I agree that the discussions in this draft and rfc6269 at least imply
that potential solutions would provide a host identifier of some sort.
However, this draft does not in fact propose any such solution, and
instead clearly references rfc6967, which includes a discussion of the
privacy implications of host identification. In particular, that
document states:
HOST_ID specification document(s) should explain the privacy impact
of the solutions they specify, including the extent of HOST_ID
uniqueness and persistence, assumptions made about the lifetime of
the HOST_ID, whether and how the HOST_ID can be obfuscated or
recycled, whether location information can be exposed, and the impact
of the use of the HOST_ID on device or implementation fingerprinting.
[IAB-PRIVACY] provides further guidance.
Considering the fact that there is already a separate solution analysis
rfc that discusses privacy considerations and provides the above
guidance for authors of solution drafts, what are you suggesting for the
use cases draft?
Thanks,
--Brandon
On 06/09/2014 10:01 AM, Stephen Farrell wrote:
On 09/06/14 14:46, Brandon Williams wrote:
Would you please indicate where the draft proposes a new identifier? If
you are seeing a proposal for protocol changes somewhere in the draft,
editing work is required in order to either clarify or excise the
associated text.
Fair enough that its an assumption of mine that adding some kind of
identifier is required to meet the (no-longer mis-stated:-)
requirements for these use-cases. But I think that is logically
required, and its valid to draw obvious conclusions and its also
invalid to ignore obvious conclusions.
S.
--
Brandon Williams; Senior Principal Software Engineer
Emerging Products Engineering; Akamai Technologies Inc.
_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area
