Re: [p2pi] Charter and problem statement

To: Reinaldo Penno <rpenno at juniper.net>
Subject: Re: [p2pi] Charter and problem statement
From: Nicholas Weaver <nweaver at ICSI.Berkeley.EDU>
Date: Tue, 22 Jul 2008 11:02:38 -0700
Cc: "p2pi at ietf.org" <p2pi at ietf.org>, Nicholas Weaver <nweaver at ICSI.Berkeley.EDU>
Delivered-to: ietfarch-p2pi-web-archive at core3.amsl.com
Delivered-to: p2pi at core3.amsl.com
In-reply-to: <C4AB6CDD.BB34%rpenno@juniper.net>
List-archive: <http://www.ietf.org/pipermail/p2pi>
List-help: <mailto:p2pi-request@ietf.org?subject=help>
List-id: P2P Infrastructure Discussion <p2pi.ietf.org>
List-post: <mailto:p2pi@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/p2pi>, <mailto:p2pi-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/p2pi>, <mailto:p2pi-request@ietf.org?subject=unsubscribe>
References: <C4AB6CDD.BB34%rpenno@juniper.net>
Sender: p2pi-bounces at ietf.org


On Jul 22, 2008, at 10:54 AM, Reinaldo Penno wrote:

This thread made the think that we need more security wording on the
charter.
I see ALTO maybe requiring a security document considerations of itsown
besides the security section on each document.
There is clearly an expectation of privacy from the P2P client.There isclearly an expectation from the ISP that he is not aiding(conscientiously)
illegal file sharing, amongst others.

Actually, the expectation of privacy from a P2P client might beconsidered illusionary.

The whole point of P2P is you need to be able to discover peers, soany attacker who is authorized to participate in the P2P network (eg,able to get a Content-identifier from the tracker and thereforeauthorization to participate in the swarm) should be able to map atleast part of the P2P network and, with sybils, generate a complete map.

Thus, for access to an ALTO server, the requirement should be "get NOmore information than you could obtain otherwise as a participant inthe P2P network", which is a huge amount, but generally safe. ("Ifyou know the content/network/swarm ID, you can get the peer list,because you need to be authorized already to know this identifier").

The interesting question, however, is can an ALTO node, which ISN'Tnecessarily authorized to participate in a swarm, gain information ona swarm based on both queries to it, and also use any transactionalinformation it gains to contact other ALTO servers to gain informationabout the swarm.

EG, it gets a content identifier based on a request, and then queriesother ALTO servers to find out who else is participating in thiscontent identifier.

In the end, it may be necessary to write requirements on informationleaking that specifically fall one-way or the other, eg, "There is NOexpectation of privacy because of X, Y, Z", or "Because of theclient's expectation of privacy, when such is enabled, ALTO can't doA, B, C".



_______________________________________________
p2pi mailing list
p2pi at ietf.org
https://www.ietf.org/mailman/listinfo/p2pi

Follow-Ups:
- Re: [p2pi] Charter and problem statement
  - From: Reinaldo Penno
- Re: [p2pi] Charter and problem statement
  - From: Arvind Krishnamurthy

References:
- Re: [p2pi] Charter and problem statement
  - From: Reinaldo Penno

Prev by Date: Re: [p2pi] Charter and problem statement
Next by Date: Re: [p2pi] Charter and problem statement
Previous by thread: Re: [p2pi] Charter and problem statement
Next by thread: Re: [p2pi] Charter and problem statement
Index(es):
- Date
- Thread

Re: [p2pi] Charter and problem statement

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.