There's also a second aspect of "identifiability" relating to "traffic analysis" that I think may not be well-developed, and perhaps there's a better term for the concept. Can a given packet or flow of packets intercepted by an intermediary be examined to tell the intermediary what kind of traffic is present, or even what protocol is being used? One might consider this as part of "traffic analysis", but it might be useful to give specific guidance beyond "use TOR."
For example, does the protocol used a fixed token at a fixed offset within the packet (such as a protocol number) to indicate the protocol of the packet? Does it use constant data packet sizes and timing that indicate a real-time flow as opposed to a file transfer? One might consider this "unlink ability at the packet level", but I suspect it's subtly different from the primary usage of unlink ability. Another undeveloped concept is how does the protocol in question contribute to the privacy of other protocols simply by being used. For example, if we have lots of different protocols that have similar entropy levels and lack distinguishing marks, it's harder for an intermediary to guess which type a particular packet is. We're also missing the concept of entropy (for which "more" is generally "better", from a privacy perspective) from the whole discussion. _______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
