| < draft-morris-privacy-considerations-01.txt | draft-morris-privacy-considerations-02.txt > | |||
|---|---|---|---|---|
| Network Working Group B. Aboba | Network Working Group B. Aboba | |||
| Internet-Draft Microsoft Corporation | Internet-Draft Microsoft Corporation | |||
| Intended status: Informational J. Morris | Intended status: Informational J. Morris | |||
| Expires: April 28, 2011 CDT | Expires: May 12, 2011 CDT | |||
| J. Peterson | J. Peterson | |||
| NeuStar, Inc. | NeuStar, Inc. | |||
| H. Tschofenig | H. Tschofenig | |||
| Nokia Siemens Networks | Nokia Siemens Networks | |||
| October 25, 2010 | November 8, 2010 | |||
| Privacy Considerations for Internet Protocols | Privacy Considerations for Internet Protocols | |||
| draft-morris-privacy-considerations-01.txt | draft-morris-privacy-considerations-02.txt | |||
| Abstract | Abstract | |||
| This document aims to make protocol designers aware of privacy- | This document aims to make protocol designers aware of privacy- | |||
| related design choices and offers guidance for developing privacy | related design choices and offers guidance for developing privacy | |||
| considerations for IETF documents. While specifications cannot | considerations for IETF documents. While specifications cannot | |||
| police the implementation community, nonetheless protocol architects | police the implementation community, nonetheless protocol architects | |||
| must play in the improvement of privacy, both by making a conscious | must play in the improvement of privacy, both by making a conscious | |||
| decision to design for privacy, and by documenting privacy risks in | decision to design for privacy, and by documenting privacy risks in | |||
| protocol designs. | protocol designs. | |||
| This document is discussed on the Internet Privacy Discussion mailing | ||||
| list (see https://www.ietf.org/mailman/listinfo/ietf-privacy). | ||||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on April 28, 2011. | This Internet-Draft will expire on May 12, 2011. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2010 IETF Trust and the persons identified as the | Copyright (c) 2010 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 19 ¶ | skipping to change at page 2, line 22 ¶ | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Historical Background . . . . . . . . . . . . . . . . . . . . 5 | 2. Historical Background . . . . . . . . . . . . . . . . . . . . 5 | |||
| 3. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 | 3. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 4. Threat Model . . . . . . . . . . . . . . . . . . . . . . . . . 13 | 4. Threat Model . . . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 5. Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . 15 | 5. Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 6. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 | 6. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 6.1. Presence . . . . . . . . . . . . . . . . . . . . . . . . . 16 | 6.1. Presence . . . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 6.2. AAA for Network Access . . . . . . . . . . . . . . . . . . 18 | 6.2. AAA for Network Access . . . . . . . . . . . . . . . . . . 19 | |||
| 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21 | 7. Security Considerations . . . . . . . . . . . . . . . . . . . 22 | |||
| 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 | 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 | |||
| 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23 | 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 24 | 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 10.1. Normative References . . . . . . . . . . . . . . . . . . . 24 | 10.1. Normative References . . . . . . . . . . . . . . . . . . . 25 | |||
| 10.2. Informative References . . . . . . . . . . . . . . . . . . 24 | 10.2. Informative References . . . . . . . . . . . . . . . . . . 25 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 28 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 29 | |||
| 1. Introduction | 1. Introduction | |||
| The IETF produces specifications that aim to make the Internet | The IETF produces specifications that aim to make the Internet | |||
| better. Those specifications fall into a number of different | better. Those specifications fall into a number of different | |||
| categories, including protocol specifications, best current practice | categories, including protocol specifications, best current practice | |||
| descriptions, and architectural documentations. While IETF documents | descriptions, and architectural documentations. While IETF documents | |||
| are typically implementation-agnostic, they are often, if not always, | are typically implementation-agnostic, they are often, if not always, | |||
| impacted by fundamental architectural design decisions. These | impacted by fundamental architectural design decisions. These | |||
| decision decisions in turn hinge on technical aspects, predictions | decision decisions in turn hinge on technical aspects, predictions | |||
| skipping to change at page 16, line 5 ¶ | skipping to change at page 15, line 52 ¶ | |||
| with the entity in other contexts? | with the entity in other contexts? | |||
| 2.b: What is the user's reasonable expectation of the entity's | 2.b: What is the user's reasonable expectation of the entity's | |||
| involvement? | involvement? | |||
| 3. What data about the user is likely needed to be collected? | 3. What data about the user is likely needed to be collected? | |||
| 4. What is the identification level of the data? (identified, | 4. What is the identification level of the data? (identified, | |||
| pseudonymous, anonymous, see [I-D.hansen-privacy-terminology]) | pseudonymous, anonymous, see [I-D.hansen-privacy-terminology]) | |||
| The questions in this sections are based on the CDT published | ||||
| "Threshold Analysis for Online Advertising Practices" [CDT]. | ||||
| 6. Example | 6. Example | |||
| This section allows us to illustrate how privacy was deal within | This section allows us to illustrate how privacy was deal within | |||
| certain IETF protocols. We will start the description with AAA for | certain IETF protocols. We will start the description with AAA for | |||
| network access and expand it to other protocols in a future version | network access and expand it to other protocols in a future version | |||
| of this draft. | of this draft. | |||
| 6.1. Presence | 6.1. Presence | |||
| A presence service, as defined in the abstract in RFC 2778 [RFC2778], | A presence service, as defined in the abstract in RFC 2778 [RFC2778], | |||
| skipping to change at page 24, line 33 ¶ | skipping to change at page 25, line 33 ¶ | |||
| 10.2. Informative References | 10.2. Informative References | |||
| [Altman] Altman, I., "The Environment and Social Behavior: Privacy, | [Altman] Altman, I., "The Environment and Social Behavior: Privacy, | |||
| Personal Space, Territory, Crowding", Brooks/Cole , 1975. | Personal Space, Territory, Crowding", Brooks/Cole , 1975. | |||
| [CC] "Creative Commons", June 2010. | [CC] "Creative Commons", June 2010. | |||
| [CC-SA] "Creative Commons - Licenses", June 2010. | [CC-SA] "Creative Commons - Licenses", June 2010. | |||
| [CDT] Center for Democracy & Technology, "Threshold Analysis for | ||||
| Online Advertising Practices", available at | ||||
| http://www.cdt.org/privacy/20090128threshold.pdf, | ||||
| Jan 2009. | ||||
| [CTIA] CTIA, "Best Practices and Guidelines for Location-Based | [CTIA] CTIA, "Best Practices and Guidelines for Location-Based | |||
| Services", , March 2010. | Services", , March 2010. | |||
| [DPD95] European Commission, "Directive 95/46/EC of the European | [DPD95] European Commission, "Directive 95/46/EC of the European | |||
| Parliament and of the Council of 24 October 1995 on the | Parliament and of the Council of 24 October 1995 on the | |||
| protection of individuals with regard to the processing of | protection of individuals with regard to the processing of | |||
| personal data and on the free movement of such data", | personal data and on the free movement of such data", | |||
| Official Journal L 281 , 23/11/1995 P. 0031 - 0050, | Official Journal L 281 , 23/11/1995 P. 0031 - 0050, | |||
| November 2005. | November 2005. | |||
| skipping to change at page 25, line 5 ¶ | skipping to change at page 26, line 10 ¶ | |||
| Blumberg, A. and P. Eckersley, "On Locational Privacy, and | Blumberg, A. and P. Eckersley, "On Locational Privacy, and | |||
| How to Avoid Losing it Forever", August 2009. | How to Avoid Losing it Forever", August 2009. | |||
| [Granada] International Working Group on Data Protection in | [Granada] International Working Group on Data Protection in | |||
| Telecommunications, "The Granada Charter of Privacy in a | Telecommunications, "The Granada Charter of Privacy in a | |||
| Digital World, Granada (Spain)", April 2010. | Digital World, Granada (Spain)", April 2010. | |||
| [I-D.ietf-ecrit-framework] | [I-D.ietf-ecrit-framework] | |||
| Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, | Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, | |||
| "Framework for Emergency Calling using Internet | "Framework for Emergency Calling using Internet | |||
| Multimedia", draft-ietf-ecrit-framework-11 (work in | Multimedia", draft-ietf-ecrit-framework-12 (work in | |||
| progress), July 2010. | progress), October 2010. | |||
| [I-D.ietf-geopriv-arch] | [I-D.ietf-geopriv-arch] | |||
| Barnes, R., Lepinski, M., Cooper, A., Morris, J., | Barnes, R., Lepinski, M., Cooper, A., Morris, J., | |||
| Tschofenig, H., and H. Schulzrinne, "An Architecture for | Tschofenig, H., and H. Schulzrinne, "An Architecture for | |||
| Location and Location Privacy in Internet Applications", | Location and Location Privacy in Internet Applications", | |||
| draft-ietf-geopriv-arch-03 (work in progress), | draft-ietf-geopriv-arch-03 (work in progress), | |||
| October 2010. | October 2010. | |||
| [I-D.ietf-geopriv-policy] | [I-D.ietf-geopriv-policy] | |||
| Schulzrinne, H., Tschofenig, H., Morris, J., Cuellar, J., | Schulzrinne, H., Tschofenig, H., Morris, J., Cuellar, J., | |||
| and J. Polk, "Geolocation Policy: A Document Format for | and J. Polk, "Geolocation Policy: A Document Format for | |||
| Expressing Privacy Preferences for Location Information", | Expressing Privacy Preferences for Location Information", | |||
| draft-ietf-geopriv-policy-21 (work in progress), | draft-ietf-geopriv-policy-22 (work in progress), | |||
| January 2010. | October 2010. | |||
| [I-D.morris-policy-cons] | [I-D.morris-policy-cons] | |||
| Morris, J., Aboba, B., Peterson, J., and H. Tschofenig, | Morris, J., Aboba, B., Peterson, J., and H. Tschofenig, | |||
| "Public Policy Considerations for Internet Protocols", | "Public Policy Considerations for Internet Protocols", | |||
| draft-morris-policy-cons-00 (work in progress), | draft-morris-policy-cons-00 (work in progress), | |||
| October 2010. | October 2010. | |||
| [Madrid] Data Protection Authorities and Privacy Regulators, "The | [Madrid] Data Protection Authorities and Privacy Regulators, "The | |||
| Madrid Resolution, International Standards on the | Madrid Resolution, International Standards on the | |||
| Protection of Personal Data and Privacy", Conference of | Protection of Personal Data and Privacy", Conference of | |||
| End of changes. 10 change blocks. | ||||
| 18 lines changed or deleted | 29 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||