[Ndn-interest] NDN protocol principles: no privacy?
mjs at cisco.com
Sat Mar 12 06:58:09 PST 2016
I had many questions as I first read the list of "six principles" that
Alex shared this week. One question was about the issue of privacy. I
was somewhat surprised to see nothing in the top-six list about exposure
of user activities on the internet, or about establishing a privacy
baseline for the NDN architecture. Given the current level of intense
and broad interest in the issues of passive observation and personal
data collection, it seems to me that that topic deserves a statement of
"principle". I'd like to suggest that there be an unambiguous statement
that NDN will establish a level of communication privacy that uses
state-of-the-art cryptography as the default.
I understand that some of the exposure and correlation issues we
experience currently arise from existing application protocols. HTTP can
be used for activity-tracking and correlating whether or not TLS is in
use, for example. A statement of principle seems like a useful way to
guide development of both NDN transport features and NDN applications.
At the same time, if NDN has decided that it will not establish a
private-by-default baseline, I think that deserves some justification.
It's clear from our experience using the IP internet that without
default settings that are privacy-preserving, individuals will continue
to be vulnerable.
More information about the Ndn-interest