- From: Jeffrey Yasskin <notifications@github.com>
- Date: Tue, 22 Apr 2025 09:53:42 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 22 April 2025 16:53:46 UTC
jyasskin left a comment (w3ctag/design-reviews#1083)
To inform the TAG's review:
1. Do you see any pieces of this design that would benefit from standardization? Who on iCloud Private Relay should participate in such an effort? E.g.
* Could multiple browser implementations share proxyB providers by speaking the same protocol to them, including the authentication part?
* Can the IP-geo boundaries be shared between implementations?
* Could you standardize the process for producing the Masked Domain List?
* Can the Masked Domain List itself be shared? Does there need to be a standard protocol to disconnect.me to request the current list?
* Do you need a protocol for reporting fraudulent behavior?
* Etc.
1. W.r.t. the Probabilistic Reveal Tokens, I see that 5-15% of 3p requests will (after a delay) reveal the client's true IP address, and the design has 100% of 1p requests do so. Is there an economic analysis of why this is sufficient in practice to prevent or reduce the use of IP addresses for tracking (associating top-level user IDs across sites)?
--
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/1083#issuecomment-2821927078
You are receiving this because you are subscribed to this thread.
Message ID: <w3ctag/design-reviews/issues/1083/2821927078@github.com>
Received on Tuesday, 22 April 2025 16:53:46 UTC