On 8/1/2014 2:11 PM, Nico Williams wrote:
+1. Above all: integrity protection for the entire pair of data octet streams.
Required as an option, if not alway: confidentiality protection (encryption).
AFAICT, this is backwards.
The data stream needs to be confidential if we're focusing on anti-tracking.
Integrity protection is relevant only if we think info will be injected
that will be used for tracking. Do we? (I don't).
Authentication is relevant to ensure we know who we're being
confidential with. Any solution that allows MITM allows tracking - the
tracker can trivially serve as the MITM.
AFAICT, no solution we have yet addresses the real problem if we believe
the charter.
Joe
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
