Hi Thomas, yes, you are right, no need to discuss general mechanism that apply to this doc as well as other similar mechanisms. Sorry also for actually be unclear about my concerns. My actual point is that I of course need to transfer private data (email address) but I did not see anything about encryption of this communication in the doc. (This is not about anonymity but I’ve expended to find something about encryption in the privacy section.) After a second look now, I still didn’t find anything... did I miss it?
Also, this is nit-picking, but in general saying "Methods of providing anonymity or deploying pseudonyms exist, but are beyond the scope of this document.“ seems not super helpful because it does not give any hint where someone, who’d like to apply these kind of methods, would find any further information. But I agree talking about the methods itself is out of scope. Mirja > Am 20.04.2016 um 12:09 schrieb Thomas C. Schmidt <[email protected]>: > > Hi Mirja, > > actually, I'm a bit confused about this discussion. There is plenty of work > out in the wild about P2P anonymity and pseudonym services ... TOR being one > prominent example. However, if I'm not mistaken, no IETF standard exists in > this area so that we cannot pointer to a standard solution. > > A discussion of the general state of the art in this field feels well beyond > the scope of the document: This security subsection shall only make people > aware of this privacy aspect. It is not meant to server as a general purpose > guidance on privacy in P2P networks. ;) > > Cheers, > Thomas > > On 20.04.2016 11:52, Mirja Kuehlewind (IETF) wrote: >> Hi Thomas, >> >> that’s slightly better. However, I would rather like to see a reference to a >> solution or a discuss of potential solution. If there is no solution, this >> should be stated clearly (as a warning). >> >> Mirja >> >> >>> Am 17.04.2016 um 19:11 schrieb Thomas C. Schmidt <[email protected]>: >>> >>> Hi Mirja, >>> >>> o.k., the text is a bit sloppy. What it probably should say is that >>> anonymity measures are not considered here. >>> >>> A proposed re-write could be: >>> >>> 8.2.4. Privacy Issues >>> >>> All RELOAD SIP registration data is visible to all nodes in the >>> overlay. Location privacy can be gained from using >>> anonymous GRUUs. Methods of providing anonymity or deploying >>> pseudonyms exist, but are beyond the scope of this document. >>> >>> Would you agree on that? >>> >>> Thomas >>> >>> On 15.04.2016 22:56, Mirja Kuehlewind wrote: >>>> Mirja Kühlewind has entered the following ballot position for >>>> draft-ietf-p2psip-sip-18: No Objection >>>> >>>> When responding, please keep the subject line intact and reply to all >>>> email addresses included in the To and CC lines. (Feel free to cut this >>>> introductory paragraph, however.) >>>> >>>> >>>> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >>>> for more information about IESG DISCUSS and COMMENT positions. >>>> >>>> >>>> The document, along with other ballot positions, can be found here: >>>> https://datatracker.ietf.org/doc/draft-ietf-p2psip-sip/ >>>> >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> COMMENT: >>>> ---------------------------------------------------------------------- >>>> >>>> The privacy issues text in the security consideration section sounds not >>>> very convincing: >>>> >>>> 8.2.4. Privacy Issues >>>> >>>> All RELOAD SIP registration data is visible to all nodes in the >>>> overlay. Methods of providing location and identity privacy are >>>> still being studied. Location privacy can be gained from using >>>> anonymous GRUUs. >>>> >>>> Can you give more details or a reference regarding the methods that are >>>> still under study? >>>> >>> >>> -- >>> >>> Prof. Dr. Thomas C. Schmidt >>> ° Hamburg University of Applied Sciences Berliner Tor 7 ° >>> ° Dept. Informatik, Internet Technologies Group 20099 Hamburg, Germany ° >>> ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° >>> ° http://www.informatik.haw-hamburg.de/~schmidt Fax: +49-40-42875-8409 ° >>> > > -- > > Prof. Dr. Thomas C. Schmidt > ° Hamburg University of Applied Sciences Berliner Tor 7 ° > ° Dept. Informatik, Internet Technologies Group 20099 Hamburg, Germany ° > ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° > ° http://www.informatik.haw-hamburg.de/~schmidt Fax: +49-40-42875-8409 ° _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
