Re: [QUIC] QUIC privacy impact
"Scharf, Michael (Nokia - DE)" <michael.scharf@nokia.com> Sun, 22 May 2016 17:33 UTC
Return-Path: <michael.scharf@nokia.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 944BF12D0DE for <quic@ietfa.amsl.com>; Sun, 22 May 2016 10:33:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.92
X-Spam-Level:
X-Spam-Status: No, score=-6.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kmiTABXwgoLi for <quic@ietfa.amsl.com>; Sun, 22 May 2016 10:33:13 -0700 (PDT)
Received: from smtp-fr.alcatel-lucent.com (fr-hpida-esg-02.alcatel-lucent.com [135.245.210.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC84712D10B for <quic@ietf.org>; Sun, 22 May 2016 10:33:12 -0700 (PDT)
Received: from fr712umx4.dmz.alcatel-lucent.com (unknown [135.245.210.45]) by Websense Email Security Gateway with ESMTPS id C8643E70EDE63; Sun, 22 May 2016 17:33:07 +0000 (GMT)
Received: from fr712usmtp2.zeu.alcatel-lucent.com (fr712usmtp2.zeu.alcatel-lucent.com [135.239.2.42]) by fr712umx4.dmz.alcatel-lucent.com (GMO-o) with ESMTP id u4MHXA1J013335 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 22 May 2016 17:33:10 GMT
Received: from FR711WXCHHUB02.zeu.alcatel-lucent.com (fr711wxchhub02.zeu.alcatel-lucent.com [135.239.2.112]) by fr712usmtp2.zeu.alcatel-lucent.com (GMO) with ESMTP id u4MHW4Rk031268 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Sun, 22 May 2016 19:33:10 +0200
Received: from FR712WXCHMBA15.zeu.alcatel-lucent.com ([169.254.7.44]) by FR711WXCHHUB02.zeu.alcatel-lucent.com ([135.239.2.112]) with mapi id 14.03.0195.001; Sun, 22 May 2016 19:32:31 +0200
From: "Scharf, Michael (Nokia - DE)" <michael.scharf@nokia.com>
To: Jana Iyengar <jri@google.com>, Ryan Hamilton <rch@google.com>
Thread-Topic: [QUIC] QUIC privacy impact
Thread-Index: AQHRsynFCnTysxHU/0GFj3E4WoIavJ/DSSMAgAAj/ACAALzBAIABBqOQ
Date: Sun, 22 May 2016 17:32:30 +0000
Message-ID: <655C07320163294895BBADA28372AF5D4886201E@FR712WXCHMBA15.zeu.alcatel-lucent.com>
References: <CA+9kkMDkPZC-8YP9FXbWDohVriMO=mYEqGhf7bkdObNob=RNFw@mail.gmail.com> <655C07320163294895BBADA28372AF5D488612F2@FR712WXCHMBA15.zeu.alcatel-lucent.com> <CAJ_4DfTh+Xx5gExs5DU=Lf9drNnOtA0pD8rEqKXnNDC-31pQ9A@mail.gmail.com> <CAGD1bZaFkf=ynqtmmzxZ9jiwNXHWZbvU_vrw41rT7treG_wM-A@mail.gmail.com> <CAGD1bZYM-XMA7gdcRyGxfS538-y+-cdWB4d0xDb0SsTGL=vLDw@mail.gmail.com>
In-Reply-To: <CAGD1bZYM-XMA7gdcRyGxfS538-y+-cdWB4d0xDb0SsTGL=vLDw@mail.gmail.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.239.27.40]
Content-Type: multipart/alternative; boundary="_000_655C07320163294895BBADA28372AF5D4886201EFR712WXCHMBA15z_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/quic/0jTQX5ATm80H9ftqxh9ReuMjMTg>
Cc: "quic@ietf.org" <quic@ietf.org>
Subject: Re: [QUIC] QUIC privacy impact
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list to discuss QUIC standardization <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 May 2016 17:33:15 -0000
draft-tsvwg-quic-protocol-02 says: QUIC connections are identified by a 64-bit Connection ID, randomly generated by the client. QUIC can survive IP address changes and NAT re-bindings since the Connection ID remains the same across these migrations. So, can we agree that this statement is very, very vague? For instance, could I write a QUIC implementation compliant to draft-tsvwg-quic-protocol-02 that e.g. uses a static and a random part of the connection ID, and e.g. stores the static part permanently on the user’s computer? Or, could I pick as a static part the MAC address? The total ID would still be random. I have difficulties to understand how this sort of ID generation would be different from a “clear text super cookie” and what is defined in the reference you provide. I am sure that this is not what the current QUIC implementation does. But since we are in IETF context, talking about a potential standard, I am concerned what other implementers of a new protocol could do, and what use cases they could find for this ID. And if there was some interesting use of having an entirely user-defined clear text value at some constant offset in the packet, for a widely used Internet transport protocol, I am pretty sure some implementers would not care about some MUSTs in an RFC saying “please, please, please select every bit in the ID randomly”. Or do I miss something obvious? Michael From: Jana Iyengar [mailto:jri@google.com] Sent: Sunday, May 22, 2016 5:20 AM To: Ryan Hamilton Cc: quic@ietf.org; Scharf, Michael (Nokia - DE) Subject: Re: [QUIC] QUIC privacy impact Michael, Just caught up on the SPUD thread, and I'd like to correct something you said there that I'll quote here for context: "if there is now a new clear text identifier that just happens to be unique per subscriber. What a great improvement for privacy in the Internet! And even better that it seems compatible with QUIC..." QUIC's connection ID is NOT unique per subscriber. It's per connection. As I said on the other thread, in the single-path case, it reveals no more informtion than TCP. In the multipath case, it effectively reveals no more than MPTCP, since the ID is used to tie the multiple, using MPTCP parlance, "sub-flows", together. It is possible to consider a different design that uses multiple connection IDs for the multiple sub-flows, but to be clear, that makes this new multipath strictly better than MPTCP at privacy-preservation. At any rate, I wanted to make sure that we're talking about the same issue. I'll also note that it's plain wrong to use the term "clear text super cookie" in relation to the QUIC connection ID (see https://www.techopedia.com/definition/27310/super-cookie for what I think a supercookie is.) - jana On Sat, May 21, 2016 at 9:04 AM, Jana Iyengar <jri@google.com<mailto:jri@google.com>> wrote: That's a design element that should and will definitely be discussed in the WG. Specifically this applies to use of connection IDs during multipath, and I expect that conversation to happen when we discuss multipath. On May 21, 2016 6:56 AM, "Ryan Hamilton" <rch@google.com<mailto:rch@google.com>> wrote: Definitely. On Fri, May 20, 2016 at 11:26 PM, Scharf, Michael (Nokia - DE) <michael.scharf@nokia.com<mailto:michael.scharf@nokia.com>> wrote: Is it planned to discuss potential privacy implications of the „QUIC connection identifier“ (also named “clear text super cookie” on the SPUD list)? Thanks Michael From: QUIC [mailto:quic-bounces@ietf.org<mailto:quic-bounces@ietf.org>] On Behalf Of EXT Ted Hardie Sent: Saturday, May 14, 2016 1:27 AM To: quic@ietf.org<mailto:quic@ietf.org>; Jana Iyengar; Christian Huitema Subject: [QUIC] Draft charter Howdy, As part of the BoF preparation, we put together a stab at a draft charter. It's available as html and markdown on github at: https://github.com/IETF-QUIC/Charter I've attached the HTML version as well. It would be great to have some of the discussion on the list before the BoF. Comments to the list or issues/pull requests at the github repo are welcome. We will periodically reflect any issues or suggestion from the Repo back to the list, but this will be manual, so expect some lag. regards, Ted _______________________________________________ QUIC mailing list QUIC@ietf.org<mailto:QUIC@ietf.org> https://www.ietf.org/mailman/listinfo/quic _______________________________________________ QUIC mailing list QUIC@ietf.org<mailto:QUIC@ietf.org> https://www.ietf.org/mailman/listinfo/quic
- [QUIC] Draft charter Ted Hardie
- Re: [QUIC] Draft charter Tony Rutkowski
- Re: [QUIC] Draft charter Ted Hardie
- Re: [QUIC] Draft charter Tony Rutkowski
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Eric Rescorla
- Re: [QUIC] Draft charter Ted Hardie
- Re: [QUIC] Draft charter Tony Rutkowski
- Re: [QUIC] Draft charter Salz, Rich
- Re: [QUIC] Draft charter Tony Rutkowski
- Re: [QUIC] Draft charter Salz, Rich
- Re: [QUIC] Draft charter Tony Rutkowski
- Re: [QUIC] Draft charter Salz, Rich
- Re: [QUIC] Draft charter Ted Hardie
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Tony Rutkowski
- Re: [QUIC] Draft charter Yoav Nir
- Re: [QUIC] Draft charter Eggert, Lars
- Re: [QUIC] Draft charter Ted Hardie
- Re: [QUIC] Draft charter Martin Thomson
- Re: [QUIC] Draft charter Yoav Nir
- Re: [QUIC] Draft charter Salvatore Loreto
- Re: [QUIC] Draft charter Christian Huitema
- Re: [QUIC] Draft charter Eric Rescorla
- Re: [QUIC] Draft charter Martin Thomson
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Mark Nottingham
- Re: [QUIC] Draft charter Salvatore Loreto
- Re: [QUIC] Draft charter Michael Tuexen
- Re: [QUIC] Draft charter Maxim Proshin [GMAIL]
- Re: [QUIC] Draft charter Martin Thomson
- Re: [QUIC] Draft charter Yoav Nir
- Re: [QUIC] Draft charter Martin Thomson
- Re: [QUIC] Draft charter Yoav Nir
- Re: [QUIC] Draft charter Michael Thornburgh
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Erik Nygren
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Mark Nottingham
- Re: [QUIC] Draft charter Christian Huitema
- Re: [QUIC] Draft charter Scharf, Michael (Nokia - DE)
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Olivier Bonaventure
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Mark Nottingham
- Re: [QUIC] Draft charter Jana Iyengar
- Re: [QUIC] Draft charter Christian Huitema
- Re: [QUIC] Draft charter Jana Iyengar
- [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Ryan Hamilton
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Christian Huitema
- Re: [QUIC] QUIC privacy impact Göran Eriksson AP
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Brian Trammell
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Kyle Rose
- Re: [QUIC] QUIC privacy impact Mark Nottingham
- Re: [QUIC] QUIC privacy impact Olivier Bonaventure
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Tony Rutkowski
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Salz, Rich
- Re: [QUIC] QUIC privacy impact Mark Nottingham
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Christian Huitema
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Yoav Nir
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Göran Eriksson AP
- Re: [QUIC] QUIC privacy impact Martin Thomson
- Re: [QUIC] QUIC privacy impact Scharf, Michael (Nokia - DE)
- Re: [QUIC] QUIC privacy impact Erik Nygren
- Re: [QUIC] QUIC privacy impact Göran Eriksson AP
- Re: [QUIC] QUIC privacy impact Göran Eriksson AP
- Re: [QUIC] QUIC privacy impact Martin Thomson
- Re: [QUIC] QUIC privacy impact Olivier Bonaventure
- Re: [QUIC] QUIC privacy impact Christian Huitema
- Re: [QUIC] QUIC privacy impact Kyle Rose
- Re: [QUIC] QUIC privacy impact Mark Nottingham
- Re: [QUIC] QUIC privacy impact Jana Iyengar
- Re: [QUIC] Draft charter Jim Roskind
- Re: [QUIC] Draft charter Ted Hardie
- Re: [QUIC] Draft charter Tim Wicinski
- Re: [QUIC] Draft charter Christian Huitema
- Re: [QUIC] Draft charter Mark Nottingham
- Re: [QUIC] Draft charter Jana Iyengar