hi, David, > On 29 Nov 2017, at 08:52, Black, David <[email protected]> wrote: > > > (On first glance, the - user - privacy aspects here seem to be much more > > contained, since ECN is mostly about the network exposing information to > > the end systems, and not vice versa.) > > That sounds like the right high-level summary. The fact that a transport > protocol implementation supports ECN does not intrinsically expose any > information about the user to the network. The primary information flow is > congestion information flowing from the network to the endpoints.
There are three possible states for an ECN negotiation: not attempted, failed, and succeeded. Each of these can add a fractional bit of information about the client and server TCP implementations. If a server negotiates ECN, you can be reasonably certain that it supports ECN, and can leverage the observations that sysadmins love defaults and servers are mostly Linux these days to figure out whether it's running a kernel before or after server side defaults were turned on. Long-term observation of the ECN negotiation attempts of a client can be used to determine if the client is using probabilistic negotiation by default; i.e. is an Apple device of a certain vintage. These are fractional bits of fingerprinting information, though, if that. I'm almost certain (but won't take the time to do the research now) that any of these observations would be useless. Anyone in a position to make them could also get much more information about the behavior of the TCP stacks at each end, such that the ECN bits add negligible information. cf. p0f, if that's still a thing. Cheers, B > > Thanks, --David > > From: tsv-area [mailto:[email protected]] On Behalf Of Eggert, Lars > Sent: Monday, November 27, 2017 3:12 AM > To: MORTON, ALFRED C (AL) <[email protected]> > Cc: QUIC WG <[email protected]>; [email protected] > Subject: Re: Spin bit discussion - where we're at > > Hi, > > On 2017-11-26, at 20:26, MORTON, ALFRED C (AL) <[email protected]> wrote: > > Question: Is there a privacy analysis of present ECN available? > (a search yielded many results with Missing: privacy) > > not that I'm aware of; CC'ing tsv-area@ for some broader input. > > (On first glance, the - user - privacy aspects here seem to be much more > contained, since ECN is mostly about the network exposing information to the > end systems, and not vice versa.) > > Lars
signature.asc
Description: Message signed with OpenPGP
