZwFZ7oSR/9ti9YR tTuAOIpAjL4Mx6641hqE3YgQqVgu9uQFmapHHATEE4Kk+673Iih25I9zjrcVBpNYk6+/ PNsBQKg3E2XA5w5c9rhfIYPdvg3L8YgUPTTFsOBpuYeD6vp+9sI+SmttAjNysGvfsPe1 eg==
Received: from rn-mailsvcp-mmp-lapp04.rno.apple.com (rn-mailsvcp-mmp-lapp04.rno.apple.com [17.179.253.17]) by rn-mailsvcp-mta-lapp01.rno.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPS id <0SBM00ID0RCX8VC0@rn-mailsvcp-mta-lapp01.rno.apple.com>; Mon, 08 Apr 2024 08:36:33 -0700 (PDT)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp04.rno.apple.com by rn-mailsvcp-mmp-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) id <0SBM00E00R9GYN00@rn-mailsvcp-mmp-lapp04.rno.apple.com>; Mon, 08 Apr 2024 08:36:33 -0700 (PDT)
X-Va-A:
X-Va-T-CD: 2f6cb9b0a50a87346e355f8690928e9e
X-Va-E-CD: 5c92d29e7745b5f8a4f670f4b245067f
X-Va-R-CD: 01f945e4c02e674a1ab265d5affe99e2
X-Va-ID: 69287b83-1360-4d2b-8881-dee0a39a9954
X-Va-CD: 0
X-V-A:
X-V-T-CD: 2f6cb9b0a50a87346e355f8690928e9e
X-V-E-CD: 5c92d29e7745b5f8a4f670f4b245067f
X-V-R-CD: 01f945e4c02e674a1ab265d5affe99e2
X-V-ID: d3a01a17-75d1-48fb-b245-de0bfa6b9476
X-V-CD: 0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-08_13,2024-04-05_02,2023-05-22_02
Received: from smtpclient.apple ([17.230.165.205]) by rn-mailsvcp-mmp-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPSA id <0SBM00THDRCWZS00@rn-mailsvcp-mmp-lapp04.rno.apple.com>; Mon, 08 Apr 2024 08:36:32 -0700 (PDT)
From: Tommy Pauly <tpauly@apple.com>
Message-id: <15E0A5B4-C2D7-46E7-A82E-DC15F34323D5@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_192824FC-E0A4-4FF0-A253-764FBBA7639F"
MIME-version: 1.0 (Mac OS X Mail 16.0 \(3774.500.171.1.1\))
Date: Mon, 08 Apr 2024 08:36:21 -0700
In-reply-to: <CAOgPGoCzLNv+7HnuoqMCmyEq7LtV7UYTBejSsgeJ7Sb8iH=6yA@mail.gmail.com>
Cc: privacy-pass@ietf.org
To: Joseph Salowey <joe@salowey.net>, Raphael Robert <ietf@raphaelrobert.com>, Steven Valdez <svaldez=40google.com@dmarc.ietf.org>, Christopher Wood <caw@heapingbits.net>
References: <CAOgPGoDiW2XgOGkv_ug=TFP=BNJG=SffJVcE8zCnv4cXvudYsw@mail.gmail.com> <CANduzxAPCDhvqV3jOYXiYywLok4g+i5KZw=p=fnszKwuGEw4bw@mail.gmail.com> <113031C1-BD70-402A-9247-20016C5BDE9A@raphaelrobert.com> <CAOgPGoCzLNv+7HnuoqMCmyEq7LtV7UYTBejSsgeJ7Sb8iH=6yA@mail.gmail.com>
X-Mailer: Apple Mail (2.3774.500.171.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/ocS-_A5V5Oy-dtWJAZ6xNuYArgw>
Subject: Re: [Privacy-pass] Working group last Call for batched Tokens
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2024 15:36:40 -0000

Also chiming in for a review — I just read through the draft and it looks good to me. I didn’t see any particular flaws that I would say need addressing before publication. I filed one very minor editorial issue https://github.com/ietf-wg-privacypass/ietf-draft-privacypass-batched-tokens/issues/8

I did have one overall question about our approach to token types and batching: this new batched VOPRF allocates a new token type, although my understanding is that the redemption step doesn’t necessarily need to know anything about it being batched in order to validate the token. To what degree do we want changes to the issuance that don’t impact the nature of the token upon redemption to be reflected in the token type vs some other difference in the request (such as media type, etc, etc)? Is there a security reason that the redeemer needs to know?

Tommy

> On Apr 7, 2024, at 9:02 PM, Joseph Salowey <joe@salowey.net> wrote:
> 
> RIght now we only have one response to the last call which is not enough to call consensus on.   It would be good to have a draft that is not expired, but I also think before we can continue a consensus call we need a draft with all the outstanding changes as well.  
> 
> Thanks,
> 
> Joe
> 
> On Wed, Mar 20, 2024 at 3:37 AM Raphael Robert <ietf@raphaelrobert.com <mailto:ietf@raphaelrobert.com>> wrote:
>> As soon as that issue is resolved I’ll make one more editorial pass before I cut a new draft. I’ll announce it here.
>> 
>> Raphael
>> 
>>> On 20. Mar 2024, at 06:23, Steven Valdez <svaldez=40google.com@dmarc.ietf.org <mailto:40google.com@dmarc.ietf.org>> wrote:
>>> 
>>> I think this draft looks mostly good and I support it going to the IESG. There is one outstanding issue #6 <https://github.com/ietf-wg-privacypass/ietf-draft-privacypass-batched-tokens/issues/6> (I submitted and forgot to follow up on) regarding adding the VOPRF variant as a defined type since we're relying on that variant for PST. I can try to get a PR for that submitted, though not sure what the ordering between the draft being expired, the WGLC and cutting a new draft should look like?
>>> 
>>> -Steven
>>> 
>>> On Mon, Mar 11, 2024 at 2:47 PM Joseph Salowey <joe@salowey.net <mailto:joe@salowey.net>> wrote:
>>>> This is the working group last call for Batched Token Issuance Protocol (https://datatracker.ietf.org/doc/draft-ietf-privacypass-batched-tokens/).  Please review the document and indicate if it is ready to forward to the IESG by posting comments to this thread.  The internet draft is about to expire but should still be accessible.  Please send your comments by March 26, 2024.  
>>>> 
>>>> Thanks,
>>>> 
>>>> Joe and Ben
>>>> -- 
>>>> Privacy-pass mailing list
>>>> Privacy-pass@ietf.org <mailto:Privacy-pass@ietf.org>
>>>> https://www.ietf.org/mailman/listinfo/privacy-pass
>>> 
>>> 
>>> --
>>> 
>>>  Steven Valdez |	 Chrome Privacy Sandbox |	 svaldez@google.com <mailto:svaldez@google.com> |	 Cambridge, MA
>>> -- 
>>> Privacy-pass mailing list
>>> Privacy-pass@ietf.org <mailto:Privacy-pass@ietf.org>
>>> https://www.ietf.org/mailman/listinfo/privacy-pass
>> 
> -- 
> Privacy-pass mailing list
> Privacy-pass@ietf.org
> https://www.ietf.org/mailman/listinfo/privacy-pass

v2.23.0 | Report a Bug | By Email