Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Privacy implications #5

Open
ghost opened this issue Nov 22, 2019 · 1 comment
Open

Privacy implications #5

ghost opened this issue Nov 22, 2019 · 1 comment

Comments

@ghost
Copy link

ghost commented Nov 22, 2019

This was raised at several points during httpbis's Thursday meeting by a few people when comparing the draft to NetInfo. Thus, we should aim to do a better job of explaining:

  • The use cases we have for this header.
  • Clear considerations in the security considerations (or a separate privacy considerations) section that explains these concerns, and offer several mitigations against fingerprinting:
    • Only including necessary values
    • Providing lower-resolution, or less-accurate figures within a threshold that reduces precision
    • Other mitigations within the request flow like always using TLS, only on authenticated requests, header scrubbing, etc.
@ghost
Copy link
Author

ghost commented Dec 6, 2019

After talking to @piersoh, I think we need to break the privacy concerns into two parts:

  • What is sent, and put language to implementors suggesting data minimisation (only send the data points you need)
  • Triggering - only send the header when it is needed, ideally because the client has signalled it requires it. This might be done as say, Accept, or Client Hints but I'm unsure if either of these are appropriate. Implementors could always use other means such as hosting a specific path that is requested, query string parameters, etc and we probably should not be prescriptive and that this should be an informational part of the document.

piersoh added a commit that referenced this issue Feb 28, 2020
@piersoh
Updates to Header description and utilisation sections
5444d07 
- Changed emphasis to server generated metrics
- Changed first header example to show send_rate
- Added text on HTTP/2+ behaviours and touched on Privacy issues #5 wrt to connection reuse
- Altered utilisation text to put server based send_rate as first option, mentioning privacy (#5)
piersoh added a commit that referenced this issue Mar 2, 2020
@piersoh
Created new Privacy Considerations and updated security sections
3fc4ea9 
- Addressing issue #5
- Added information regarding potential for fingerprinting
- Included digitation approaches - quantisation and noise
piersoh added a commit that referenced this issue Mar 3, 2020
@piersoh
Readability fixes and added item in info control section
878acad 
- Fixed up various text nits
- Added consideration of update frequency to information control section (issue #5)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
0 participants