On Mon, 9 Jul 2012 14:27:49 -0400 Alissa Cooper <acooper@xxxxxxx> wrote: > (incorporating some responses to http://www.ietf.org/mail-archive/web/apps-discuss/current/msg06599.html as a LC comment) > > It would be helpful if this document could further motivate the need for proxies to generate static obfuscated tokens. These two lines in particular, from 6.3 and 8.3, respectively, seem a bit weak: > > "The identifiers can > be randomly generated for each request and do not need to be > statically assigned to resources." > > "When using such tokens, a static token per user would increase the > possibility for external organizations to track separate users." Well, I think it gives a good hint to use dynamically assigned tokens. > Is it possible to recommend that generated tokens have limited lifetimes (per-request or otherwise), and make the static case the exception? I guess so. > The first statement above gets at this, but it seems to me that the > middle ground between random generation per request and permanent > unique token is worth emphasizing if there will be proxies that want > to keep per-client identifiers around for some limited amount of time > that isn't forever. > > It's also worth noting that the second statement above is equally true for statically provisioned client IP addresses. > > Also, this statement in 8.3 is not really true and probably better left out: > > "Proxies using this extension will preserve the information of a > direct connection, which has an end-user privacy impact, if the end- > user or deployer does not know or expect that this is the case." > > There can certainly be a privacy impact whether the user or deployer has awareness/expectation or not. Can you give some proof or at least some arguments for this statement? Cheers, Andreas
Attachment:
signature.asc
Description: PGP signature