Session Date/Time: 19 Mar 2025 06:00

privacypass

Summary

This privacypass IETF meeting covered a wide range of topics, including updates on existing drafts, discussions about new use cases for anonymous credentials, proposals for integrating ARC into privacy pass, and explorations of new extensions like expiration, public metadata, and token binding. A key theme was scoping future work and determining the appropriate venue for various proposals, with a recurring question of whether certain topics are best addressed within the current working group, a dedicated new working group, or in coordination with other IETF groups like TLS.

Key Discussion Points

Anonymous Credentials and Multi-Show Tokens: Discussion revolved around extending privacy pass to support multi-show tokens and reducing the centralization problems with single issuers.
ARC Integration: Chris presented ARC (Anonymous Rate Limited Credentials) as a more elegant and scalable solution for rate limiting compared to the existing privacy pass protocol. Key discussion was comparing ARC to batch tokens.
Expiration Extension: Scott reviewed the expiration extension draft, allowing for more dynamic control over token expiration times. Concerns were raised about potential for identification attacks and clock skew.
Public Metadata Issuance: Scott reviewed the drafts that enable public metadata, specifically the auth scheme extensions and public metadata issuance proposals.
Attester-Issuer Interface: Discussed standardizing the interface between attesters and issuers in a split attester-issuer model, particularly in the context of batched issuance.
Privacy Pass Reverse Flow: Tybo introduced a "reverse flow" architecture where the origin can issue tokens, enabling more granular control over rate limiting. There was discussion on comparing this new mechanism to the existing one and existing implementations.
Privacy Pass in TLS: Dooky presented a proposal for embedding privacy pass challenges and tokens in TLS handshakes to address rate limiting and device legitimacy at the TLS terminator level.
Token Binding: Frank presented a new draft about token binding to prevent token theft.
Scoping Future Work: The chairs led discussions regarding the scoping of the work and where future work should take place.

Decisions and Action Items

Action Item: Chris will perform a comparison between ARC and batch tokens to determine sweet spots for each.
Action Item: The chairs will discuss the scope of the work and coordinate with the other chairs to determine the next steps for anonymous credentials.
Action Item: The authors of the TLS proposal (Privacy Pass in TLS) will update the draft to include more detail about the use cases and motivations, then share it with the TLS working group.
Action Item: The authors of the reverse flow draft will update the draft and add more detailed use cases.
Action Item: The authors of the token binding draft will consider reviewing the OAuth security best practices document, and will consider use cases where existing privacy mechanisms are not sufficient.

Next Steps

Continue discussion on the mailing list about the scoping of future work and the appropriate venue for various proposals.
Encourage feedback on existing drafts, particularly the public metadata issuance draft.
Organize a design team around anonymous credentials to propose next steps.
Consider scheduling an interim meeting to further discuss specific proposals.