Re: Last Call: <draft-ietf-appsawg-http-forwarded-06.txt> (Forwarded HTT

On Mon, 9 Jul 2012 14:27:49 -0400
Alissa Cooper <acooper(_at_)cdt(_dot_)org> wrote:

> (incorporating some responses to 
> http://www.ietf.org/mail-archive/web/apps-discuss/current/msg06599.html as a 
> LC comment)
>
> It would be helpful if this document could further motivate the need for 
> proxies to generate static obfuscated tokens. These two lines in particular, 
> from 6.3 and 8.3, respectively, seem a bit weak:
>
> "The identifiers can
>    be randomly generated for each request and do not need to be
>    statically assigned to resources."
>
> "When using such tokens, a static token per user would increase the
>    possibility for external organizations to track separate users."
Well, I think it gives a good hint to use dynamically assigned tokens.

> Is it possible to recommend that generated tokens have limited lifetimes 
> (per-request or otherwise), and make the static case the exception?
I guess so.

> The first statement above gets at this, but it seems to me that the
> middle ground between random generation per request and permanent
> unique token is worth emphasizing if there will be proxies that want
> to keep per-client identifiers around for some limited amount of time
> that isn't forever.
>
> It's also worth noting that the second statement above is equally true for 
> statically provisioned client IP addresses.
>
> Also, this statement in 8.3 is not really true and probably better left out:
>
> "Proxies using this extension will preserve the information of a
>    direct connection, which has an end-user privacy impact, if the end-
>    user or deployer does not know or expect that this is the case."
>
> There can certainly be a privacy impact whether the user or deployer has 
> awareness/expectation or not. 
Can you give some proof or at least some arguments for this statement?


Cheers,
 Andreas

signature.asc
Description: PGP signature