- From: Eric J. Bowman <eric@bisonsystems.net>
- Date: Fri, 19 Dec 2014 23:52:57 -0700
- To: Mark Nottingham <mnot@mnot.net>
- Cc: David Singer <singer@apple.com>, TAG List <www-tag@w3.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Mark Nottingham wrote: > > What I find interesting is that by the numbers I’ve seen and talked > to people about in the industry, the vast majority of people *don’t* > use a proxy cache; that said, what we all seem to be concerned about > are those specific cases where they are used, and they really help. > Or, don't *think* they use a proxy cache. Most industry insiders will say conneg is irrelevant, while using conneg to implement compression, so I have low confidence that they're aware of various devices between themselves and the websites they access. I'm about to post this link in another response... http://www.cs.washington.edu/research/security/web-tripwire/nsdi-2008.pdf ...but it's interesting to note that aside from squid, there's no overlap between that document's list of intermediaries, and one we came up with on rest-discuss a few years back. They're called "transparent" proxies for a reason, even if they don't cache, and HTTPS threatens that entire ecosystem. > > > 3) We had an interesting offline discussion at the privacy workshop > > on “imagine if every router on the internet did NAT”. This means > > that the ability to trace people by IP address would be curtailed: > > people often don’t both to reduce fingerprinting because the source > > IP address has already ‘given the game away'. It’s an interesting > > thought experiment, but its impact on security might be negative. > > (And there are many other problems, notably pper-peer connections > > for things like telephony.) > > > > Maybe worth a paragraph? > > Once one scratches the surface, you can find a multitude of security > and privacy issues on the Web and Internet. While they’re important > issues to consider, I’m striving to NOT make this finding the > be-all-and-end-all of security and privacy, because it will make it > that much difficult to agree upon, read, and understand. Small > steps... > Provided those steps are going in the right direction, vs. painting the Web into a corner. FWIW, my NAT gives me away due to timezone and clock skew. Those two data points equate to like, 1 in 500. Orthogonal, but add Opera and 1600x1200 resolution, and four data points nail me right down. Being a modern dinosaur really makes me stick out... While I can appreciate the desire for TAG to crank out a producible, I have issues with anointing TLS when it doesn't address the root problem of page integrity, while doing away with caching I may very well need even more, if Net Neut goes the way of the Dodo. -Eric
Received on Saturday, 20 December 2014 06:53:36 UTC