- From: Martin Thomson <mt@lowentropy.net>
- Date: Mon, 01 Feb 2021 10:29:38 +1100
- To: "Roy Fielding" <fielding@gbiv.com>
- Cc: ietf-http-wg@w3.org
On Sat, Jan 30, 2021, at 06:48, Roy T. Fielding wrote: > Yes, that helps. I guess my big question is whether the proxy is aware > of "for whom" (in an account sense) the proxy is doing this work > (unlinkable requests), or does the scope require that the proxy be > oblivious to both what is being requested and who is doing the > requesting? In the cases that we are looking at, the proxy is entirely aware of the type of data that is passing. Let's say that we use it for DNS resolution. In theory, a builder of a client X (who makes the requests) might arrange with Y (as provider of a proxy) and Z (as provider of a DNS resolver). X and Z agree that the data is worth protecting and mutually agree to ask Y help them protect it. Y almost certainly knows that this is DNS queries, and might even insist on the use being limited to that. What is not visible here is the correlation between individual client instances and the queries they make. That would require cooperation between Y and Z. And X trusts Y not to allow that. X might even insist on contractual terms.
Received on Sunday, 31 January 2021 23:30:12 UTC