Re: Privacy considerations of trace logging (was Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt)

Roberto Peon <fenix@fb.com> Sun, 15 August 2021 17:53 UTC

From: Roberto Peon <fenix@fb.com>
To: Lucas Pardue <lucaspardue.24.7@gmail.com>, Kazuho Oku <kazuhooku@gmail.com>
CC: Jana Iyengar <jri.ietf@gmail.com>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>, Robin MARX <robin.marx=40uhasselt.be@dmarc.ietf.org>
Subject: Re: Privacy considerations of trace logging (was Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt)
Thread-Topic: Privacy considerations of trace logging (was Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt)
Thread-Index: AQHXkWkY2UVe8SL/OkaMP/gE+p8Nd6t0RXQAgABj7gD//7sqAA==
Date: Sun, 15 Aug 2021 17:52:49 +0000
Message-ID: <443D321B-D492-4136-B3B0-561502415AE7@fb.com>
References: <162883401993.25302.7275724432785172464@ietfa.amsl.com> <CANatvzxWrg+rciDpOZqsnDWq_oW_cr-Do2SjUzGgPy_vyAUs=Q@mail.gmail.com> <CAC7UV9aVnrUfvLuMB6dFSqiVzyr5PNF_xc+nRiZve35R3xqyrw@mail.gmail.com> <CALGR9oYLwgCEbLf_FWrOCPw0LNkFtX=4t5=d1M-j-jxQ+b0A0g@mail.gmail.com> <CANatvzzj4gDU3LEUEGUgm=u0XVYeFTPRsC-h8YuXOpdCaZ61iQ@mail.gmail.com> <CALGR9oayQfnUaazkPfhsPZpekkPga9zfeTy_4kMT37u=Tfu2gQ@mail.gmail.com>
In-Reply-To: <CALGR9oayQfnUaazkPfhsPZpekkPga9zfeTy_4kMT37u=Tfu2gQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/16.51.21071101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: QOwlqOicFjVWGtzfIInR0QRTpPoOnPCnAcjJK/e56lkaHVQeANuzKJttiumQ2Dnt4IroZFp1f61sXbQZGpLDpXLJ/nq16gnaY66R539NPj2vzHGB6mpxr0mpaS0NicIBRWGVtV0emSfQYBwS1b+MtkXWuGXhF5clrCu4hdo7cJ5UxPXtt8XwBqU8rd8Mi9gOqpLhbTh9wMH6NdN7BpasVybVeeWqOEJ+XhckXatQpNtBjBDsr1cLaMuKuxwiKNy2IeIA5Fj07905S/hfMklnkR3Ehus7IleE+3iQJ5YVjPhGcuK2Qg4eK4lAQzmkqzHbnlilRQxa6lz9+EU3cirFQqEQEa+ZJMmHnpIufQEeAM06fyUn3tDduICNidAJG3VPJHvcgxsAVk7GG+GP0rn5nKdfFGNOa2+HnrFWjnjyPhDKt3ICS5YuRl327jzfTswVnghrY3TipBo8l3vXniy1CvyFiWciKl/9ey22jekedUq9NVEk/CAScJ4PDsfRykZU/i1n80EcS7ROcVVQEgvno4vteGfXqWg8jq2pKMtqy3K3WNdoQycIX1BxjyihH4kT8ra/VmOIcpO3b+9GAU24xL42PYqnXtD8oUeNP7KaOweMVXBZNBICdDDJseX8BaZ0WBUICJHNylo5G8Dx5EE041Zfs7FEc2XUi4xgiC0KSIrVwbGSvJOvMm/W+ocf5M4Cruv34KumfFxEUWWW/dCtt/9RpfyjxQpfVz2CWsT+l80yXmbwPKJoyK8it2KNfkU/62CHK3G9vcHIOBty84wc46sZFVZ8pxpUvQDKj6O56SnlZi9dKwTzhRuvu7lrj+g43PqlmBAZNPY3WjIh0RxmeV7Jjx+DXDTkAiMYggkPcGxIolMVEE1tJGcN79gnTy1PHK0PqwIJthIGS1+tyUTKAEC/hwXZUQgMi+xXgU8QWd27xeLuxLwD07DZULMyX2I5FAO3s8PIWp1OFX6+gG85ImbV/QWpguiCBYuEzb3UHTk1rfKg8aaD15wWtgsOLxIXXMAumS+cibOG2t9dF/F7WaB0TFdUQjDqYWih2/+6Hj0oZpkbFcmIufRrQ5tbuGBzlyGvxN28Ip5RdouxPCKBGQXAR57MHgbB/e1QcBJOvMqf1cvsLYibJzx41XHS8ze8qshPnGIwqB48UZO0+igyDXm01ZQIkqjblOYxFoa6/HOiU28BlCYJqbZLU3Fe6vkih7blyvF9e+aLQjGz2CwFUgX+WhCsNTVJxHppB00H3sXTo04Jx9EDTQQz/YKNkaqLgWz75pWOjJ3k81ubKatBndFh/8xEvWW/Y5F59oDTFvnwsf9Iafeo3N/1uok1TAs9
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_443D321BD4924136B3B0561502415AE7fbcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR15MB2681.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 743020b8-4d1c-4a61-0666-08d960157f31
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Aug 2021 17:52:49.2635 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: DEuy0ViVJgVHJHn/1uSA1PTrK/vg9KlSE3/XQPrA+inNv7NHo8DuFQYQRznOIjEz
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR15MB1513
X-OriginatorOrg: fb.com
X-Proofpoint-GUID: UGuFbtIhOvIuQXUAf5Fyj9Jm0ThW7CAc
X-Proofpoint-ORIG-GUID: UGuFbtIhOvIuQXUAf5Fyj9Jm0ThW7CAc
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-08-15_06:2021-08-13, 2021-08-15 signatures=0
X-Proofpoint-Spam-Details: rule=fb_default_notspam policy=fb_default score=0 adultscore=0 mlxscore=0 clxscore=1011 priorityscore=1501 lowpriorityscore=0 phishscore=0 bulkscore=0 suspectscore=0 impostorscore=0 mlxlogscore=976 spamscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2107140000 definitions=main-2108150123
X-FB-Internal: deliver
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/dklL43see__ylcu0zV2UZe6Bxrg>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Aug 2021 17:53:00 -0000

Let’s disregard my reply in the other thread, and discuss here instead..

Side-channel attacks should be on the docket for discussion too.
Trace-data seems ripe for abuse if we don’t carefully game out where it can be used to answer an attacker’s hypothesis…
-=R

From: QUIC <quic-bounces@ietf.org> on behalf of Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Sunday, August 15, 2021 at 8:00 AM
To: Kazuho Oku <kazuhooku@gmail.com>
Cc: Jana Iyengar <jri.ietf@gmail.com>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>, Robin MARX <robin.marx=40uhasselt.be@dmarc.ietf.org>
Subject: Re: Privacy considerations of trace logging (was Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt)

Agree with all your points Kazuho. This topic probably extends to toxic telemetry more broadly, which is a mighty task. In the short term establishing some common criteria had value for implementions and deployments.

Cheers
Lucas

Fwd: New Version Notification for draft-kazuho-ht… Kazuho Oku
Re: New Version Notification for draft-kazuho-htt… Robin MARX
Re: New Version Notification for draft-kazuho-htt… Matt Joras
Re: New Version Notification for draft-kazuho-htt… Jana Iyengar
Re: New Version Notification for draft-kazuho-htt… Jana Iyengar
Re: New Version Notification for draft-kazuho-htt… Mark Nottingham
Privacy considerations of trace logging (was Re: … Lucas Pardue
Re: New Version Notification for draft-kazuho-htt… Spencer Dawkins at IETF
Re: New Version Notification for draft-kazuho-htt… Kazuho Oku
Re: New Version Notification for draft-kazuho-htt… Ryan Sleevi
Re: Privacy considerations of trace logging (was … Kazuho Oku
Re: Privacy considerations of trace logging (was … Lucas Pardue
Re: New Version Notification for draft-kazuho-htt… Roberto Peon
Re: New Version Notification for draft-kazuho-htt… Roberto Peon
Re: Privacy considerations of trace logging (was … Roberto Peon