Re: [regext] Ideas to address the privacy implication of reverse search draft
Mario Loffredo <mario.loffredo@iit.cnr.it> Fri, 04 December 2020 09:27 UTC
Return-Path: <mario.loffredo@iit.cnr.it>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E3173A121D for <regext@ietfa.amsl.com>; Fri, 4 Dec 2020 01:27:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IfNXFKKMnWXa for <regext@ietfa.amsl.com>; Fri, 4 Dec 2020 01:27:42 -0800 (PST)
Received: from smtp.iit.cnr.it (mx5.iit.cnr.it [146.48.98.152]) by ietfa.amsl.com (Postfix) with ESMTP id E83B23A11C3 for <regext@ietf.org>; Fri, 4 Dec 2020 01:27:41 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by smtp.iit.cnr.it (Postfix) with ESMTP id 01CBCC02EB; Fri, 4 Dec 2020 10:27:40 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at mx5.iit.cnr.it
Received: from smtp.iit.cnr.it ([127.0.0.1]) by localhost (mx5.iit.cnr.it [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Wjl-eVBOtpf; Fri, 4 Dec 2020 10:27:35 +0100 (CET)
Received: from [192.12.193.108] (pc-loffredo.nic.it [192.12.193.108]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by smtp.iit.cnr.it (Postfix) with ESMTPSA id 07381C00E9; Fri, 4 Dec 2020 10:27:35 +0100 (CET)
From: Mario Loffredo <mario.loffredo@iit.cnr.it>
To: Ali Hussain <ali.hussain@siswa.um.edu.my>, regext@ietf.org
References: <CAFwa7wesYFhA7hQMAWNBy_SRWPn6WzggLHAiC1ZtpDvK+=yeRQ@mail.gmail.com>
Message-ID: <d6aefd59-9fc9-5beb-39d1-6f440acace8f@iit.cnr.it>
Date: Fri, 04 Dec 2020 10:24:01 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0
MIME-Version: 1.0
In-Reply-To: <CAFwa7wesYFhA7hQMAWNBy_SRWPn6WzggLHAiC1ZtpDvK+=yeRQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------A9D7F470D3B0498983481A43"
Content-Language: it
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/6P23QORXsTHhrEwaxEMonJ48qZs>
Subject: Re: [regext] Ideas to address the privacy implication of reverse search draft
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Dec 2020 09:27:45 -0000
Hi Ali, thanks a lot for your interest. Obviously, I'm willing to collaborate with anyone who plans to implement the reverse-search capability and I'm open to any idea that can contribute to make the proposal more comprehensive. I'm also available to give my humble contribution to harmonize the reverse-search specification with the concepts described in the hrpc draft. That being said, if I interpreted your idea correctly, you are proposing an operation model where the capability is open to everyone but the access to possible sensitive response data are reserved only to authenticated users, right? If so, I have a couple of comments: - The RDAP servers are already engaged in tailoring their responses on different user profiles due to GDPR. Sensitive data redaction is usually achieved through a combination of practices like not returning optional sensitive data, replacing the value of mandatory sensitive data (like jCard "fn" for individuals), publishing only those sensitive data which the owner has previously given the explicit consent for. So which additional issues should your proposal address? - In the case of a reverse-search, what must be allowed to authenticated users is not the access to the data returned by the capability but rather the capability itself. Of course, the reverse search is not the only query capability that can be controlled. For example, at .it we don't permit everyone to submit a generic search query. This can be done either through the well-known HTTP authentication methods as described in RFC7480 or by applying a federated authentication to RDAP as defined by Scott's rdap-openid extension. To make an ad-hoc access control easy to implement, the reverse-search draft introduces the specific "/reverse" path and lets servers furtherly regulate the access on a per-entiy-role basis. Definitively, maybe I'm missing something but do we really need anything other than what already exists? Best, Mario Il 04/12/2020 01:47, Ali Hussain ha scritto: > Hi All, > > It wa interesting to see the interest during REGEXT IETF 109 > meeting call to address the the privacy aspects of draft > (draft-ietf-regext-rdap-reverse-search). > So far my idea to improve the reverse search to first make the JSON > object for the required level of privacy critical data. Based on the > tag the partial response suppresses the privacy part of responses by > encoding and in order to decode it, it must present an identity to > federated access control. > I am also reviewing the hrpc draft to bring some valuable input form > their guidance. > Please let me know what you think and is anyone else interested to > work on this? > Thanks, > Regards, > Ali Hussain > > _______________________________________________ > regext mailing list > regext@ietf.org > https://www.ietf.org/mailman/listinfo/regext -- Dr. Mario Loffredo Technological Unit “Digital Innovation” Institute of Informatics and Telematics (IIT) National Research Council (CNR) via G. Moruzzi 1, I-56124 PISA, Italy Phone: +39.0503153497 Web:http://www.iit.cnr.it/mario.loffredo
- [regext] Ideas to address the privacy implication… Ali Hussain
- Re: [regext] Ideas to address the privacy implica… Mario Loffredo
- [regext] Fwd: Ideas to address the privacy implic… Mario Loffredo
- [regext] Fwd: Ideas to address the privacy implic… Mario Loffredo