Re: [Trans] Removing the Preventing Tracking Clients section
Andrew Ayer <agwa@andrewayer.name> Tue, 24 April 2018 16:45 UTC
Return-Path: <agwa@andrewayer.name>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A40F12D960 for <trans@ietfa.amsl.com>; Tue, 24 Apr 2018 09:45:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewayer.name
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0x3p51MVwWNl for <trans@ietfa.amsl.com>; Tue, 24 Apr 2018 09:45:30 -0700 (PDT)
Received: from thompson.beanwood.com (thompson.beanwood.com [IPv6:2600:1f14:a46:c400:6107:163e:4681:134e]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 658A612702E for <trans@ietf.org>; Tue, 24 Apr 2018 09:45:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=andrewayer.name; s=beanwood20160511; t=1524588329; bh=95lCtTGCm+zg7erp2T/hkSkoOWmJlOWoN6rWM5KOX1k=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=LTc4H+HJiMh8K5rUTw+dPKCvbBNO82d/zEyhrESRt2TV0GNtZ/PcjcA389jF3CaI/ fElsdxjsEQ8a+1SqbMzqJoYAHoWo8JSDxRELhbq2nb9lsSH0zLssCTJsIiRQgLGslh cYv4PpDg7AIvDlmwsn2X0iCXlPRT5lM6UY8YJhsaazr+56bfJX/g5wj/QzQaIJ+4zn AXaplbAK4/FBMrIDH4cBbcqfsurJT6Wywh9gj0vX+OF212nOtmGYcBLJ9618b+uBHJ c4jE24rFf3nq+JA1O/IUPq8UqXb0LU1V5IzqlRzR5Rf0+imul42lX9JEFqNe44v4U1 qlLla7x9br+HA==
Date: Tue, 24 Apr 2018 09:43:10 -0700
From: Andrew Ayer <agwa@andrewayer.name>
To: Rob Stradling <Rob@ComodoCA.com>
Cc: "trans@ietf.org" <trans@ietf.org>
Message-Id: <20180424094310.22c8c8c856a3b223becf4b00@andrewayer.name>
In-Reply-To: <433531cf-87c6-f7ff-b476-f2210a681a52@ComodoCA.com>
References: <433531cf-87c6-f7ff-b476-f2210a681a52@ComodoCA.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/xri-ybvv_WK4UtAmFYXTwkfJp0Q>
Subject: Re: [Trans] Removing the Preventing Tracking Clients section
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Apr 2018 16:45:32 -0000
On Fri, 20 Apr 2018 22:13:54 +0100 Rob Stradling <Rob@ComodoCA.com> wrote: > EKR had some concerns about this section > (https://tools.ietf.org/html/draft-ietf-trans-rfc6962-bis-28#section-11.4). > We (the authors) discussed it and concluded that this section > should probably be struck from 6962-bis. > > PR here: > https://github.com/google/certificate-transparency-rfcs/pull/295 > > Anyone have any objections? Yes. Developing a workable gossip solution will require experimentation to get it right. If log artifacts (STHs and SCTs) can act as supercookies, it will limit the type of experimentation that can be done by TLS clients, as clients won't be able to store and transmit artifacts without potentially violating their users' privacy. Al proposes that this section be moved to a gossip doc, but that creates a circular dependency: logs won't implement an unproven, experimental gossip spec, but proving the viability of the spec will only be possible if logs comply with the spec's anti-tracking provisions. We can avoid the circular dependency by leaving this section in 6962-bis. This will allow TLS clients to experiment with different types of gossip without worrying that the log artifacts that they're gossiping might be supercookies. I'd like to better understand EKR's concern with this section, so I can propose better text. But I don't see any inline comments about this section at https://mozphab-ietf.devsvcdev.mozaws.net/D13 (perhaps I'm not using Phabricator correctly?). Regards, Andrew
- [Trans] Removing the Preventing Tracking Clients … Rob Stradling
- Re: [Trans] Removing the Preventing Tracking Clie… Andrew Ayer
- Re: [Trans] Removing the Preventing Tracking Clie… Linus Nordberg
- Re: [Trans] Removing the Preventing Tracking Clie… Tom Ritter