Re: A question about user tracking with QUIC
Robin MARX <robin.marx@uhasselt.be> Mon, 07 June 2021 12:47 UTC
Return-Path: <robin.marx@uhasselt.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 967C53A13F8 for <quic@ietfa.amsl.com>; Mon, 7 Jun 2021 05:47:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=uhasselt.be
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OXHZSQ5DF3tS for <quic@ietfa.amsl.com>; Mon, 7 Jun 2021 05:47:00 -0700 (PDT)
Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com [IPv6:2a00:1450:4864:20::331]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51E1F3A1409 for <quic@ietf.org>; Mon, 7 Jun 2021 05:47:00 -0700 (PDT)
Received: by mail-wm1-x331.google.com with SMTP id k5-20020a05600c1c85b02901affeec3ef8so2248513wms.0 for <quic@ietf.org>; Mon, 07 Jun 2021 05:46:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uhasselt.be; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SgEuH4dOvmWmYQQSBApJbQRjZ4043rJ365qbQi5v6uE=; b=nNQ1MUCloLUtw4sOaR3FJqH5wT2QGnhKorOmfHTAu7cOPw8kyD8e20RSD+xda0z/Cp Oy0pV2OUocPLlfgW5gibaZBTeeindXOp7LKkW6eCqdvE2V7MmviCf8HX2Y5SzvrzIqGJ hdg/MkltdAckn1vX5T9opn+RdeAfAyhZmWofA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SgEuH4dOvmWmYQQSBApJbQRjZ4043rJ365qbQi5v6uE=; b=n0Iw9mf9fizhDBBFJ8YOU2co8Ms/Zr4DrPtq4nbiUmSWVzxn2jQ/gpEw+DcK4USzzU M72Mo+W8tWq0KQ/KMXV1pltHM6kkvZCqQGJqKYbgc5tuizWXXPhV4kD3nCiciE+GTClo 5VEUCNBlvAjsQjPUB5E8MykoeF7rj/kgHke4HIQJyu084GFgL5W5U68vfMTCm3Q2q+pq 5So5CQTcZzysyHHmNFo1rzytYC79VhpWZMYrSjhn1/eXnbgMp4EjTmh11manSm2hEvW3 guR+fBsxFyigqBP1lTuKyvloV2aHb2MchqCb673/YhPXwoa/Kxk+WwcJ/0ZG71ayg81G xuvw==
X-Gm-Message-State: AOAM530WbCMdqO6vEDplSbpGSwlrkAc4jMQbPKCJKGfyTuW7+ZFHWo46 24f/YjiHz5EO7Np9bZXMkgi7bzApkkcGrHZlm2jIkOdmFU6rEw==
X-Google-Smtp-Source: ABdhPJzlUl48enfITdN4I0RUekE7bKU2gyhCwZ2zU2DEYsWy+mwYId2ZorC5OEsnBb4iQQpjyzttL0y+0yowatKbhzg=
X-Received: by 2002:a1c:2985:: with SMTP id p127mr16795888wmp.165.1623070016705; Mon, 07 Jun 2021 05:46:56 -0700 (PDT)
MIME-Version: 1.0
References: <20210607123854.GA16312@nic.fr>
In-Reply-To: <20210607123854.GA16312@nic.fr>
From: Robin MARX <robin.marx@uhasselt.be>
Date: Mon, 07 Jun 2021 14:46:32 +0200
Message-ID: <CAC7UV9bkqOeCgDsCH+Hdq0v=zmRKNNDtpfiq6Ap_vzm5zUzGVg@mail.gmail.com>
Subject: Re: A question about user tracking with QUIC
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Cc: IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000caa2bc05c42c6fc4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/1Lciv9nE4AfP6-vnvwi8wdLg0-8>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 12:47:06 -0000
Hello Stephane, Could you give more (technical) details why you feel long-lived QUIC connections can allow user tracking, and specifically in the IP-switching case? For an on-path attacker observing encrypted QUIC (at one vantage point), they shouldn't be able to (easily) correlate migrated QUIC connections as the Connection IDs change during (active) migration. For an attacker with access to the decrypted payloads, I'm not sure how QUIC differs from TCP or H3 differs from H2 in your view? With best regards, Robin On Mon, 7 Jun 2021 at 14:39, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote: > I was thinking about the privacy risks of QUIC and there is one where > I'm not sure what to think of it, and for which I cannot find any > discussion in the archives of the WG. > > Long-term QUIC connections may enable some user tracking, even when > the user changes its IP address, without even needing HTTP cookies or > things like that. > > I am not sure it is a real problem in practice because it's not new > (HTTP/2 offered similar possibilities), there are many other ways to > track users (HTTP cookies, browser fingerprinting, Google Analytics), > and they even work cross-servers. But it can be a problem for > privacy-oriented technologies (QUIC cannot currently work over Tor but > may be in the future?) > > I do not find discussions about that. Was it considered? (If so, you > are welcome to reply "Search with mailarchive yourself" but I prefer > if it comes with URLs and/or approximate datetimes.) Is it, for > instance, a good idea to advise privacy-oriented clients to always > shut down QUIC connections when IP address changes? > > > > > > -- dr. Robin Marx Postdoc researcher - Web protocols Expertise centre for Digital Media *Cellphone *+32(0)497 72 86 94 www.uhasselt.be Universiteit Hasselt - Campus Diepenbeek Agoralaan Gebouw D - B-3590 Diepenbeek Kantoor EDM-2.05
- Re: A question about user tracking with QUIC Robin MARX
- A question about user tracking with QUIC Stephane Bortzmeyer
- Re: A question about user tracking with QUIC Lucas Pardue
- Re: A question about user tracking with QUIC Stephane Bortzmeyer
- Re: A question about user tracking with QUIC Stephane Bortzmeyer
- Re: A question about user tracking with QUIC Mikkel Fahnøe Jørgensen
- Re: A question about user tracking with QUIC Stephane Bortzmeyer
- Re: A question about user tracking with QUIC Mikkel Fahnøe Jørgensen
- Re: A question about user tracking with QUIC Mikkel Fahnøe Jørgensen
- Re: A question about user tracking with QUIC Christian Huitema
- Re: A question about user tracking with QUIC Stephane Bortzmeyer
- Re: A question about user tracking with QUIC Stephane Bortzmeyer
- Re: A question about user tracking with QUIC Stephane Bortzmeyer
- Re: A question about user tracking with QUIC Töma Gavrichenkov
- Re: A question about user tracking with QUIC Roy T. Fielding
- Re: A question about user tracking with QUIC Lucas Pardue
- Re: A question about user tracking with QUIC Spencer Dawkins at IETF
- Re: A question about user tracking with QUIC Christian Huitema
- Re: A question about user tracking with QUIC Lucas Pardue
- Re: A question about user tracking with QUIC Spencer Dawkins at IETF
- Re: A question about user tracking with QUIC Christian Huitema
- IETF hosting vs. Github Stephane Bortzmeyer
- Re: IETF hosting vs. Github Willy Tarreau
- Re: IETF hosting vs. Github Lars Eggert
- Re: IETF hosting vs. Github Willy Tarreau
- Re: A question about user tracking with QUIC Behcet Sarikaya
- Re: A question about user tracking with QUIC Roberto Peon
- Re: A question about user tracking with QUIC Mirja Kuehlewind
- Re: A question about user tracking with QUIC Mirja Kuehlewind