Closed ekr closed 1 year ago
gurshabad
commented
1 year ago Thanks, @ekr. Replacing the reference to ODoH to O-HTTP.
I think for the other stuff, I don't disagree at all. A great starting point that I would welcome is a PR on this issue, whenever you have time.
ekr
commented
1 year ago SG. I'll try to work something up this week. Can you please assign this to me and mark it PR-Wanted (I don't have permissions).
ekr
commented
1 year ago I don't think this is completed. Please re-open.
nllz
commented
1 year ago Ah ok - sorry about that. There is no PR for this yet, right?
nllz
commented
1 year ago We are still waiting for a PR from @ekr on this, right?
ekr
commented
1 year ago Yes. I have the AI on this.
ekr
commented
1 year ago gurshabad
commented
1 year ago Excellent edits, thank you!
I think the text around anonymity and pseudonymity is very confusing because it is difficult to cleanly separate these two concepts. In particular, both sections talk about IP addressed based identifiers. What kind of identifier do you think an IP address is? It seems to me that that there is an argument for either in this context, depending on how it is assigned (e.g., home versus mobile).
I find the discussion of ODoH particularly confusing because that is not about pseudonymity but about simply deleting the IP address, so why isn't this in anonymity?
IMO this text should be restructured to address the relevant privacy concepts, and in particular that identifiers are on a continuum of space (the number of people who it might refer to), time (the stability of the identifier), and locality (the set of contexts in which they apply). Once you have done that, I think it will be easier to locate the various points in the spectrum and discuss the various countermeasures.
This is not entirely true for v6 addresses.
You should replace the reference to ODoH with one to O-HTTP.