1 / 7

What are our conclusions? What is the take-home work?

What are our conclusions? What is the take-home work?. Mailing List. priv-ws@elists.isoc.org In process, wait to subscribe until Friday AM Or tell Lucy and she will add you when the list is live. IETF Actions. Create privacy directorate Investigate possible research work in privacy (IRTF)

gomer
Télécharger la présentation

What are our conclusions? What is the take-home work?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What are our conclusions? What is the take-home work?

  2. Mailing List • priv-ws@elists.isoc.org • In process, wait to subscribe until Friday AM • Or tell Lucy and she will add you when the list is live.

  3. IETF Actions • Create privacy directorate • Investigate possible research work in privacy (IRTF) • Explore what the IETF can learn from Tor (and vice versa) • Support for continuing “Privacy Considerations” work • Apply it to some IETF protocols • Covers HTTP/non-HTTP-based Protocols • Fingerprinting Considerations for IETF protocols (TCP, HTTP, SIP, etc.)

  4. W3C Actions • Formation of W3C Privacy Interest Group • Fingerprinting of W3C protocols • How to help • API Minimalization • Referrer header & privacy • Privacy Considerations for Non-Browser-based Protocols • Usability: • Whitepapers & BCPs (?) • Usability Considerations in W3C specifications

  5. Both/Misc • Debate ‘Do not track’ technical mechanisms and policy consideration • Technical analysis • Possible experimental activity • Cookie / cross-site management • Terminology • Threat Models (based on system-level view) • Use Cases • Explain why we care about correlation/linkability (examples in the workshop report) • Investigate policy expression languages

  6. Policies and Intentions • Data retention/How long will you keep it? • Unintended consequences of choosing an identifier • Secondary use

  7. Not covered during the workshop • Privacy at the networking layer • beyond Tor • beyond the Web server (backend)

More Related