Hi Mirja,
actually, I'm a bit confused about this discussion. There is plenty of
work out in the wild about P2P anonymity and pseudonym services ... TOR
being one prominent example. However, if I'm not mistaken, no IETF
standard exists in this area so that we cannot pointer to a standard
solution.
A discussion of the general state of the art in this field feels well
beyond the scope of the document: This security subsection shall only
make people aware of this privacy aspect. It is not meant to server as a
general purpose guidance on privacy in P2P networks. ;)
Cheers,
Thomas
On 20.04.2016 11:52, Mirja Kuehlewind (IETF) wrote:
Hi Thomas,
that’s slightly better. However, I would rather like to see a reference to a
solution or a discuss of potential solution. If there is no solution, this
should be stated clearly (as a warning).
Mirja
Am 17.04.2016 um 19:11 schrieb Thomas C. Schmidt <[email protected]>:
Hi Mirja,
o.k., the text is a bit sloppy. What it probably should say is that anonymity
measures are not considered here.
A proposed re-write could be:
8.2.4. Privacy Issues
All RELOAD SIP registration data is visible to all nodes in the
overlay. Location privacy can be gained from using
anonymous GRUUs. Methods of providing anonymity or deploying
pseudonyms exist, but are beyond the scope of this document.
Would you agree on that?
Thomas
On 15.04.2016 22:56, Mirja Kuehlewind wrote:
Mirja Kühlewind has entered the following ballot position for
draft-ietf-p2psip-sip-18: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-p2psip-sip/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
The privacy issues text in the security consideration section sounds not
very convincing:
8.2.4. Privacy Issues
All RELOAD SIP registration data is visible to all nodes in the
overlay. Methods of providing location and identity privacy are
still being studied. Location privacy can be gained from using
anonymous GRUUs.
Can you give more details or a reference regarding the methods that are
still under study?
--
Prof. Dr. Thomas C. Schmidt
° Hamburg University of Applied Sciences Berliner Tor 7 °
° Dept. Informatik, Internet Technologies Group 20099 Hamburg, Germany °
° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 °
° http://www.informatik.haw-hamburg.de/~schmidt Fax: +49-40-42875-8409 °
--
Prof. Dr. Thomas C. Schmidt
° Hamburg University of Applied Sciences Berliner Tor 7 °
° Dept. Informatik, Internet Technologies Group 20099 Hamburg, Germany °
° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 °
° http://www.informatik.haw-hamburg.de/~schmidt Fax: +49-40-42875-8409 °
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
