You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have been reviewing the DNS-SD privacy issues in light of Stuart's
draft (draft-cheshire-dnssd-privacy-considerations-01) and his
presentation at IETF 100
(https://datatracker.ietf.org/meeting/100/materials/slides-100-dnssd-04-stuart-privacy/).
Draft and presentation reflect uneasiness with several of the design
choices that we made in draft-ietf-dnssd-privacy-03,
draft-ietf-dnssd-pairing-03, and draft-ietf-dnssd-pairing-info-00. One of issues is
the granularity of trust.
Stuart provides a convincing illustration of the granularity issue with
the "implanted insulin monitor" example. In this example, the trust
relation is obviously between the device and the medical application on
the phone, and certainly not with "any gaming application on the phone",
let alone "any device owned by the user". Enforcing this granularity
leads to an "application-centered" design, in contrast with the
device-centered design chosen in draft-ietf-dnssd-privacy. Our two-phase
design is to "privately discover a device, then ask that device for
available services". An application centered device would be just one
phase, "privately discover an application".
The text was updated successfully, but these errors were encountered:
I have been reviewing the DNS-SD privacy issues in light of Stuart's
draft (draft-cheshire-dnssd-privacy-considerations-01) and his
presentation at IETF 100
(https://datatracker.ietf.org/meeting/100/materials/slides-100-dnssd-04-stuart-privacy/).
Draft and presentation reflect uneasiness with several of the design
choices that we made in draft-ietf-dnssd-privacy-03,
draft-ietf-dnssd-pairing-03, and draft-ietf-dnssd-pairing-info-00. One of issues is
the granularity of trust.
Stuart provides a convincing illustration of the granularity issue with
the "implanted insulin monitor" example. In this example, the trust
relation is obviously between the device and the medical application on
the phone, and certainly not with "any gaming application on the phone",
let alone "any device owned by the user". Enforcing this granularity
leads to an "application-centered" design, in contrast with the
device-centered design chosen in draft-ietf-dnssd-privacy. Our two-phase
design is to "privately discover a device, then ask that device for
available services". An application centered device would be just one
phase, "privately discover an application".
The text was updated successfully, but these errors were encountered: