[Ndn-interest] NDN protocol principles: no privacy?

GTS gts at ics.uci.edu
Sun Mar 13 21:07:45 PDT 2016

Hi Mark,

just to be clear: even if it can't be defined well, I'm all for privacy 
in any modern network architecture,
NDN and CCN included. Note that NDN wouldn't have been funded by the NSF 
if privacy (and security)
weren't prominent in the architecture. (NSF made 
privacy+security-by-design a major requirement
for funding.) And I believe it was/is, indeed, prominent in NDN.

My analogy was perhaps not the best but I was trying to say that 
extolling privacy as a principle
might be viewed as pollyannish, (sorry for another one) a bit like 
Google's (in)famous "don't be evil"

I agree with your last paragraph about the current principles reading 
more like mechanisms.


p.s. I also agree that opportunistic caching is a privacy concern, 
especially, close to
the edges of the network. At the same time, I keep hearing that caching 
in the network core
is unlikely. If that is true, privacy might be hard to achieve. Or, 
caching might not be used.
After all, it's not mandatory, if I recall correctly (i.e., not only a 
router is not obliged to
cache everything, but a producer can request "no caching for specific 

Gene Tsudik
Chancellor's Professor of Computer Science
University of California, Irvine

On 3/13/16 8:41 AM, Mark Stapp wrote:
> Hi Gene,
> Absolutely - I don't think there's a three- or ten-word "definition" 
> that I've seen. but I do think it would be a valuable principle - in 
> the sense of a high-level goal or fundamental basis for evaluating 
> alternatives. RFC 6973 takes a nice approach, for example, by offering 
> definitions of some technical properties and mechanisms, but not 
> trying to formulate an overall definition of "privacy". The editors 
> there say that the body of the document, the discussion of the 
> tradeoffs and alternatives, is the best way they could come up with to 
> approach that abstraction. in practical terms, as you know well I 
> think there's been an over-reliance on opportunistic caching in ICN 
> generally, and as a result observability and correlation are defined 
> to be positive properties of ICN communication rather than harmful ones.
> I think I understand your beauty-pageant analogy - but I don't agree 
> that it applies. It would have been different (to me, anyway) if there 
> had been a 'principle', even it had been vague or anodyne. I really 
> felt that it was worth commenting when there was no statement 
> whatsoever - that felt like a real gap (again, to me).
> most of these six "principles" sounded like "mechanisms" to me - the 
> list felt like the end of a discussion about alternatives and the best 
> ways to implement an architecture, rather than the start of one. it 
> sounded like "we're tired of questions about LPM in the PIT, so we're 
> going to stop calling that a possible mechanism and start calling it 
> an inevitable, immutable, unquestionable 'principle'".
> Thanks,
> Mark
> On 3/12/16 5:30 PM, GTS wrote:
>> Hi Mark,
>> I'm a huge fan of privacy and a lot of my research privacy-related.
>> But, I can't define "privacy". I wonder if anyone can do it precisely
>> and succinctly?
>> Might be because it's an amorphous and fluid notion.
>> Perhaps if NDN folks were to include *privacy* as one of their guiding
>> principles,
>> it'd be like a stereotypical beauty pageant contestant who,
>> when asked about her (or his?) ideals, comes up with something
>> like: "Peace on Earth"?
>> :-)
>> On a less serious note, whenever I see things like codified "principles"
>> (a notion similar to "commandments"), I can't help but think of a new
>> ideology
>> or a new cult being started.
>> Cheers,
>> Gene

More information about the Ndn-interest mailing list