Re: Privacy difficulties in Blind Caching and OOB encoding

Is there a benefit from the encryption support in the protocol, if the
major use cases don't need to worry about what the intermediates see?

Thanks,
Jeffrey

On Thu, Aug 24, 2017 at 3:37 AM, Göran Eriksson AP <
goran.ap.eriksson@ericsson.com> wrote:

>
> >Thanks, it's good to know I didn't miss anything.
>
> Hi Jeffrey,
>
> You did a good work reading through what we¹ve published. Earlier versions
> of some of the documents (never submitted to IETF and only on GitHub) had
> more text about security considerations but were removed- drafts should be
> brief I¹ve learnt, :-)!
>
> I am not sure U¹ve missed it but I would like to mention that the
> ³toolbox² allows for different actors to run the ³blind² cache, or rather,
> secondary server and in the cases where the same actor runs primary and
> secondary server, a kind of ³distributed origin", some of the concerns of
> what the ³blind cache¹, secondary server, sees are not applicable. This
> variant is a favourite of mine, :-).
>
> Another thing we found useful for security and privacy perspective (as
> well as some others) was the control of the request routing OOB provides
> meaning one can select to implement a request router (in primary server or
> client (read SW in browser for instance). This was mentioned in [ERICSSON].
>
> There is another draft FYI I just want to make sure I know about and I did
> not see in your references is
> https://tools.ietf.org/html/draft-eriksson-http-resource-map-00 [RMAP]. It
> hints at how request routing can be done.
>
>
> Best Regards
> Göran
>
>

Received on Saturday, 26 August 2017 03:31:02 UTC