Re: [w3ctag/design-reviews] IP Protection (in Incognito mode) (Issue #1083)

jyasskin left a comment (w3ctag/design-reviews#1083)

To inform the TAG's review:
1. Do you see any pieces of this design that would benefit from standardization? Who on iCloud Private Relay should participate in such an effort? E.g.
    * Could multiple browser implementations share proxyB providers by speaking the same protocol to them, including the authentication part?
    * Can the IP-geo boundaries be shared between implementations?
    * Could you standardize the process for producing the Masked Domain List?
    * Can the Masked Domain List itself be shared? Does there need to be a standard protocol to disconnect.me to request the current list?
    * Do you need a protocol for reporting fraudulent behavior?
    * Etc.
1. W.r.t. the Probabilistic Reveal Tokens, I see that 5-15% of 3p requests will (after a delay) reveal the client's true IP address, and the design has 100% of 1p requests do so. Is there an economic analysis of why this is sufficient in practice to prevent or reduce the use of IP addresses for tracking (associating top-level user IDs across sites)?

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/1083#issuecomment-2821927078
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/1083/2821927078@github.com>

Received on Tuesday, 22 April 2025 16:53:46 UTC