I finally realized a point of confusion about the various forms of
guidance OPES has received, and I think this should affect the
"considerations" draft. The WG was chartered with instructions to
address certain issues that more or less correspond to the IAB
considerations. It is the things that correspond less that are of
concern - particularly the "end-to-end" encryption issue. I think it
would be helpful to address these in "considerations".
The current consideration draft confuses "privacy" and "undetected
modification" and "encryption". "Privacy" is about trusting a party
with data that they may use but not disclose. The detection
modification of data is its "integrity", and it can be ensured by
cryptographic methods, including keyed hashes and public key methods,
but in general, not encryption. Encryption is used for
"confidentiality", and it can be accomplished by cryptographic
methods, but it is not a way to ensure integrity: encrypted data on
the wire can be undetectably modified by third parties unless a
cryptographic integrity mechanism is used in conjunction with the
encryption.
The current draft characterizes processor identification at content
provider sites as "irrational", which is probably overstating the
issue. It is also argues that end users cannot identify themselves
usefully to a content provider's internal processors. Although I don't
disagree that this might be true in some implementations, it isn't
clear that it is impossible in practice. I think that overall the
viewpoint should clearly distinguish between protocol feasibility
and impact on content provider practices.
Hilarie