[Privacy-pass] Protocol Action: 'Privacy Pass Issuance Protocol' to Proposed Standard (draft-ietf-privacypass-protocol-16.txt)

The IESG <iesg-secretary@ietf.org> Fri, 06 October 2023 22:12 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: privacy-pass@ietf.org
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EE3CC17022D; Fri, 6 Oct 2023 15:12:23 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 11.12.1
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, draft-ietf-privacypass-protocol@ietf.org, jsalowey@gmail.com, paul.wouters@aiven.io, privacy-pass@ietf.org, privacypass-chairs@ietf.org, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <169663034331.7379.9331265327080808495@ietfa.amsl.com>
Date: Fri, 06 Oct 2023 15:12:23 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/t6wflzOtiu5u6LHs91NNZpFhPKE>
Subject: [Privacy-pass] Protocol Action: 'Privacy Pass Issuance Protocol' to Proposed Standard (draft-ietf-privacypass-protocol-16.txt)
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Oct 2023 22:12:23 -0000

The IESG has approved the following document:
- 'Privacy Pass Issuance Protocol'
  (draft-ietf-privacypass-protocol-16.txt) as Proposed Standard

This document is the product of the Privacy Pass Working Group.

The IESG contact persons are Paul Wouters and Roman Danyliw.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-privacypass-protocol/




Technical Summary

   This document specifies two variants of the two-message issuance
   protocol for Privacy Pass tokens: one that produces tokens that are
   privately verifiable using the issuance private key, and another that
   produces tokens that are publicly verifiable using the issuance
   public key.

Working Group Summary

   Strong consensus (although the WG is relatively small)

Document Quality

There are deployed examples of the privacy pass protocol.  References to
these implementations are included in the architecture document. This includes
two open source implementations that implement pieces of the architecture and vendor
products including private access tokens implemented by Apple, Cloudflare and
Fastly. These implementations communicate using the auth scheme defined in
this document (see e.g. https://developer.apple.com/news/?id=huqjyh7k,
https://www.fastly.com/blog/private-access-tokens-stepping-into-the-privacy-respecting-captcha-less)

A number of issues were addressed after various directorate reviews (esp the HTTPDIR review)

The 3 Media Types were approved by the Expert.

Personnel

   The Document Shepherd for this document is Joseph A. Salowey. The
   Responsible Area Director is Paul Wouters.