This tutorial provides a brief overview of the privacy threats that engineers may encounter during their protocol work.
Privacy, as with security, has received increasing attention over the last few years as the number of security incidents and privacy violations increased. While security guidance has been offered in RFC 3552 and has been part of the IETF Newcomer's Training for many years, privacy related guidance has only been available recently with the publication of RFC 6973.
A core part of RFC 6973 is offering a set of questions an engineer should ask himself or herself when designing new protocols or protocol extensions to take common privacy concerns into account.
Dr. Bernard D. Aboba Ph.D., John Morris, Jon Peterson, Marit Hansen, Rhys Smith