Re: Privacy considerations of trace logging (was Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt)

Roberto Peon <fenix@fb.com> Sun, 15 August 2021 17:53 UTC

Return-Path: <prvs=78610dabaa=fenix@fb.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 046E03A1E2F for <quic@ietfa.amsl.com>; Sun, 15 Aug 2021 10:53:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.548
X-Spam-Level:
X-Spam-Status: No, score=-2.548 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id STlH-JZ8Z9vt for <quic@ietfa.amsl.com>; Sun, 15 Aug 2021 10:52:55 -0700 (PDT)
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4062F3A1E2C for <quic@ietf.org>; Sun, 15 Aug 2021 10:52:55 -0700 (PDT)
Received: from pps.filterd (m0109333.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17FHpvNs009793; Sun, 15 Aug 2021 10:52:52 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=facebook; bh=4O6WciT0oTHkHJ3rr1gQW8eW4PhZ04xTGZchVEyIv8I=; b=LhbEIdlSav8X4ikLHdl1+zitgDOe7FYAX4WRlnEIoL/k8j1gZV0Dy7WBLgWmH7u0GYw/ OZ+N9vU5lti8KiW4/HrV8Jy4o0Oz8asRDhyR+GNr/kyxkrXmZqs93CrYMS1alJ0EAkKt Coi713AmnlmrPowOTC8UD9/z61N2X+VpF7w=
Received: from maileast.thefacebook.com ([163.114.130.16]) by mx0a-00082601.pphosted.com with ESMTP id 3ae9vqdrf7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Sun, 15 Aug 2021 10:52:52 -0700
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (100.104.31.183) by o365-in.thefacebook.com (100.104.35.173) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Sun, 15 Aug 2021 10:52:51 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XZqQbFeqEpX7z/7lLZe6YraKTkACAQGIVu6eiPtYM1mLosSbi94+WrP5bOAOPi5/OoIaQCE9LRc6yzfVaM6gWn5rUo1+nsD5q18LS7O0hEK4pq6FnaqwRa2tlRtez6PXgYdCl+C46rX2bs5f3dtaEQ0gEdrzAlUHekeig7PUIlChCwcDTL9pP2qI8CCrsE6pMV0W5dNNY1xMZxhPng24ptAeas9twNnu1quExLv8k5/pCge/ZJtCfng682d95KPzC/18YFJYwHksCTDOy9jjTHMui8J10c1uMvGLTFIbEjRyN8ksA0B3CQSP1OFpun4JKrnMavRkFfkcC/EQY3oUsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4O6WciT0oTHkHJ3rr1gQW8eW4PhZ04xTGZchVEyIv8I=; b=GYFDT5uZTdoyvQrX9ZM+AIXoZC3CEnO3ILYUJcEANdKeeSvyA7DxSQO8EzheJKWm1CkGZHtF5p0doWJHTh9EDr/TvTMp3njosvGjCVTd+evgL7R55+Y9QzQ+wYgF/0C6bExYgAawfwjeVhTFCwKNaAsey5jEgW037RMe6o/b6yzTtjFq8u74otFA3VGkaIMF2gtulL+RI+TO/p8SD/+KVuqGpw1M5CZ1d9Lzcr23RgFgc3Ttr3l8Z/PG8uVKPDs8/Wa+a+I0WwsmnfcMN6BLx8YKcJ+PLnYmlUsT9PJbzGe8DWMWZbkwhJpv5w+pI9PPhnF/Ts+DQyXuyoqtLYYhWw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=fb.com; dmarc=pass action=none header.from=fb.com; dkim=pass header.d=fb.com; arc=none
Received: from DM6PR15MB2681.namprd15.prod.outlook.com (2603:10b6:5:1aa::28) by DM5PR15MB1513.namprd15.prod.outlook.com (2603:10b6:3:c6::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.21; Sun, 15 Aug 2021 17:52:49 +0000
Received: from DM6PR15MB2681.namprd15.prod.outlook.com ([fe80::b85e:ed20:5de2:9115]) by DM6PR15MB2681.namprd15.prod.outlook.com ([fe80::b85e:ed20:5de2:9115%3]) with mapi id 15.20.4415.022; Sun, 15 Aug 2021 17:52:49 +0000
From: Roberto Peon <fenix@fb.com>
To: Lucas Pardue <lucaspardue.24.7@gmail.com>, Kazuho Oku <kazuhooku@gmail.com>
CC: Jana Iyengar <jri.ietf@gmail.com>, IETF QUIC WG <quic@ietf.org>, "HTTP Working Group" <ietf-http-wg@w3.org>, Robin MARX <robin.marx=40uhasselt.be@dmarc.ietf.org>
Subject: Re: Privacy considerations of trace logging (was Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt)
Thread-Topic: Privacy considerations of trace logging (was Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt)
Thread-Index: AQHXkWkY2UVe8SL/OkaMP/gE+p8Nd6t0RXQAgABj7gD//7sqAA==
Date: Sun, 15 Aug 2021 17:52:49 +0000
Message-ID: <443D321B-D492-4136-B3B0-561502415AE7@fb.com>
References: <162883401993.25302.7275724432785172464@ietfa.amsl.com> <CANatvzxWrg+rciDpOZqsnDWq_oW_cr-Do2SjUzGgPy_vyAUs=Q@mail.gmail.com> <CAC7UV9aVnrUfvLuMB6dFSqiVzyr5PNF_xc+nRiZve35R3xqyrw@mail.gmail.com> <CALGR9oYLwgCEbLf_FWrOCPw0LNkFtX=4t5=d1M-j-jxQ+b0A0g@mail.gmail.com> <CANatvzzj4gDU3LEUEGUgm=u0XVYeFTPRsC-h8YuXOpdCaZ61iQ@mail.gmail.com> <CALGR9oayQfnUaazkPfhsPZpekkPga9zfeTy_4kMT37u=Tfu2gQ@mail.gmail.com>
In-Reply-To: <CALGR9oayQfnUaazkPfhsPZpekkPga9zfeTy_4kMT37u=Tfu2gQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.51.21071101
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=fb.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 743020b8-4d1c-4a61-0666-08d960157f31
x-ms-traffictypediagnostic: DM5PR15MB1513:
x-microsoft-antispam-prvs: <DM5PR15MB1513E52C40D702AD26BC64DDCDFC9@DM5PR15MB1513.namprd15.prod.outlook.com>
x-fb-source: Internal
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: SHfwPtrbXlYWBJRLBkcTry8qskC9FAoSzWp+2shmsCnAGZLLPAVB7Gr2cH9JMsjG1iSubKpv4gEbIuJW6k39GJXzp2woCVaXjeeGERw1Ky2wVt3aU6+nhI0Ddtqj4OcWhJ/H+tKW4RSSuV3X7/aDNg4XLNUJWYt6JNfcSc2SL70Z4NXtpA9mFxgxFaROPnsm8qTlcxAbgDq8frL+ubIZJEiJqDzgyUqj/aIGrRZY55AqAlUxu5AXF2/Vd7OGhPcPt7Roxv68C97mJPsh0N1Geqcu/4MLtdw8C1rRm+tX2qwRWZ2uj7BHYUg3RRs9zUO1E9ITPgl65es7xKs6rkjA/FKWpPTUPdtI6zWBTeHz7Cp1LIo8xdcimV3yTVrYK0n/EkGktc13A1xrCNbcUBxpM2GLc/tfauXk0RVGJYJeo4GmDxVrRLVnpEyxoByHb0dQ9DTIERjTl2YSZe2uk1xiOktPYv6XJxsXp0ccDxDLftG2MdgZQqi8wHvAi8ewulQH5i1rQW/eUOEPI79E/dPkaV7SUlV9BP14b7nvMTRSYQZp79e3wpKrOkf5a61tj96QlRutNz2BNMs8qmJjZqTauD2FC92u6ArUC8Mho6CaoK9BHFKqcEtmTCkLqSKFtVZIrOaLSevQhET7l29AeMROsEKIX+l1ZiBQ5oKC9dIJIkfZctGHITkcWF1Q5VsPPtNiddkDOVrRq9p4QUYeFkdjE7EqzT4nAAIsrEaVNy0KDJccH/O92qFdXkpsekYFEpWV
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR15MB2681.namprd15.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(136003)(39860400002)(396003)(186003)(6506007)(26005)(53546011)(4744005)(36756003)(6512007)(2616005)(6486002)(2906002)(38100700002)(5660300002)(33656002)(66946007)(66556008)(316002)(15650500001)(8936002)(8676002)(110136005)(66476007)(4326008)(64756008)(478600001)(38070700005)(83380400001)(71200400001)(86362001)(76116006)(91956017)(66446008)(122000001)(54906003)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?UU93bHFPaWNGalZXR3R6ZklJblIwUVJUcFBvT25QQ25BY2pKSy9lNTZsa2FI?= =?utf-8?B?VlFlQU51ektKdHRpdW1RMkRudDRJcm9aRnAxZjYxc1hiUVpHcExEcFhMSi9u?= =?utf-8?B?cTE2Z25hWTY2UjUzOU5QajJ2ekhHQjZtcHhyMG1wYVMwTmljSUJSV0dWdFYw?= =?utf-8?B?ZW1TZlFZQndTMWIrTXRrWFd1R1hoRjVjbHJDdTRoZG83Y0o1VXhQWHR0OFh3?= =?utf-8?B?QnFVOHJkOE1pOWdPcXBMaGJUaDl3TUg2TmRON0JwYXNWeWJWZWVXcU9FSitY?= =?utf-8?B?aGNrWGF0UXBOdEJqQkRzcjFjTGFNdUt1eHdpS055MkllSUE1RmowNzkwNVMv?= =?utf-8?B?aGZNa2xua1IzRWh1czdJbGVFKzNpUUo1WVZqUGhHY3VLMlFnNGVLNGxBUXpt?= =?utf-8?B?a3F6SGJubGlsUlF4YTZsejkrRVUzY2lyRlFxRVFFYStaSk1tSG5wSXVmUUVl?= =?utf-8?B?QU0wNmZ5VW4zdERkdUlDTmlkQUpHM1ZQSkh2Y2d4c0FWazdHRytHUDBybjVu?= =?utf-8?B?S2RmRkdOT2EyK0huckZXam5qeVBoREt0M0lDUzVZdVJsMzI3anpmVHN3Vm5n?= =?utf-8?B?aHJZM1RpcEJvOGwzdlhuaXkxQ3Z5RmlXY2lLbC85ZXkyMmpla2VkVXE5TlZF?= =?utf-8?B?ay9DQVNjSjRQRHNmUnlrWlUvaTFuODBFY1M3Uk9jVlZRRWd2bm80dnRlR2ZY?= =?utf-8?B?cVdnOGpxMnBLTXRxeTNLM1dOZG9ReWNJWDFCeGp5aWhINGtUOHJhL1ZtT0lj?= =?utf-8?B?cE8zYis5R0FVMjR4TDQyUFlxblh0RDhvVWVOUDdLYU93ZU1WWEJaTkJJQ2RE?= =?utf-8?B?REpzZVg4QmFaMFdCVUlDSkhOeWxvNUc4RHg1RUUwNDFaZnM3RkVjMlhVaTR4?= =?utf-8?B?Z2lDMEtTSXJWd2JHU3ZKT3ZNbS9XK29jZjVNNENydXYzNEt1bWZGeEVVV1dX?= =?utf-8?B?L2RDdHQvOVJwZnlqeFFwZlZ6MkNXc1QrbDgweVhtYndQS0pveUs4aXQyS05m?= =?utf-8?B?a1UvNjJDSEszRzl2Y0hJT0J0eTg0d2M0NnNaRlZaOHB4cFV2UURLajZPNTZT?= =?utf-8?B?bmxaaTlkS3dUemhSdXZ1N2xyaitnNDNQcWxtQkFaTlBZM1dqSWgwUnhtZVY3?= =?utf-8?B?Smp4K0RYRFRrQWlNWWdna1BjR3hJb2xNVkVFMXRKR2NONzlnblR5MVBISzBQ?= =?utf-8?B?cXdJSnRoSUdTMSt0eVVUS0FFQy9od1haVVFnTWkreFhnVThRV2QyN3hlTHV4?= =?utf-8?B?THdEMDdEWlVMTXlYMkk1RkFPM3M4UElXcDFPRlg2K2dHODVJbWJWL1FXcGd1?= =?utf-8?B?aUNCWXVFemIzVUhUazFyZktnOGFhRDE1d1d0Z3NPTHhJWFhNQXVtUytjaWJP?= =?utf-8?B?RzJ0OWRGL0Y3V2FCMFRGZFVRakRxWVdpaDIvKzZIajBvWnBrYkZjbUl1ZlJy?= =?utf-8?B?UTV0YnVHQnpseUd2eE4yOElwNVJkb3V4UENLQkdRWEFSNTdNSGdiQi9lMVFj?= =?utf-8?B?QkpPdk1xZjFjdnNMWWliSnp4NDFYSFM4emU4cXNoUG5HSXdxQjQ4VVpPMCtp?= =?utf-8?B?Z3lEWG0wMVpRSWtxamJsT1l4Rm9hNi9IT2lVMjhCbENZSnFiWkxVM0ZlNnZr?= =?utf-8?B?aWg3Ymx5dkY5ZSthTFFqR3oyQ3dGVWdYK1doQ3NOVFZKeEhwcEIwMEgzc1hU?= =?utf-8?B?bzA0Sng5RURUUVF6L1lLTmthcUxnV3o3NXBXT2pKM2s4MXViS2F0Qm5kRmgv?= =?utf-8?Q?8xEvWW/Y5F59oDTFvnwsf9Iafeo3N/1uok1TAs9?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_443D321BD4924136B3B0561502415AE7fbcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR15MB2681.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 743020b8-4d1c-4a61-0666-08d960157f31
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Aug 2021 17:52:49.2635 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: DEuy0ViVJgVHJHn/1uSA1PTrK/vg9KlSE3/XQPrA+inNv7NHo8DuFQYQRznOIjEz
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR15MB1513
X-OriginatorOrg: fb.com
X-Proofpoint-GUID: UGuFbtIhOvIuQXUAf5Fyj9Jm0ThW7CAc
X-Proofpoint-ORIG-GUID: UGuFbtIhOvIuQXUAf5Fyj9Jm0ThW7CAc
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-08-15_06:2021-08-13, 2021-08-15 signatures=0
X-Proofpoint-Spam-Details: rule=fb_default_notspam policy=fb_default score=0 adultscore=0 mlxscore=0 clxscore=1011 priorityscore=1501 lowpriorityscore=0 phishscore=0 bulkscore=0 suspectscore=0 impostorscore=0 mlxlogscore=976 spamscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2107140000 definitions=main-2108150123
X-FB-Internal: deliver
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/dklL43see__ylcu0zV2UZe6Bxrg>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Aug 2021 17:53:00 -0000

Let’s disregard my reply in the other thread, and discuss here instead..

Side-channel attacks should be on the docket for discussion too.
Trace-data seems ripe for abuse if we don’t carefully game out where it can be used to answer an attacker’s hypothesis…
-=R

From: QUIC <quic-bounces@ietf.org> on behalf of Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Sunday, August 15, 2021 at 8:00 AM
To: Kazuho Oku <kazuhooku@gmail.com>
Cc: Jana Iyengar <jri.ietf@gmail.com>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>, Robin MARX <robin.marx=40uhasselt.be@dmarc.ietf.org>
Subject: Re: Privacy considerations of trace logging (was Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt)

Agree with all your points Kazuho. This topic probably extends to toxic telemetry more broadly, which is a mighty task. In the short term establishing some common criteria had value for implementions and deployments.

Cheers
Lucas