priv - Wednesday, November 10, 2021

priv

priv@jabber.ietf.org

Wednesday, November 10, 2021< ^ >

Room Configuration

Room Occupants

GMT+0
[15:37:33] Yoshiro Yoneya joins the room
[15:37:58] alexamirante joins the room
[15:38:13] Meetecho joins the room
[15:45:03] Erik Taubeneck_web_190 joins the room
[15:45:03] Yoshiro Yoneya_web_805 joins the room
[15:45:03] Daniel Migault_web_506 joins the room
[15:45:03] Kirsty Paine_web_358 joins the room
[15:45:03] Alessandro Amirante_web_206 joins the room
[15:45:03] Lorenzo Miniero_web_125 joins the room
[15:45:03] abdullahalshoaili_web_872 joins the room
[15:45:03] Eric Kinnear_web_465 joins the room
[15:45:03] Antonio Pastor_web_185 joins the room
[15:45:03] Mariana Raykova_web_875 joins the room
[15:45:03] Christopher Wood_web_474 joins the room
[15:45:03] Philip Eardley_web_654 joins the room
[15:46:05] Sue Ciminelli_web_148 joins the room
[15:46:37] stpeter joins the room
[15:47:07] Lukas Osswald_web_557 joins the room
[15:47:10] Peter Saint-Andre_web_698 joins the room
[15:47:16] Ken Takayama_web_107 joins the room
[15:47:19] Christian Huitema_web_453 joins the room
[15:47:25] Christian Huitema_web_453 leaves the room
[15:47:29] Christian Huitema_web_594 joins the room
[15:47:56] Craig Pearce_web_786 joins the room
[15:48:36] Roman Danyliw_web_712 joins the room
[15:49:31] Chris Box_web_515 joins the room
[15:50:07] Tim Geoghegan_web_152 joins the room
[15:50:13] fightingnemo joins the room
[15:50:19] Mariana Raykova_web_875 leaves the room
[15:50:20] Takahiro Nemoto_web_986 joins the room
[15:50:23] Mariana Raykova_web_644 joins the room
[15:50:50] Antonio Pastor_web_185 leaves the room
[15:50:54] Antonio Pastor_web_336 joins the room
[15:51:22] Patrick Tarpey_web_884 joins the room
[15:51:33] David Millman_web_546 joins the room
[15:52:29] Antoine Fressancourt_web_536 joins the room
[15:52:40] Craig Pearce joins the room
[15:52:58] Martin Thomson_web_998 joins the room
[15:53:12] Barry Leiba_web_605 joins the room
[15:53:14] ekr@jabber.org joins the room
[15:54:27] Alissa Cooper_web_769 joins the room
[15:54:29] Kohei Isobe_web_613 joins the room
[15:54:43] Dirk Kutscher_web_654 joins the room
[15:54:55] Nick Banks_web_897 joins the room
[15:55:13] Christopher Patton_web_328 joins the room
[15:55:19] Lucas Pardue_web_779 joins the room
[15:55:20] Mark McFadden_web_376 joins the room
[15:55:24] Wes Hardaker_web_459 joins the room
[15:55:30] <Christopher Patton_web_328> Good morning BoFers
[15:55:40] Gregor Haywood_web_367 joins the room
[15:56:02] Sanjay Mishra_web_718 joins the room
[15:56:11] Zaid AlBanna_web_521 joins the room
[15:56:15] Chris Box_web_515 leaves the room
[15:56:19] Adam Roach_web_173 joins the room
[15:56:19] Chris Box_web_903 joins the room
[15:56:24] Eric Rosenberg_web_326 joins the room
[15:56:30] Nalini Elkins_web_109 joins the room
[15:56:36] Michael Breuer_web_440 joins the room
[15:56:51] Daniel Gillmor_web_422 joins the room
[15:56:57] Eric Rescorla_web_451 joins the room
[15:57:12] Tommy Pauly_web_499 joins the room
[15:57:13] Brandon Pitman_web_649 joins the room
[15:57:17] Mariana Raykova_web_644 leaves the room
[15:57:21] Mariana Raykova_web_774 joins the room
[15:57:32] <Chris Box_web_903> Hello all. This could be a popular meeting.
[15:57:55] David Schinazi_web_818 joins the room
[15:57:57] <Tommy Pauly_web_499> Are we BoFers, or are we just the Birds?
[15:58:02] Bob Moskowitz joins the room
[15:58:12] Kazunori Fujiwara_web_580 joins the room
[15:58:19] Charlie Harrison_web_608 joins the room
[15:58:20] <Martin Thomson_web_998> privyet or привет all
[15:58:21] James Galvin_web_308 joins the room
[15:58:22] dkg joins the room
[15:58:25] Robert Moskowitz_web_809 joins the room
[15:58:26] Watson Ladd_web_816 joins the room
[15:58:28] Peter Koch_web_829 joins the room
[15:58:28] Florence D_web_941 joins the room
[15:58:34] Francois Ortolan_web_120 joins the room
[15:58:37] Ben Campbell_web_563 joins the room
[15:58:38] Joey Salazar_web_442 joins the room
[15:58:39] Jonathan Hammell_web_124 joins the room
[15:58:43] Erik Anderson_web_769 joins the room
[15:58:44] Lucy Lynch_web_292 joins the room
[15:58:45] <Watson Ladd_web_816> boffins
[15:58:47] Frode Kileng_web_423 joins the room
[15:58:52] Tommy Jensen_web_528 joins the room
[15:58:53] Stuart Cheshire_web_644 joins the room
[15:58:56] Erik Anderson_web_769 leaves the room
[15:58:56] Jen Hufford_web_558 joins the room
[15:58:57] David Oliver_web_684 joins the room
[15:59:00] Frode Kileng_web_423 leaves the room
[15:59:00] Erik Anderson_web_681 joins the room
[15:59:04] Frode Kileng_web_534 joins the room
[15:59:16] Wei Pan_web_553 joins the room
[15:59:22] <Craig Pearce_web_786> Morning BOFers
[15:59:25] frodek joins the room
[15:59:25] frodek leaves the room
[15:59:26] Satoru Kanno_web_135 joins the room
[15:59:29] Shinta Sato_web_942 joins the room
[15:59:30] Phillipp Schoppmann_web_917 joins the room
[15:59:30] Eric Orth_web_146 joins the room
[15:59:31] Andrew Campling_web_858 joins the room
[15:59:36] Jari Arkko_web_797 joins the room
[15:59:44] Jonathan Rosenberg_web_106 joins the room
[15:59:45] Nick Doty_web_892 joins the room
[15:59:47] Joerg Ott_web_214 joins the room
[15:59:49] Michael B_web_231 joins the room
[15:59:53] Ted Hardie_web_713 joins the room
[15:59:54] <Roman Danyliw_web_712> Peter, thank you so much for doing the notes!
[15:59:56] Ned Freed_web_690 joins the room
[15:59:56] Chi-Jiun Su_web_701 joins the room
[16:00:00] Alyssa Thompson_web_197 joins the room
[16:00:13] Richard Barnes_web_931 joins the room
[16:00:22] npd joins the room
[16:00:23] Peng Liu_web_880 joins the room
[16:00:23] Quynh Dang_web_171 joins the room
[16:00:23] Yuji Suga_web_943 joins the room
[16:00:23] Robert Sparks_web_297 joins the room
[16:00:24] Mark Nottingham_web_721 joins the room
[16:00:27] <stpeter> Roman Danyliw_web_712: my pleasure!
[16:00:31] Pete Resnick_web_163 joins the room
[16:00:32] Rikard Höglund_web_883 joins the room
[16:00:37] Timothy Carlin_web_166 joins the room
[16:00:39] Frederic Jacobs_web_994 joins the room
[16:00:40] Tero Kivinen_web_830 joins the room
[16:00:42] Cullen Jennings_web_628 joins the room
[16:00:43] Eliot Lear_web_285 joins the room
[16:00:47] Marco Tiloca_web_689 joins the room
[16:00:51] Jonathan Hoyland_web_432 joins the room
[16:00:53] Burt Kaliski_web_736 joins the room
[16:00:56] Chris Wendt_web_566 joins the room
[16:00:58] <Lucas Pardue_web_779> What'll I do?
When you are far away
and skies are blue
What'll I do?
[16:01:03] Taiji Kimura_web_103 joins the room
[16:01:03] Christopher Inacio_web_826 joins the room
[16:01:05] Tadahiko Ito_web_770 joins the room
[16:01:05] <stpeter> For those of you following at home, I'll be taking notes at https://notes.ietf.org/notes-ietf-112-priv?both - feel free to correct or amplify as needed
[16:01:15] Peng Liu_web_880 leaves the room
[16:01:16] Steve Olshansky_web_345 joins the room
[16:01:16] Bradford Lassey_web_523 joins the room
[16:01:23] Mirja Kühlewind_web_502 joins the room
[16:01:27] Deb Cooley_web_496 joins the room
[16:01:33] Chen Li_web_581 joins the room
[16:01:35] Benjamin Kaduk_web_346 joins the room
[16:01:37] Michael Bilca_web_725 joins the room
[16:01:48] Yahya_web_838 joins the room
[16:02:04] Robin Wilton_web_795 joins the room
[16:02:08] <Eliot Lear_web_285> oh crap! i'm in the priv bof! ;-)
[16:02:10] Jake Holland_web_664 joins the room
[16:02:12] Benoît Claise_web_924 joins the room
[16:02:24] Hannes Tschofenig_web_501 joins the room
[16:02:28] Simon Hicks_web_865 joins the room
[16:02:32] Chonggang Wang_web_474 joins the room
[16:02:33] Lars Eggert_web_803 joins the room
[16:02:34] Valery Smyslov_web_954 joins the room
[16:02:35] David Benjamin_web_707 joins the room
[16:02:38] Joseph Salowey_web_930 joins the room
[16:02:38] Greg Wood_web_138 joins the room
[16:02:38] <stpeter> Note Well is also at https://www.ietf.org/about/note-well/ for those of you new to the IETF
[16:02:50] Benoît Claise_web_924 leaves the room
[16:02:52] <Jonathan Hoyland_web_432> I will
[16:02:54] Benoît Claise_web_735 joins the room
[16:03:02] <Jonathan Hoyland_web_432> (Jabber scribe that is)
[16:03:06] Eric Rescorla_web_451 leaves the room
[16:03:09] <Martin Thomson_web_998> nota bene: note well that we note the Note Well well
[16:03:10] Eric Rescorla_web_902 joins the room
[16:03:15] <Roman Danyliw_web_712> Thanks Jonathan!
[16:03:16] Charles Eckel_web_978 joins the room
[16:03:23] kaduk@jabber.org/barnowl joins the room
[16:03:25] Jim Reid_web_171 joins the room
[16:03:31] Warren Kumari_web_132 joins the room
[16:03:42] Yumi Sakemi_web_176 joins the room
[16:03:45] <ekr@jabber.org> Much of what I am about to say is in written form here: https://educatedguesswork.org/tags/privacy%20preserving%20measurement/
[16:04:01] Sara Dickinson_web_399 joins the room
[16:04:08] Mariana Raykova_web_774 leaves the room
[16:04:16] Mariana Raykova_web_829 joins the room
[16:04:26] Kris Shrishak_web_154 joins the room
[16:04:49] Sara Dickinson_web_399 leaves the room
[16:04:52] <Jonathan Hoyland_web_432> Is this a IETF or IRTF WG forming BOF?
[16:04:53] Sara Dickinson_web_345 joins the room
[16:05:03] Karen Staley_web_709 joins the room
[16:05:06] Kazuaki Ueda_web_277 joins the room
[16:05:10] Wendy Seltzer_web_168 joins the room
[16:05:13] <Christopher Patton_web_328> IETF
[16:05:15] Jonathan Lennox_web_831 joins the room
[16:05:27] <Martin Thomson_web_998> IETF WG part. We're not making another CFRG
[16:05:33] Greg Schumacher_web_595 joins the room
[16:05:42] Jonathan Lennox_web_831 leaves the room
[16:05:45] Vasilis_web_294 joins the room
[16:05:46] Jonathan Lennox_web_388 joins the room
[16:05:47] Bill Woodcock_web_175 joins the room
[16:05:49] Lixia Zhang_web_776 joins the room
[16:05:55] Bhavit Shah_web_209 joins the room
[16:05:56] Kazuaki Ueda_web_277 leaves the room
[16:06:09] Jonathan Lennox_web_388 leaves the room
[16:06:11] <kaduk@jabber.org/barnowl> The process for forming new IRTF RGs is rather different.
[16:06:13] Jonathan Lennox_web_173 joins the room
[16:06:19] Kohei Isobe_web_613 leaves the room
[16:06:23] <Martin Thomson_web_998> and we don't need one, probably
[16:06:23] Kohei Isobe_web_185 joins the room
[16:06:26] <Roman Danyliw_web_712> ^^^ IETF. There is a dependence on IRTF work which is why it has a separate agenda item (to make the distinction clear).
[16:06:35] <npd> the PEARG has sometimes discussed measurement-related topics within IRTF
[16:07:11] Hannes Tschofenig_web_501 leaves the room
[16:07:13] <Martin Thomson_web_998> you will see that this group will depend on the CFRG only for some very narrowly targeted stuff
[16:07:15] Hannes Tschofenig_web_517 joins the room
[16:07:15] Jiri Novotny_web_113 joins the room
[16:07:20] Rich Salz_web_841 joins the room
[16:07:23] <Martin Thomson_web_998> stuff that the CFRG is very highly qualified to do
[16:07:43] <Martin Thomson_web_998> Adam Roach: typing?
[16:08:10] <Jonathan Hoyland_web_432> It's the journalists at the Theranos trial.
[16:08:20] Massimiliano Pala_web_932 joins the room
[16:08:26] <Rich Salz_web_841> @Peter: no "d" in that URL? :)
[16:08:40] Joel Jaeggli_web_484 joins the room
[16:08:49] Joel Jaeggli_web_484 leaves the room
[16:08:53] Joel Jaeggli_web_578 joins the room
[16:09:16] <Robin Wilton_web_795> Note: "sensitivity" can be highly contextual. e.g. in Northern Ireland, which street you live in could reveal your religious faith, and that *could* be life-threatening.
[16:09:26] Christopher Inacio_web_826 leaves the room
[16:10:29] Mariana Raykova_web_829 leaves the room
[16:10:33] Mariana Raykova_web_247 joins the room
[16:10:34] <Jonathan Hoyland_web_432> Even "device was on at this time" vs "device was not on at this time" can reveal faith for (practising) orthodox Jews who turn their electronics off on religious holidays.
[16:10:35] <Martin Thomson_web_998> differential privacy is the usual model here, but that generally assumes that a trusted entity holds all of the data
[16:10:42] Antonio Pastor_web_336 leaves the room
[16:10:52] <Martin Thomson_web_998> there are lots of nice ways that are coming up that break that assumption down a little
[16:10:54] <npd> I think many of our privacy failure cases aren't situations where there was a promise that the individual data wouldn't be used or disclosed. the Target inference, much of the ad targeting -- these weren't promises, the vendors are proud about the individual data that they kept
[16:10:56] Karen O'Donoghue_web_130 joins the room
[16:11:05] Christopher Inacio_web_576 joins the room
[16:11:15] <Bob Moskowitz> My walking app has struggled dealing with no data for Saturday walking...
[16:11:30] <Martin Thomson_web_998> relationships: calculating ML embeddings is something that can be done in a system like this fairly easily
[16:11:56] <Jonathan Hoyland_web_432> (Even "device is up to date" can reveal faith, because you can see when the device was off and not applying updates)
[16:12:00] <Martin Thomson_web_998> or using data to generate gradients for the next iteration of training your model
[16:12:01] <Bob Moskowitz> I mean what's wrong with you guy, can't carry your phone so we get all the data to rate you with other walkers?
[16:12:08] Massimiliano Pala_web_932 leaves the room
[16:12:10] Christopher Inacio_web_576 leaves the room
[16:13:09] <Jonathan Lennox_web_173> (Now trying to think of how you could design a shabbat-compliant walking tracker...mechanical pedometer that uploads after it's turned on Saturday evening? If there's an Eruv.)
[16:13:18] <dkg> "type of website" itself is a dubious/contentious categorization scheme
[16:13:44] <Martin Thomson_web_998> dkg: and also a manifestation of a particular moral view sometimes
[16:13:48] <dkg> wouldn't a mechanical pedometer also be forbidden?
[16:13:52] David Millman_web_546 leaves the room
[16:13:54] <Martin Thomson_web_998> "misinformation" or "news"?
[16:14:00] <dkg> mt: indeed
[16:14:02] <Bob Moskowitz> The pedometer would have to work with a "Gramma". Interesting design challenge.
[16:14:05] <Jonathan Hoyland_web_432> (@Jonathan: The issue would be whether the pedometer is something you need for shabbat.)
[16:14:06] <npd> was that use case about classifying sites into categories? or just aggregating site usage for all users rather than any individual user?
[16:14:15] Christopher Inacio_web_915 joins the room
[16:14:31] <Christopher Wood_web_474> @npd: putting sites into topic buckets, and then collecting the distribution of time spent in each bucket
[16:14:44] Rui Miao_web_937 joins the room
[16:14:53] Phillip Hallam-Baker_web_397 joins the room
[16:14:59] <npd> @christopher: the distribution of time spent in each bucket for that individual user?
[16:15:08] <dkg> Chris: right, but "topic buckets" itself is dubious -- cluster boundaries are unclear and complex
[16:15:12] <Alissa Cooper_web_769> but the same mechanisms would work for understanding aggregate site usage
[16:15:21] <Christopher Wood_web_474> @dkg not disagreeing, just clarifying for npd
[16:15:37] <Watson Ladd_web_816> and kind of site can also be feature based: video? lots of photos? lots of JS? etc
[16:16:15] Craig Pearce leaves the room
[16:16:18] <Christopher Wood_web_474> @npd across all users
[16:16:33] <Jonathan Hoyland_web_432> @Watson Has tracking scripts or not? Creates a bucket of privacy sensitive websites.
[16:16:38] Lucy Lynch_web_292 leaves the room
[16:16:42] Lucy Lynch_web_160 joins the room
[16:16:45] <Martin Thomson_web_998> one thing that is important to realize is that the basics here are not that fancy; where things get fancy is in securing the system against various forms of abuse
[16:16:46] <Jonathan Hoyland_web_432> (As in, websites that respect client privacy)
[16:17:04] <Richard Barnes_web_931> @Martin - Evergreen statement
[16:17:28] Mariana Raykova_web_247 leaves the room
[16:17:29] Mike Boyle_web_865 joins the room
[16:17:32] Mariana Raykova_web_819 joins the room
[16:17:33] <Martin Thomson_web_998> hence the choice of SEC :)
[16:17:38] <Robin Wilton_web_795> @Jonathan and @Bob - I think what you need is one of those gadgets that winds your automatic watch for you if you're not wearing it for a while.
[16:17:58] <Eliot Lear_web_285> FWIW I think this is a fine use of ohai
[16:18:10] <Jonathan Hoyland_web_432> @Robin That's genius! I could use that every day :rolling_on_the_floor_laughing:
[16:18:33] Mike Boyle_web_865 leaves the room
[16:18:35] Benjamin Schwartz_web_452 joins the room
[16:18:41] Alessandro Ghedini_web_232 joins the room
[16:20:07] <Robin Wilton_web_795> My work here is done ;^)
[16:21:37] Chris Box_web_903 leaves the room
[16:21:39] <Richard Barnes_web_931> EKR is saying "one / both", but some schemes allow more than two aggregators
[16:21:41] Chris Box_web_873 joins the room
[16:21:51] Rui Miao_web_937 leaves the room
[16:21:55] <Jonathan Lennox_web_173> He just mentioned that, but said it's rarer.
[16:22:02] <Bob Moskowitz> He said that. I think. Just that 2 is easy to present
[16:22:10] <Martin Thomson_web_998> all of the literature uses N servers, but all of the deployments basically end up with N=2
[16:22:23] <Jonathan Hoyland_web_432> In the two server case, can a colluding server and aggregator compute the state of the one good server?
[16:22:28] <Bob Moskowitz> Google and Microsoft...
[16:22:30] <Richard Barnes_web_931> Not all of the literature uses N servers; some schemes are limited to 2 servers
[16:22:35] <Christopher Wood_web_474> It's probably worth noting that not all schemes admit N>2 servers.
[16:22:43] <Christopher Wood_web_474> (What Richard said)
[16:22:47] Craig Pearce joins the room
[16:22:47] Craig Pearce leaves the room
[16:22:48] <dkg> so this is privacy preserving data algorithms with a baseline of "you trust gmail, don't you" ??
[16:22:53] <Richard Barnes_web_931> @Jonathan - In the schemes I'm aware of, that is not the case
[16:22:55] <Watson Ladd_web_816> can always turn the 2 servers into 6 via MPC
[16:23:01] <npd> yes, we often have to trust servers, but the whole proposal is that we should trust these servers not to collude because we can't trust servers to minimize the data after they collect it
[16:23:06] <Adam Roach_web_173> This is also true of WebPKI -- an attacker colluding with an issuer can completely subvert https.
[16:23:11] <Christopher Patton_web_328> @dkg: More like "I trust Let's Encrypt"
[16:23:11] Stephen McQuistin_web_968 joins the room
[16:23:32] <Martin Thomson_web_998> The important part of Prio (SNIPS) is not on this slide.
[16:23:33] <Benjamin Schwartz_web_452> (Except without Certificate Transparency)
[16:23:40] <Watson Ladd_web_816> or "I trust Microsoft little, I trust Let's Encrypt little, but I trust one of them to be honest"
[16:23:40] <Bob Moskowitz> He said you only need to trust one server not to collude. Seems ok.
[16:23:57] <dkg> does anyone trust let's encrypt, or do we just appreciate that they're more audited and aggressive about participating in things like CT?
[16:24:12] <Erik Taubeneck_web_190> Saying "I trust party X" is a much different statement than saying "I trust independent parties X and Y to not collude"
[16:24:24] Prapanch Ramamoorthy_web_170 joins the room
[16:24:25] Mariana Raykova_web_819 leaves the room
[16:24:29] Mariana Raykova_web_257 joins the room
[16:24:31] <Jonathan Hoyland_web_432> You can also say "I trust A not at all, and B even less, but I trust they hate each other more than they hate me."
[16:24:32] <Martin Thomson_web_998> I think that dkg and Erik are saying the same thing
[16:24:35] <npd> you also only need to trust one server if you send the data to a server and ask them to comply with their stated policy
[16:24:36] <Bob Moskowitz> I trust X not to collude with other parties.
[16:24:36] <Christopher Wood_web_474> I would say this is "I trust at least one of the servers"
[16:24:38] <Jonathan Rosenberg_web_106> what is modP required?
[16:24:47] <Jonathan Rosenberg_web_106> sorry - WHY is modP required?
[16:25:09] <Charlie Harrison_web_608> @jonathan this is an implementation detail of the secret sharing scheme
[16:25:11] <Richard Barnes_web_931> @JDR: just to make it a group operation on finite-size values
[16:25:16] <Christopher Wood_web_474> @Jonathan it's just additive secret sharing over the finite field
[16:25:39] <Richard Barnes_web_931> think like p = 2^255 - 19
[16:25:57] <Richard Barnes_web_931> larger than any plausible aggregate, so it doesn't cause measurement artifacts
[16:26:01] <Phillip Hallam-Baker_web_397> OK so we are going to do this stuff but not simple Threshold encryption....
[16:26:05] <Martin Thomson_web_998> p is probably more like 2^80 or so
[16:26:09] <Erik Taubeneck_web_190> @Chris Wood: The need to trust one server is only with respect to correctness, right?
[16:26:10] <Christopher Patton_web_328> +1 MT
[16:26:22] <Erik Taubeneck_web_190> to break the security, you'd need both servers to collude
[16:26:32] <Richard Barnes_web_931> @PHB - secret sharing + homorphisms over the secret sharing scheme
[16:26:39] <Jonathan Hoyland_web_432> There are people who are less than 100cm and others who are more than 200cm. This is going to get into "Falsehoods programmers believe about names".
[16:26:40] Yaron Sheffer_web_673 joins the room
[16:26:40] <Erik Taubeneck_web_190> (or depending on the protocol, if N>2, you may only need a majority)
[16:26:42] <Ted Hardie_web_713> I am missing why that zero-knowledge proof is worth.
[16:26:44] <Martin Thomson_web_998> and it doesn't always have to be a prime, some of the schemes are OK with simple abellian groups
[16:26:59] <Jonathan Lennox_web_173> Jonathan: There are very few people -1km tall, though.
[16:27:02] <Christopher Wood_web_474> @Erik For soundness, yeah, I think that's right
[16:27:03] <Ted Hardie_web_713> If I say the height is 50cm or 220cm, it is thrown out?
[16:27:03] Chen Li_web_581 leaves the room
[16:27:11] <Martin Thomson_web_998> Ted: maybe
[16:27:25] <Martin Thomson_web_998> Ted: you might be required to clamp your value to a range
[16:27:33] Monika Ermert_web_898 joins the room
[16:27:33] <dkg> again, who chooses the bucket (and how it's delineated) is an interesting question not covered here.
[16:27:43] Phillip Hallam-Baker_web_397 leaves the room
[16:27:43] <Christopher Wood_web_474> @dkg bucket?
[16:27:47] Phillip Hallam-Baker_web_734 joins the room
[16:27:48] <Richard Barnes_web_931> breath-first search actually
[16:27:50] <dkg> from last slide
[16:27:57] <Martin Thomson_web_998> Chris: the set of values that the system accepts
[16:28:02] <Christopher Patton_web_328> The main reason to "validate" the input shares is that a client can just send *random* input shares and completely garble the output.
[16:28:07] <Jonathan Rosenberg_web_106> In the case of measurements with high cardinality dimensions, does this require the server to compute aggregates for all 2^N combinations of N dimensions?
[16:28:10] <Jonathan Hoyland_web_432> I mean, I guess you just clamp it to n-standard deviations, such that there is a less than λ chance that such a person exists.
[16:28:35] <Christopher Wood_web_474> @MT ah okay, yeah, got it
[16:28:36] <Richard Barnes_web_931> @JDR: I don't think so
[16:28:37] <Charlie Harrison_web_608> @Jonathan there is pruning involved
[16:28:40] Chris Lemmons_web_328 joins the room
[16:28:44] Christian Amsüss_web_250 joins the room
[16:28:51] <Ted Hardie_web_713> Okay, so the proof is used to ensure that the submitted data is within some configured bounds. Where you would normally just throw it out from the data set, it being encrypted means you want to throw it out without knowing what made it out of the bounds?
[16:28:51] <Richard Barnes_web_931> (depends a little on what you mean, but to first order no)
[16:28:59] Xavier de Foy_web_612 joins the room
[16:29:01] Shivan Sahib_web_323 joins the room
[16:29:02] <Erik Taubeneck_web_190> @Jonathan R, the key insight in the Heavy Hitters paper is how to do that efficiently. Naively, yes, you would need to.
[16:29:24] Kyle Ouellette_web_348 joins the room
[16:29:26] <Charlie Harrison_web_608> @Ted yes
[16:29:28] <Christopher Wood_web_474> @Ted correct!
[16:29:33] Michio Honda_web_425 joins the room
[16:30:16] Robin Wilton_web_795 leaves the room
[16:30:39] Massimiliano Pala_web_503 joins the room
[16:30:52] Mariana Raykova_web_257 leaves the room
[16:30:55] Lukas Osswald_web_557 leaves the room
[16:30:56] Mariana Raykova_web_185 joins the room
[16:30:59] Lukas Osswald_web_168 joins the room
[16:31:01] <dkg> this puts a lot of trust on the leader too, yes?
[16:31:12] <Lucy Lynch_web_160> Yes
[16:31:12] <npd> uh... it all goes through a single leader?
[16:31:15] <Martin Thomson_web_998> Hits allows you to have sparse data (in ML terms one hot encoding) and get aggregates for all the elements that have enough contributions
[16:31:25] Michio Honda_web_425 leaves the room
[16:31:25] <Phillipp Schoppmann_web_917> @dkg just for availability, the the leader cannot decrypt the shares going to the helpers
[16:31:26] <Christopher Patton_web_328> @npd: input shares are encrypted to the helpers
[16:31:26] <Charlie Harrison_web_608> Data is encrypted to the helper's keys, so the leader shouldn't see any raw data
[16:31:32] <Richard Barnes_web_931> @dkg / @npd iirc the shares are through-encrypted to the helpers
[16:31:38] Allison Mankin_web_843 joins the room
[16:31:41] <Watson Ladd_web_816> this is just to deal with network issues
[16:31:41] Ned Freed_web_690 leaves the room
[16:31:42] <Erik Taubeneck_web_190> The leader is never able to actually see the data, because the data is encrypted for the Helpers, I believe.
[16:31:47] <dkg> but the identity of the helpers is announced by the leader
[16:31:52] <Christopher Patton_web_328> +1 @watson
[16:31:58] <Martin Thomson_web_998> the identity of all involved needs to be known
[16:32:00] <Benjamin Schwartz_web_452> @dkg: Presumably hardcoded in the client config
[16:32:10] <Richard Barnes_web_931> @dkg, no there has to be some secure-against-leader configuration of the helpers' keys at the clients
[16:32:11] <Christopher Patton_web_328> yup
[16:32:28] Christian Amsüss_web_250 leaves the room
[16:32:29] <Antoine Fressancourt_web_536> @Eric communication patterns with the leader coul dreveal activity from some specific clients, or am I wistaken ?
[16:32:31] <Lixia Zhang_web_776> who offers/runs the leaders?
[16:32:54] <Martin Thomson_web_998> Lixia: we don't really need to know who is running these here
[16:33:02] <dkg> but even with a well-defined helper list in the client, the leader could still partition given users into a tiny subset, right?
[16:33:16] <Lixia Zhang_web_776> the question is who pays :-)
[16:33:16] <Tim Geoghegan_web_152> @antoine yes, a design goal is to allow anonymizing proxies of the sort EKR described to sit between clients and leader
[16:33:25] <Martin Thomson_web_998> dkg: you are talking about consistency of config across clients?
[16:33:28] Philip Eardley_web_654 leaves the room
[16:33:33] <Tim Geoghegan_web_152> Allow but not require
[16:33:35] <kaduk@jabber.org/barnowl> dkg: I think there are deployment models where the *leader* can't
perform such a partitioning attack
[16:33:46] <Richard Barnes_web_931> @Lixia - likely pattern is that the leader is the person who ultimately wants the measurements, and enlists the helpers to support privacy
[16:33:50] <dkg> how does the client know they aren't being partitioned?
[16:33:57] <Christopher Wood_web_474> I thought he meant the leader actively tries to force clients into small buckets, but that's not much different from say PP
[16:33:59] <Martin Thomson_web_998> Lixia: we will get to that; in a lot of cases, the people who want the data pay for the service
[16:34:06] <Jonathan Hoyland_web_432> @dkg CT-style logs?
[16:34:08] <Martin Thomson_web_998> dkg: a very relevant question
[16:34:17] <Antoine Fressancourt_web_536> @Tim using Oblivious transfer / this kind of things ?
[16:34:45] Bernie Hoeneisen_web_511 joins the room
[16:34:48] <Tim Geoghegan_web_152> @Antoine yes, though I think OHAI isn't the only way to do it
[16:35:00] <dkg> Jonathan Hoyland: i wonder how that log would look -- off the top of my head, i don't think it maps well to the particular attack i'm describing
[16:35:11] <dkg> i don't think CT logs map well, i mean.
[16:35:12] <Benjamin Schwartz_web_452> dkg: Interesting. The leader could fool any "user count" enforced by the helper by synthesizing a big pile of fake reports.
[16:35:22] <Erik Taubeneck_web_190> dkg / Martin: I'd assume that the VDAFs would need to be resilient against that type of partitioning
[16:35:26] <Watson Ladd_web_816> the client is encrypting shares to the helpers: if it takes all the helpers to reconstruct all of these are needed
[16:35:33] Tara Whalen_web_882 joins the room
[16:35:36] <Martin Thomson_web_998> dkg: relevant draft: https://datatracker.ietf.org/doc/html/draft-wood-key-consistency
[16:35:39] <Phillip Hallam-Baker_web_734> @Richard, yes, I know. My point is just that this is going pretty deep on the crypto tech.
[16:35:42] <Christopher Wood_web_474> @Ben sybil attacks are relevant, yeah
[16:35:45] <Antoine Fressancourt_web_536> @Tim indeed, Private information retrieval could also be used
[16:35:51] <npd> this is good question on use case, thank you
[16:35:55] <Charlie Harrison_web_608> One mitigation to partitioning is differential privacy. We can guarantee that individual user data is not revealed even if the partition is size 1
[16:36:01] <Christopher Wood_web_474> @Antoine PIR is not relevant here -- clients are _writing_, not _reading_
[16:36:03] <Phillip Hallam-Baker_web_734> [My system froze]
[16:36:14] <Erik Taubeneck_web_190> Charlie: +1
[16:36:20] Jeffrey Yasskin_web_319 joins the room
[16:36:21] <Martin Thomson_web_998> sybil attacks are difficult in this setting and it can depend on the setting as to how you deal with it. Charlie mentions DP, which is a somewhat effective defense.
[16:36:45] <Jonathan Hoyland_web_432> @dkg I was thinking leaders commit to their list of helpers in their cert. The I can see how many live certs there are.
[16:36:46] <Antoine Fressancourt_web_536> @Christopher Mix networks then
[16:37:03] Lukas Osswald_web_168 leaves the room
[16:37:19] <Benjamin Schwartz_web_452> If you require Differential Privacy, what's the use of this?
[16:37:30] <Richard Barnes_web_931> i'm not totally sure that partitioning is even possible. i think the crypto imposes a fair degree of rigidity on the aggregator arrangement
[16:37:39] <dkg> Hoyland: the leader has a list of helpers, but the leader directs each client to a specific subset of helpers, right?
[16:37:49] <dkg> otherwise, what does the leader do?
[16:37:49] <Charlie Harrison_web_608> @Benjamin: You can achieve the most optimal differential privacy without trusting any one single aggregator / curator
[16:37:51] Mariana Raykova_web_185 leaves the room
[16:37:56] <Martin Thomson_web_998> Ben Schwartz: DP in this setting can involve much lower noise than in other settings.
[16:37:59] Mariana Raykova_web_189 joins the room
[16:38:04] <Jonathan Hoyland_web_432> @dkg I was under the impression that the client picks a subset of the offered helpers.
[16:38:15] <Erik Taubeneck_web_190> @Richard, presumably the site owner could have a logged in session, and then could work with the Leader
[16:38:16] <Lucy Lynch_web_160> A lot of this is covered here: https://abetterinternet.github.io/ppm-specification/draft-gpew-priv-ppm.html#name-security-considerations
[16:38:21] Stephen Farrell_web_831 joins the room
[16:38:23] <Christopher Patton_web_328> MR. RESCORLA
[16:38:23] <ekr@jabber.org> Hoyland, no that dosn't work well
[16:38:24] <Shivan Sahib_web_323> I'm a bit late so maybe this was discussed, but for the use case where we want to share URLs for analytics purposes we could use shamir secret sharing based designs https://arxiv.org/abs/2109.10074
[16:38:24] <dkg> then the leader has no active role during submission?
[16:38:26] <Martin Thomson_web_998> "Mister Rescorla"
[16:38:42] <Jonathan Hoyland_web_432> @dkg Routing
[16:38:43] <Wendy Seltzer_web_168> only on first reference
[16:38:44] <Benjamin Schwartz_web_452> It seems like the leader could extract exact client reports (at least for sums) by submitting N-1 false reports with known values.
[16:38:48] Jonathan Rosenberg_web_106 leaves the room
[16:38:49] <Ted Hardie_web_713> That's "Reverend Rescorla", please.
[16:38:58] <npd> the leader learns the patterns of usage by the client for any particular calculation?
[16:39:00] <Martin Thomson_web_998> Ben: yes, that is why we insist on DP
[16:39:04] <ekr@jabber.org> @Benjamin: that's correct, you need some countermeasures and we mention those in the doc
[16:39:04] <dkg> Hoyland: if they handle routing, then they can partition by avoiding routing anything but one client to a given helper
[16:39:05] <Erik Taubeneck_web_190> @Benjamin, yes, this is why DP would be important
[16:39:10] <Richard Barnes_web_931> @Shivan - the STAR scheme looks pretty close to the Prio scheme that's in the VDAF draft
[16:39:12] <Christopher Patton_web_328> @Ben that's right. You need to do more than what Prio/Hits provides in order to beat Sybil attacks.
[16:39:13] <Charlie Harrison_web_608> +1 to the DP chorus
[16:39:18] sftcd joins the room
[16:39:23] <ekr@jabber.org> No, STAR is very differet
[16:39:24] <dkg> ekr is a reverend‽
[16:39:27] <Jonathan Hoyland_web_432> @dkg They can, but then the client's shares are counted.
[16:39:27] <Benjamin Schwartz_web_452> But then you need just as much DP as you would with OHAI.
[16:39:28] <Christopher Patton_web_328> +1 eker
[16:39:36] <Christopher Patton_web_328> STAR has a very different goal.
[16:39:37] <ekr@jabber.org> They both use secret sharing
[16:39:43] <Jonathan Hoyland_web_432> @dkg sorry, *not* counted
[16:39:49] <Martin Thomson_web_998> FWIW, people who use data HATE differential privacy, but there aren't any other really good alternatives
[16:39:55] Christian Amsüss_web_741 joins the room
[16:40:11] <Charlie Harrison_web_608> @Benjamin can you elaborate? I don't see how OHAI could achieve the same results
[16:40:27] Kesara Rathnayake_web_277 joins the room
[16:40:28] <Jonathan Hoyland_web_432> It's the same as what happens if the packets get lost on the way to the aggregator. You just have to exclude / drop the received shares.
[16:40:30] <dkg> Hoyland: my concern is that one client (or a small set of clients) could be measured directly (not in aggregate with the larger public) by partitioning from the leader
[16:40:32] <ekr@jabber.org> Benjamin: the question is about local versus central DP
[16:40:33] <Martin Thomson_web_998> Most of these use a variation on the (r, x-r) or (r, x^r) sharing method.
[16:40:39] <Benjamin Schwartz_web_452> @Charlie: As leader, I can recover a user's exact input, just like with OHAI.
[16:40:43] <Shivan Sahib_web_323> fwiw Brave has already deployed STAR
[16:40:46] Lucy Lynch_web_160 leaves the room
[16:40:50] Lucy Lynch_web_784 joins the room
[16:41:06] <Charlie Harrison_web_608> @Benjamin no, because the raw data is encrypted and hidden from the leader
[16:41:07] <Martin Thomson_web_998> Ben: not necessarily, but that gets into the details
[16:41:07] <ekr@jabber.org> @Benjamin: the point is that each helper adds DP noise
[16:41:14] <ekr@jabber.org> But wit OHAI you need the clients to add DP noise
[16:41:17] <ekr@jabber.org> Which is much worse.
[16:41:18] <Benjamin Schwartz_web_452> OK
[16:41:20] <Richard Barnes_web_931> @Shivan do i take that as an indication that Brave might be interested in deploying other PPM techniques?
[16:41:23] Lars Eggert_web_803 leaves the room
[16:41:26] <Cullen Jennings_web_628> Does ISRG charge for this or how is it run ?
[16:41:35] <Shivan Sahib_web_323> We are extremely interested in the goals
[16:41:37] <Jonathan Hoyland_web_432> @dkg If client in subgroup picks helper A and helper B, but the Leader drops their share to helper B, then all the Aggregator gets is half a share.
[16:41:39] <ekr@jabber.org> @Ben: I cover this a bit here https://educatedguesswork.org/posts/ppm-randomness/
[16:41:49] <Adam Roach_web_173> Probably as much as they do for certificates, fluffy
[16:42:16] <Martin Thomson_web_998> Adam: I think that they do charge for these services. There is a natural customer.
[16:42:31] <ekr@jabber.org> Anywya, yes, these subset attacks are an issue here. They can be ameliorated with a combination of rate limits and DP
[16:42:33] <Richard Barnes_web_931> @Martin no, this ENPA work is grant-funded
[16:42:52] <Richard Barnes_web_931> (or at least not fee-for-service funded)
[16:42:55] <Jeffrey Yasskin_web_319> Congrats on getting so many orgs to cooperate.
[16:43:03] <ekr@jabber.org> Try saying "exposure notifications private analytics" 10 times fast
[16:43:05] Eliot Lear_web_285 leaves the room
[16:43:17] Peter Koch_web_829 leaves the room
[16:43:26] John Preuß Mattsson_web_998 joins the room
[16:43:27] <npd> cooperating but not colluding
[16:43:32] <Richard Barnes_web_931> the pentagram here belies that the data are actually protected by witches
[16:43:35] <sftcd> this is a reasonable case study, just a pity the underlying EN system isn't very useful
[16:43:42] <Benjamin Schwartz_web_452> Colluderating
[16:43:43] <Martin Thomson_web_998> npd: it's an interesting balance, yes
[16:43:55] <Chris Box_web_873> @Jeffrey Yes, impressive to build all that relatively quickly
[16:43:59] <ekr@jabber.org> 12 beeellion metrics
[16:44:10] Mariana Raykova_web_189 leaves the room
[16:44:14] Mariana Raykova_web_478 joins the room
[16:44:17] Karen Staley_web_709 leaves the room
[16:44:48] Karen Staley_web_276 joins the room
[16:46:08] Peter Koch_web_291 joins the room
[16:46:13] <Wendy Seltzer_web_168> first witches, now illuminati?
[16:46:14] Yoshiro Yoneya_web_805 leaves the room
[16:46:18] Yoshiro Yoneya_web_736 joins the room
[16:46:34] <ekr@jabber.org> @Wendy: illuminati witches
[16:47:00] <kaduk@jabber.org/barnowl> Hmm, but wouldn't there need to be some covert channels between the
Apple and Google integrators and MITRE in order to complete the
pentagram?
[16:47:36] <Richard Barnes_web_931> @kaduk - those are only revealed to the fully initiated
[16:47:54] <Eric Orth_web_146> It works out. For many of us, all the cryptographic functionality is essentially witchcraft.
[16:48:00] <Lucy Lynch_web_784> @wendy there is no cabal
[16:48:16] <Rich Salz_web_841> @Lucy, nice historic reference :)
[16:48:24] <Jonathan Lennox_web_173> I don't see how the aggregation algorithm preserves privacy when the actual number everyone's sending is "1". Is there a different aggregator?
[16:48:56] <Richard Barnes_web_931> @Jonathan i think the idea is you always send a result, either 1 or 0
[16:49:06] <ekr@jabber.org> For those who care, STAR and Hits have similar objectives but do it differently and have different privacy guarantees. Hits does a better job of concealing who has low entropy values. STAR does a better job of concealing values which are low cardinality
[16:49:11] <Christopher Wood_web_474> Yeah, and the aggregation function is SUM, yielding the number of matches
[16:49:16] <Jonathan Lennox_web_173> Aha. So "I saw the ad" is not private, but presumably it wouldn't be.
[16:49:24] David Lawrence_web_356 joins the room
[16:49:26] <ekr@jabber.org> Yeah, that's observable
[16:49:36] <npd> how does this depend on PPM? rather than just a trusted browser collects the data, and sends it as telemetry through OHAI?
[16:49:36] <Richard Barnes_web_931> @ekr - would STAR make sense as a VDAF?
[16:49:55] <ekr@jabber.org> @Richard: I think you could shove it in the VDAF box
[16:49:56] <Martin Thomson_web_998> So it is the union of the two events that is private.
[16:49:56] <Christopher Wood_web_474> I don't believe it fits under the abstraction well
[16:49:56] <Watson Ladd_web_816> AdScale worked a bit differently from the VDAF but had the same basic setup
[16:50:10] <Watson Ladd_web_816> https://isi.jhu.edu/~~mgreen/advertising.pdf
[16:50:13] <ekr@jabber.org> Yep.
[16:50:25] <ekr@jabber.org> Adnostic and then AdScale are like the index patient here
[16:50:35] <Christopher Patton_web_328> I don't think so. STAR only provides privacy for unpopular inputs. Popular inputs are linkable to the clients that sent them. (This can be avoided by coupling with OHAI.)
[16:50:45] <sftcd> "critical infrastructure that powers online ads" is a very weird phrase
[16:50:53] Chi-Jiun Su_web_701 leaves the room
[16:50:57] Chi-Jiun Su_web_746 joins the room
[16:51:06] <Phillip Hallam-Baker_web_734> Seems to me as if we are reaching for the brightest shiniest objects here that very few people are likely to end up using. Meanwhile simpler, more practical measures like an encrypted log file format are overlooked as too boring to be worth doing.
[16:51:07] <Shivan Sahib_web_323> @Christopher Patton - in our deployment STAR is coupled with an anonymizing proxy
[16:51:09] Mariana Raykova_web_478 leaves the room
[16:51:13] <Richard Barnes_web_931> @sftcd i think ads depend on power plants and stuff
[16:51:13] Mariana Raykova_web_338 joins the room
[16:51:21] <Christopher Patton_web_328> @shivan that's great!
[16:51:28] <Richard Barnes_web_931> not sure the power plants require 3rd party cookies
[16:51:30] <Shivan Sahib_web_323> OHAI would be better :)
[16:51:37] <Pete Resnick_web_163> An up-level question, and not saying that the answer necessarily determines whether or not we take on the work: Looking at draft-gpew-priv-ppm, it looks more like an OS project and not protocol development. Is there actual protocol work to be done here? What is that?
[16:51:39] <kaduk@jabber.org/barnowl> The money machine is critical infrastructure *for Google*
[16:51:40] <ekr@jabber.org> OHAI-STAR is ana mazingname
[16:51:45] <Jeffrey Yasskin_web_319> sftcd: I think the critical infrastructure is the conversion measurement that Martin described.
[16:51:54] <ekr@jabber.org> Pete: yes, there is plenty of protocol work
[16:51:56] <Richard Barnes_web_931> @Pete there are multiple implementations
[16:52:08] <Christopher Wood_web_474> @Pete: the interaction between clients and servers and collectors requires protocol work
[16:52:09] <ekr@jabber.org> To actually define the wire formats, exchanges, etc.
[16:52:20] Florence D_web_941 leaves the room
[16:52:24] Vasilis_web_294 leaves the room
[16:52:33] <Martin Thomson_web_998> sftcd: if you concede that advertising is something that humans can do with the web, then conversion measurement is a very natural consequence of that concession
[16:52:35] <Andrew Campling_web_858> @Phillip It would be good to explore whether there is an equivalent but "boring" solution
[16:52:38] <Pete Resnick_web_163> Ack. That wasn't clear from what I'd seen so far. (I missed the beginning of EKR's preso.)
[16:52:40] <Wendy Seltzer_web_168> Over in W3C space, we've seen significant interest in the advertising use case
[16:52:41] Florence D_web_881 joins the room
[16:52:56] <Jeffrey Yasskin_web_319> Wendy with the understatement. :)
[16:52:58] <sftcd> @mt: advertising is something that companies not humans do on the web though
[16:53:20] <Martin Thomson_web_998> sftcd: Facebook might disagree with you there
[16:53:32] <Martin Thomson_web_998> though, it is predominantly companies, yes
[16:53:40] <Pete Resnick_web_163> (FWIW: This is very cool looking tech.)
[16:53:45] <Bob Moskowitz> Humans use billboards like Facebook for their advertising...
[16:53:47] <Jonathan Lennox_web_173> Companies so far are run by humans, AI not being that advanced yet. And many humans present here have their salaries paid for by advertisement.
[16:53:49] <Christopher Wood_web_474> To follow up on Wendy, this group is focused on advertising in the W3C: https://www.w3.org/community/patcg/
[16:53:55] Robin Wilton_web_886 joins the room
[16:54:29] Dominique Lazanski_web_239 joins the room
[16:54:55] <Wendy Seltzer_web_168> and the improving web ads BG, https://www.w3.org/community/web-adv/
[16:55:09] <Erik Taubeneck_web_190> +1 to the PATCG. Hoping to see a good interaction between this work and the work happening there.
[16:55:14] <dkg> jonathan: so the humans' salaries depend on algorithmic feeds: how is this not a company run by AI?
[16:55:15] <Martin Thomson_web_998> Chris mentioned it, but I believe/hope PATCG is taking on the web-facing side of this on
[16:55:16] <Dirk Kutscher_web_654> I like PPM and some of the use cases. But: even though you can do ad conversion in a privacy-preserving way, it does not mean that ad-tech is not an attack on privacy. So should the IETF standardize technology that is directly aimed at facilitating ad-tech?
[16:55:18] <Andrew Campling_web_858> If not doing advertising helps to get privacy .....
[16:55:36] <dkg> (not claiming that the ai is "advanced", of course)
[16:55:39] <Martin Thomson_web_998> not doing advertising isn't really an option, at least in the current environment
[16:55:51] So we should stop working on HTTP? Good to know...
[16:55:51] <ekr@jabber.org> This is a general purpose technique, with a lot of applications, one of which is advertising.
[16:55:54] <Allison Mankin_web_843> I don't think I've heard the word "targeted" yet (but maybe missed it). If the campaign starts by targeting a group with attributes, how does aggregration help?
[16:55:59] <Christopher Wood_web_474> @Dirk it's focused on privacy-preserving approaches to the problem, which is a significant improvement, and ads are just one application
[16:56:16] <ekr@jabber.org> It's something that a bunch of us were working on even before the ads use cases started to get hot
[16:56:36] <Erik Taubeneck_web_190> @MT, it's not as if advertising would stop without this, it would just be worse, and there would be more incentive do work around limitations
[16:56:40] <Christopher Patton_web_328> mouthful
[16:56:54] <npd> I'm not sure the level of detail of the conversion measurement means that advertising couldn't happen online otherwise
[16:57:00] <Martin Thomson_web_998> Erik: exactly the needle we're trying to thread
[16:57:02] <sftcd> I do think there's value here but also worry if working on that requires new beliefs in e.g. what is/isn't critical infrastructure
[16:57:05] <ekr@jabber.org> @Allison: that's kind of a complicated question. First, I would say that there are proposed techniques to make the targeting private (though they are out of scope for IETF). Second, the conversion itself is more revealing than the targeting
[16:57:10] <Christopher Patton_web_328> (FWIW, PPM also depends on HPKE :D )
[16:57:12] <Jonathan Lennox_web_173> Christopher: Vee-dahf.
[16:57:18] <Christopher Patton_web_328> V D A F
[16:57:20] Tara Whalen_web_882 leaves the room
[16:57:23] <ekr@jabber.org> Well, there won't be any ads work done here. it's just defining these generic things
[16:57:24] <Christopher Patton_web_328> please :)
[16:57:38] <Tim Geoghegan_web_152> vee dee eh ehf, Patton has a proof that this is how it's pronounced
[16:57:45] <Christopher Patton_web_328> hahahaha
[16:57:53] <Martin Thomson_web_998> Allison: the conversion measurement cases Charlie and I talked about don't involve targeting in the way you understand it, but some of the applications might enable it in one way or other
[16:57:56] Joseph Salowey_web_930 leaves the room
[16:57:58] <npd> advertising happens on billboards and in newspapers, even if per-user conversion measurement isn't provided
[16:58:04] Mariana Raykova_web_338 leaves the room
[16:58:08] Mariana Raykova_web_512 joins the room
[16:58:16] <Watson Ladd_web_816> @Allison: you don't get to see that so and so saw the ad before they visited the website to buy. Conversion isn't the only issue here but it's a big one
[16:58:18] <Allison Mankin_web_843> Erik, I think it's debatable that the conversion is more revealing than the targeting (consider work by Angwin), but thanks for the answer
[16:58:43] <Allison Mankin_web_843> Agree we benefit by each improvement
[16:58:44] <Wendy Seltzer_web_168> unfortunately, newspapers aren't doing too well economically
[16:58:46] <Antoine Fressancourt_web_536> @npd put different contact info on different paper ads, and then you have your reporting done
[16:58:59] <ekr@jabber.org> Allison: Sorry, I wasn't making a comparison but I was trying to say that targeting + conversion > targeting only
[16:59:07] <Allison Mankin_web_843> Thanks, yes
[16:59:14] <ekr@jabber.org> So the idea would be to shave off pieces one at a time
[16:59:29] <Watson Ladd_web_816> if you want to solve targeting, need to define what the problem is: accumulation of history by third parties, access to the display information? we have solutions to each, but it's not one solution to the whole thing
[16:59:36] <Watson Ladd_web_816> eat the whale bite by bite
[16:59:54] Justin Richer_web_266 joins the room
[16:59:55] <npd> @antoine, sure different techniques are used, like use discount code XYZ, but it's not as high-fidelity. I was just responding to the suggestion that detailed conversion measurement is an absolute necessity ("critical infrastructure", say) for advertising to exist on the Web
[16:59:57] ErikAnderson joins the room
[17:00:16] Erik Nordmark_web_675 joins the room
[17:00:18] <Charlie Harrison_web_608> High fidelity is exactly what is being avoided by enforcing aggregation, differential privacy, etc.
[17:00:20] Craig Pearce joins the room
[17:00:31] <Charlie Harrison_web_608> (for some definition of "high")
[17:00:40] <Erik Taubeneck_web_190> +1 Charlie
[17:00:53] <Robin Wilton_web_886> "Erik Taubeneck
@MT, it's not as if advertising would stop without this, it would just be worse" - how would we tell? ;^,
[17:00:55] <Erik Taubeneck_web_190> though that seems it would be more a property of the VDAF, and not the protocol
[17:00:57] <Martin Thomson_web_998> npd: what constitutes critical is of course subjective, but I will note that prior to any system of conversion measurement, advertising on the web was rife with abuse.
[17:01:02] <ekr@jabber.org> I see we have k-anonymity for eri[ck]s
[17:01:06] Charles Eckel_web_978 leaves the room
[17:01:30] Frederic Jacobs_web_994 leaves the room
[17:01:31] Craig Pearce_web_786 leaves the room
[17:01:35] Craig Pearce_web_574 joins the room
[17:01:48] <npd> mt, "was"?
[17:02:09] <Martin Thomson_web_998> npd: relatively, yes
[17:02:26] <Martin Thomson_web_998> not saying that it's fixed or anything...
[17:02:46] <Martin Thomson_web_998> just that it would be a whole lot worse without this teeny bit of accountability
[17:02:55] Robin Wilton_web_886 leaves the room
[17:02:59] Robin Wilton_web_962 joins the room
[17:03:01] <Alissa Cooper_web_769> May be better to focus on the fact that conversion measurement exists on a large scale. People can judge for themselves whether they think it will go away or change, whether PPM would improve it, and whether that one use case matters to you compared to the other use cases presented.
[17:03:04] <Shivan Sahib_web_323> Martin: you mean abuse as in ad fraud?
[17:03:06] Chris Seal_web_697 joins the room
[17:03:31] <Christopher Wood_web_474> I interpreted him to mean abuse for tracking purposes
[17:04:12] <Shivan Sahib_web_323> I guess I'm not seeing how conversion measurement would help with that
[17:04:18] <Martin Thomson_web_998> ad fraud is multi-faceted, but attribution can help along some of those axes, but mostly I mean tracking
[17:04:33] <sftcd> (sorry if this was covered, I missed the first half hour) what prevents this API (or some higher layer on called from javascript) from being abused e.g. by defining a new measurement type that boils down to being identifying?
[17:04:37] <npd> interesting maybe to try to measure those different levels of worse
[17:04:38] <npd> there are certainly conversion measurements that can happen without any of these technologies -- how much do sales go up after deploying a certain campaign?, how often do ad clicks lead to purchases?
[17:04:53] <Martin Thomson_web_998> let's say you want to buy an ad, how do you know if your agency is doing a good job for the money you pay them?
[17:04:53] Mariana Raykova_web_512 leaves the room
[17:04:57] Mariana Raykova_web_271 joins the room
[17:05:01] <npd> I think the question is how much effort we want to put into this particular work and how much of a difference it will make compared to those other techniques
[17:05:02] <Shivan Sahib_web_323> gotcha
[17:05:05] <Jonathan Lennox_web_173> Would the zero-knowledge proof include a proof of something like "either the conversion count is 0 or else there is a signed statement from the vendor that this item was indeed bought"?
[17:05:06] Monika Ermert_web_898 leaves the room
[17:05:10] Monika Ermert_web_859 joins the room
[17:05:22] <Jonathan Lennox_web_173> Otherwise conversion fraud seems very possible.
[17:05:32] Craig Pearce leaves the room
[17:05:39] Monika Ermert_web_859 leaves the room
[17:05:43] Monika Ermert_web_607 joins the room
[17:06:01] <Mariana Raykova_web_271> The aggregators are already communicating with each other
[17:06:02] <Martin Thomson_web_998> Jonathan: conversion fraud is indeed very possible. there are a bunch of different approaches being considered, some of which include anonymous tokens to fill that function
[17:06:05] <Antoine Fressancourt_web_536> One general question: is ppm aiming at private measurements for the web or are there use cases envisionned for lower layer protocols (anonymous L4 flows reporting) ?
[17:06:09] <ekr@jabber.org> Jonathan this is where like privacy pass and the like fit in
[17:06:10] <Mariana Raykova_web_271> you need that for the verification of the proofs
[17:06:21] <Lucas Pardue_web_779> did anyone make the VDAF splunk joke yet?
[17:06:21] Subir Das_web_249 joins the room
[17:06:46] Prapanch Ramamoorthy_web_170 leaves the room
[17:07:00] <dkg> sounds like PRIV doesn't guarantee data privacy, since one can imagine an instantiation where the shares are offered directly to the other helpers
[17:07:23] <Christopher Wood_web_474> @Antoine use cases are broad. For example, Tor developed PrivCount (?) for similar purposes. PPM would work well for those use cases.
[17:07:45] <ekr@jabber.org> @dkg: I think "guarantee" is basically against a given reference point of assumptions
[17:07:46] <Martin Thomson_web_998> It only offers privacy to the extent that you trust servers not to collude
[17:07:53] <Antoine Fressancourt_web_536> @Christopher thanks for your answer; will look at TOR's use case
[17:07:53] <ekr@jabber.org> So if you assume that one of the helpers is honest, then it does
[17:08:00] Craig Pearce joins the room
[17:08:01] Craig Pearce leaves the room
[17:08:12] <Wendy Seltzer_web_168> W3C is interested in this technology existing
[17:08:14] <Robin Wilton_web_962> @Adam can you define "work on"?
[17:08:19] <sftcd> "interested": maybe
[17:08:21] <Martin Thomson_web_998> I would argue that the presenters represent a sufficient constituency of interest to qualify...
[17:08:40] <Erik Taubeneck_web_190> Facebook is interested in supporting this work.
[17:08:43] Juan-Carlos Zúñiga_web_885 joins the room
[17:08:48] Bhavit Shah_web_209 leaves the room
[17:08:50] <dkg> if a given instantiation requires each helper to transfer its share to the others, then there's no official out-of-band "collusion" but the instantiation isn't secure
[17:08:55] <Phillip Hallam-Baker_web_734> Interested in WORKING ON this topic, Soliving?????
[17:09:18] <npd> I think some of us may be interested while also not necessarily being convinced about a particular approach
[17:09:19] <kaduk@jabber.org/barnowl> (Hmm, did we skip the "understand the problem?" question?)
[17:09:26] <sftcd> +1 npd
[17:09:38] <David Oliver_web_684> "interested": maybe (cut/paste sftcd)
[17:09:43] <dkg> (not saying either the priv or hits instantiations do that, just observing that the protocol framing doesn't ensure privacy on its own)
[17:09:57] <Pete Resnick_web_163> That's a surprisingly large number of people who are actively not raising their hands.
[17:10:02] <ekr@jabber.org> @dkg: I think I'm misunderstanding your point.
[17:10:04] <Phillip Hallam-Baker_web_734> @kaduk, I don't think we understand the problem
[17:10:10] Quite interested.
[17:10:16] <ekr@jabber.org> Can you rephrase?
[17:10:20] <Martin Thomson_web_998> I would like to hear from those who are opposed.
[17:10:22] Patrick Tarpey_web_884 leaves the room
[17:10:22] <sftcd> @pete: the hands tool isn't great though, never clear what "Not raise" means
[17:10:23] Marco Tiloca_web_689 leaves the room
[17:10:23] <Shivan Sahib_web_323> curious to hear why someone would not want to see privacy preserving measurements
[17:10:25] Patrick Tarpey_web_619 joins the room
[17:10:35] <Watson Ladd_web_816> they might not be interested in working themselfs
[17:10:36] <Christopher Wood_web_474> I would also like to hear from those opposed. (I am very interested in this work.)
[17:10:36] <Bob Moskowitz> No working time to work on this. Will follow it.
[17:10:44] <sftcd> @shivan: depends how easy it is to abuse for me
[17:10:53] <David Oliver_web_684> @shivan maybe "no" is more about this approach being better defined, or not going far enough?
[17:10:55] <Benoît Claise_web_735> It's all good, but what are the chances it's going to be deployed, when some can get access to all the data they want now?
[17:11:02] <dkg> ekr: i think i'm saying: this PRIV framework itself doesn't offer much privacy on its own: it can be more helpful if it produces a type of analysis that could be done for a given instantiation to prove limits of leakage
[17:11:09] Mariana Raykova_web_271 leaves the room
[17:11:11] <Pete Resnick_web_163> @stephen: Yeah. Like Martin, I'd like to understand what those "I am not raising my hand" people mean.
[17:11:13] Mariana Raykova_web_385 joins the room
[17:11:13] <ekr@jabber.org> @dkg: yes, I thinnk that's correct
[17:11:19] <ekr@jabber.org> it depend son the VDAF
[17:11:21] <Eric Orth_web_146> I think we missed the distinction between "not interested in this being worked on it" and "not interested in contributing to it personally".
[17:11:22] <Alissa Cooper_web_769> We will be asking the BOF questions a little later, we just wanted to hear about further expressions of interest now
[17:11:23] <Wes Hardaker_web_459> I'm concerned that there is a lot of active assumption that the result of this discussion is a foregone conclusion without hearing from opinions about potential issues with the problem/approach first.
[17:11:35] <ekr@jabber.org> @benoit: well, you've heard from a bunch of people that want to deploy it.
[17:11:38] <kaduk@jabber.org/barnowl> Benoît: I am pretty convinced that firefox will deploy even if they
currently have access to all the data
[17:11:39] <Martin Thomson_web_998> Benoit: browsers are taking the means of collection away from those people
[17:11:42] <dkg> sftcd: you like it better if you can abuse it, or if you can't abuse it?
[17:11:48] <sftcd> if the upshot here were a change from "accept cookie: y/n" to "accept <complex crypt>: y/n" then I don't think we get so much for the web, maybe worth it for some specific applications though
[17:11:54] Ned Freed_web_400 joins the room
[17:12:02] <Chris Box_web_873> @Benoit I would think that GDPR will drive a lot of use of this technology. It requires minimal data collection and storage.
[17:12:02] <sftcd> @dkg: yes:-)
[17:12:04] Juan-Carlos Zúñiga_web_885 leaves the room
[17:12:07] <Dirk Kutscher_web_654> @Alissa, yes, I generally agree. Just saying that privacy-preserving ad conversion will not remove nor limit tracking. It may be a factor in making ad conversion more ubiquitous and advertizing more effective, and in the grand scheme of things, have a negative impact on privacy on the web. Personally, I'd expect ad conversion to be a major use case.
[17:12:08] Juan-Carlos Zúñiga_web_169 joins the room
[17:12:20] Andrew S_web_200 joins the room
[17:12:33] <ekr@jabber.org> I think if you don't like the advertising thing, the place to take that objection is PATCG
[17:12:38] <Martin Thomson_web_998> Jari: happy to hear from you regarding ideas on how browsers should operate.
[17:12:44] <Cullen Jennings_web_628> Browsers are as far as I can tell mostly funded by advertisers.
[17:12:51] <Martin Thomson_web_998> there is a nice tone
[17:12:56] <Benoît Claise_web_735> @ekr, yes I also want peace in the world.
[17:12:58] <Christopher Patton_web_328> agreed, I'm singing along with it
[17:12:59] <Jonathan Hoyland_web_432> I can jabber scribe
[17:13:06] <Wendy Seltzer_web_168> I'll try to reconfigure
[17:13:07] <dkg> you have to combine your share of wendy's audio with my share of wendy's audio
[17:13:08] John Preuß Mattsson_web_998 leaves the room
[17:13:12] John Preuß Mattsson_web_641 joins the room
[17:13:13] <Bob Moskowitz> Wendy is humming. Maybe a yes?
[17:13:20] <Warren Kumari_web_132> Scanner?
[17:13:23] <ekr@jabber.org> @benoit: I honestly don't understand your point. You asked if people would deploy it. I told you that a bunch of people who are working on this intend to.
[17:13:25] <Benjamin Schwartz_web_452> Simple ad conversion measurement (cost-per-click) doesn't seem to require any of this. Is this only for display ad conversion tracking (CPM)?
[17:13:31] <npd> haha dkg
[17:13:33] <Mirja Kühlewind_web_502> privacy-preserving communication...
[17:14:01] <Charlie Harrison_web_608> @Benjamin: a click is not a conversion, it doesn't directly provide value to an advertiser
[17:14:05] <Jonathan Hoyland_web_432> @Wendy, if you want me to jabber scribe prefix a message to jabber with "Mic:" and I'll relay it.
[17:14:07] <Watson Ladd_web_816> cost per click needs something like this unless you want to reveal who clicked
[17:14:09] <Martin Thomson_web_998> Ted: a single solution for ALL the work is a terrible idea
[17:14:23] <Benjamin Schwartz_web_452> @Charlie, yeah, but it takes to a new 1P context where you can track directly.
[17:14:25] <Lixia Zhang_web_776> +1 Ted Hardie
[17:14:29] <Erik Taubeneck_web_190> cost-per-click is a very poor type of measurement, and incentivizes dark patterns that get people to click when they don't intend to
[17:14:32] <npd> +1 hardie, the advertising cases seem especially vague about how well it connects
[17:14:48] <Shivan Sahib_web_323> +1
[17:14:51] <Christopher Patton_web_328> @Ted that's the idea of splitting up the work into the framework protocol and the underlying primitive, VDAF. Our hope is that VDAF is expressive enough to account for multiple solutions.
[17:15:04] <Richard Barnes_web_931> i think folks are a little over-indexed on advertising. consider the ENPA and telemetry cases as well.
[17:15:11] <Martin Thomson_web_998> What Ted said is totally right. There is a set of things.
[17:15:20] Patrick Tarpey_web_619 leaves the room
[17:15:24] Patrick Tarpey_web_279 joins the room
[17:15:25] <kaduk@jabber.org/barnowl> > I don't think we understand the problem but I want to do it anyway
:)
[17:15:35] <sftcd> @rlb: ENPA is worse IMO (though well intended) as it's attempting to measure a thing that really doesn't work
[17:15:46] <David Oliver_web_684> I think it's OK to use a WG to define the problem, no?
[17:15:48] <sftcd> telemetry makes more sense to me
[17:15:51] <Wendy Seltzer_web_168> mic: W3C has groups incubating work that could use this at the protocol level. [sorry for the audio mismatch]
[17:15:51] <npd> Richard, I had open questions on whether telemetry depends on this (as opposed to OHAI and data minimization on the server)
[17:15:52] <dkg> does IETF have any influence over logfile creation/storage ?
[17:16:04] <Jeffrey Yasskin_web_319> dkg: Via the mathematical mesh, of course.
[17:16:06] <Jari Arkko_web_797> Martin: I expressed interest for the work, an some non-comfort with the advertising collection use case. I recognise that I'm not the expert on browsers and that I don't have another answer on what to do instead. However, for the record I'd rather use a browser that prevents information flow to advertisers. I realise that may be a path already explored and found impossible.
[17:16:10] <Hannes Tschofenig_web_517> @dkg: no.
[17:16:18] <Ned Freed_web_400> @phb: "I don't think we understand the problem space but I would like to do this anyway". That's for-sure going to be a line I use at work.
[17:16:23] <ekr@jabber.org> @sftcd: actually it's not clear to me that that's true. I think it's quite possible that ENPA doesnt work for its intended purpose but the data collected with this is useful
[17:16:27] <Richard Barnes_web_931> @npd minimization is clearly not a solution; it's what is done today
[17:16:31] <Wendy Seltzer_web_168> thanks @Jonathan
[17:16:46] <Ted Hardie_web_713> Apologies for jumping the queue with the BoF questions. Thanks, MT, for clarifying that the proponents also see this as a set. I didn't get that impression from the discussion up to now, and it's useful to know.
[17:16:47] <Martin Thomson_web_998> Jari: we're still exploring a bunch of options, this is just one of many ways we're trying to improve things incrementally
[17:16:53] <ekr@jabber.org> For instance, if I reliably caught 2% of the exposures, then just knowing that would be useful for measuring rates, even if nobody ever learned their exposure.
[17:16:54] <kaduk@jabber.org/barnowl> Is Phill's use case solvable with only the CFRG draft?
[17:16:54] <sftcd> @ekr: that's defensible, I just happen to think EN is already demonstrated not very useful
[17:17:02] Luigi Iannone_web_896 joins the room
[17:17:12] <Hannes Tschofenig_web_517> "I don't think we understand the problem space but I would like to do this anyway". I think this is the typical reaction of an engineer, who wants to work on a new field. I believe this is foundation of lots of the work in the IETF.
[17:17:14] <Christopher Wood_web_474> Tech issues
[17:17:16] <Christopher Wood_web_474> Be right back
[17:17:22] <Martin Thomson_web_998> Jari: see also cookie partitioning: https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/
[17:17:25] <sftcd> if ENPA had existed in april 2020 and been built into EN that'd have been interesting but it's late now IMO
[17:17:27] <Phillip Hallam-Baker_web_734> @Ned, it is the one I use for my board all the time
[17:17:37] Christopher Wood_web_474 leaves the room
[17:17:41] Christopher Wood_web_480 joins the room
[17:18:08] Mariana Raykova_web_385 leaves the room
[17:18:12] Mariana Raykova_web_245 joins the room
[17:18:24] <Phillip Hallam-Baker_web_734> +1 Ted
[17:18:25] <Bob Moskowitz> It can become a seal of good housekeeping?
[17:18:29] Stephan Emile_web_126 joins the room
[17:18:31] Lars Eggert_web_177 joins the room
[17:18:32] <Phillip Hallam-Baker_web_734> +1 Ted
[17:18:38] <Jonathan Hoyland_web_432> @Wes, once this is shown to work we can push for regulation
[17:18:39] Responding to Wes: technology is not the only way to regulate bad behaviour.
[17:18:41] <Roman Danyliw_web_712> @Wes, but certain "good guys" aren't doing collection because they don't have a good approach
[17:18:45] <Martin Thomson_web_998> Wes: legislators are always being told that the technology doesn't exist; this work is necessary to remove that impediment
[17:18:50] <dkg> are there folks who would be willing to proactively disable worse tech if this is available?
[17:19:03] <Martin Thomson_web_998> dkg: yes
[17:19:05] <Jari Arkko_web_797> Wes: If we did this, is it conceivable that third party cookies could go away/prohibited by browsers? (Asking, I don't know the answer)
[17:19:06] <npd> I think the reasoning is that allowing the functionality will make it easier for browsers and others to deploy stronger mitigations against the current invasive tracking
[17:19:08] <Benjamin Schwartz_web_452> dkg: The browsers, by blocking 3P cookies,
[17:19:14] <Watson Ladd_web_816> see also the privacy sandbox sandbagging
[17:19:20] <Martin Thomson_web_998> dkg: and I'm not just speaking for Mozilla here, I'm aware of others
[17:19:30] <dkg> right, so make that case clearly if you want to counter Wes's point
[17:19:31] Wei Pan_web_553 leaves the room
[17:19:31] <Jeffrey Yasskin_web_319> dkg: Chrome's basically blocking on this (and some other things) to disable 3p cookies and other tracking methods.
[17:19:36] <David Oliver_web_684> There's a meme "generals are always fighting the LAST war". Is there a chance we're doing that here?
[17:19:39] <Wes Hardaker_web_459> @jari: I think companies have shown that they'll always find away around those problem, like 1x1 white pixels as an example.
[17:19:39] <Lucy Lynch_web_784> @dkg maybe the question is would they be required to…
[17:19:45] Jari: that's a much larger discussion. But if the primitives for replacing some functions aren't available, it's going to be a lot harder.
[17:19:46] <npd> (I still think the question/concern is reasonable. just that we should know that there is a possible path that improves things)
[17:19:50] <Eric Orth_web_146> I think if a reasonable number of "good guys" exist that want to implement it, that's reason enough to standardize it. Getting "bad guys" to stop doing different stuff is a separate issue that we may or may not be able to create technical solutions for later.
[17:19:52] <Watson Ladd_web_816> @david what do you mean?
[17:19:56] <kaduk@jabber.org/barnowl> To be clear, chrome currently has a user-facing knob to disable
third-party cookies already; the default is just to allow them.
[17:19:58] <Roman Danyliw_web_712> I think we heard solid use cases above and beyond ads
[17:20:05] Mariana Raykova_web_245 leaves the room
[17:20:09] Mariana Raykova_web_284 joins the room
[17:20:11] Mark McFadden_web_376 leaves the room
[17:20:35] Absolutely not the last war. This is very applicable and time-sensitive; various jurisdictions are creating regulations and legislation now that could benefit from this tool. Or preclude its use.
[17:20:39] <David Oliver_web_684> @ekr mentioned that PPM is for a subset of use cases. @wes mentioned "it fights the good people". I worry about "the other cases" and "the other people"
[17:20:40] Mariana Raykova_web_284 leaves the room
[17:20:44] Mariana Raykova_web_722 joins the room
[17:21:11] <dkg> Wes: do you think browsers cannot be built to defend against 1×1 pixel web bugs?
[17:21:19] <David Oliver_web_684> @mark what I mean is that the heavyweights have already moved on. They're doing more in the back room and might make this pointless
[17:21:20] Lars Eggert_web_177 leaves the room
[17:21:21] Sanjay Mishra_web_718 leaves the room
[17:21:21] Joseph Salowey_web_478 joins the room
[17:21:22] <Wes Hardaker_web_459> "[only] helps the good people be better" was what I was really saying @David
[17:21:23] <Jonathan Hoyland_web_432> For those trying to get a head start, the proposed charter text is on slide 8-9 of the Chair slides: https://datatracker.ietf.org/meeting/112/materials/slides-112-priv-chair-slides-agenda-01
[17:21:24] Mariana Raykova_web_722 leaves the room
[17:21:25] Sanjay Mishra_web_794 joins the room
[17:21:31] Mariana Raykova_web_490 joins the room
[17:21:40] <David Oliver_web_684> ok @wes
[17:21:40] <Wes Hardaker_web_459> @dkg: I think the instant you remove that ability they'll find another.
[17:22:04] <dkg> Wes: it sounds like you're saying we should burn it all down
[17:22:09] <Andrew Campling_web_858> @Jonathan: thanks, tried and failed to find it earlier, didn't look there
[17:22:12] Mariana Raykova_web_490 leaves the room
[17:22:15] The adtech ecosystem including most forms of tracking is under *intense* scrutiny. The back rooms exist but they daylight is starting to shine in.
[17:22:23] Mariana Raykova_web_975 joins the room
[17:22:33] Gregor Haywood_web_367 leaves the room
[17:22:34] Prapanch Ramamoorthy_web_134 joins the room
[17:22:38] <Jeffrey Yasskin_web_319> Wes: It's definitely whackamole, and we're working on the right threat models and mitigations in the W3C.
[17:22:45] <David Oliver_web_684> @ekr this is good clarification for me - thanks.
[17:22:47] <Wes Hardaker_web_459> @dkg: I'm saying that we've built a framework that enables easy tracking, and these solutions can not fix that underlying architecture.
[17:22:55] <npd> it is a real concern, but I don't think we should assume that all pushback will disappear if some subset of functionality is in place
[17:22:56] <Alissa Cooper_web_769> Charter is available at https://github.com/abetterinternet/ppm-specification/blob/main/charter.md
[17:23:10] <Wes Hardaker_web_459> note: I did say we should do it anyway
[17:23:12] abdullahalshoaili_web_872 leaves the room
[17:23:14] Mariana Raykova_web_975 leaves the room
[17:23:16] abdullahalshoaili_web_216 joins the room
[17:23:18] Mariana Raykova_web_769 joins the room
[17:23:32] <Wes Hardaker_web_459> it becomes a role model, not a cop
[17:23:45] <dkg> yeah, it doesn't solve the sisyphean task of closing these additional leakage points.
[17:24:00] <ekr@jabber.org> @dkg: yes, and I definitely want to keep closing those leakage points
[17:24:03] Sara Dickinson_web_345 leaves the room
[17:24:12] Mariana Raykova_web_769 leaves the room
[17:24:16] Mariana Raykova_web_660 joins the room
[17:24:18] <David Oliver_web_684> @wes - I think there's tremendous value in this work for sure. I just worry about those use cases deemed "out of scope"
[17:24:56] Mariana Raykova_web_660 leaves the room
[17:24:56] <Wendy Seltzer_web_168> sorry, don't seen to have gotten audio working.
[17:25:00] <ekr@jabber.org> Just to be entirely clear: we were working on this even aside from Ads and I would be very interested even if it was clear there was no ads intersection at all
[17:25:00] Mariana Raykova_web_666 joins the room
[17:25:01] <Wendy Seltzer_web_168> but thanks
[17:25:04] <Jari Arkko_web_797> Another question. If we did PPM, would that force users or browsers to supply good data to advertisers (even if somewhat privacy sensitive fashion)? Or can browsers and users still feed bad data to $TRACKERs? I think the ability to do that would be important. As is declining to participate in the protocol, but that definitely is possible.
[17:25:06] <sftcd> would those interested in this be willing/interested in studying abuse cases to try make those harder where possible as part of the chartered work? (a bit speculative I know but might be apt here)
[17:25:22] Antoine Fressancourt_web_536 leaves the room
[17:25:26] <ekr@jabber.org> @sftcd: I think so, but I'm not sure I understand the question
[17:25:39] <Shivan Sahib_web_323> The charter currently seems too focused on a particular technique for privacy preserving measurements
[17:25:41] stephen, we already saw evidence of that thinking in the presentations IIRC
[17:25:41] <Watson Ladd_web_816> we can jabber scribe for you Wendy
[17:25:46] <sftcd> TBH, me neither really, but I'm still conviced it;s a good idea:-)
[17:25:53] Mariana Raykova_web_666 leaves the room
[17:25:54] Antoine Fressancourt_web_702 joins the room
[17:25:57] Mariana Raykova_web_915 joins the room
[17:26:06] <Martin Thomson_web_998> I have a problem with the name. I will suggest one on the list.
[17:26:07] <ekr@jabber.org> Shivan: I would say it's focused on a particular class of techniques
[17:26:09] <Wes Hardaker_web_459> @sftcd: I think a threat-model would be good to show where it works and where it doesn't help
[17:26:11] <ekr@jabber.org> @MT: please do.
[17:26:14] <sftcd> by "abuse cases" I mean spending time to publicly consider how the tech could be abused and to aim to mitigate that
[17:26:14] Antoine Fressancourt_web_702 leaves the room
[17:26:17] <npd> it is maybe a little unusual to define work as being for a value (user privacy), with the idea that one vendor refuses to make some changes until we do this other work
[17:26:17] <Christopher Wood_web_480> @Shivan by particular technique, do you mean Prio-style instead of accommodating things like STAR?
[17:26:18] Antoine Fressancourt_web_979 joins the room
[17:26:22] <Shivan Sahib_web_323> right
[17:26:32] <Christopher Wood_web_480> Gotcha
[17:26:35] <npd> I have very serious concerns about the name as well
[17:26:36] <Shivan Sahib_web_323> is there scope for different classes of techniques to solve the same problems
[17:26:38] <Shivan Sahib_web_323> ?
[17:26:40] <Watson Ladd_web_816> +1 Shivan: i think additional techniques might be worth including , even if not the top priority
[17:26:41] <Wendy Seltzer_web_168> (I was just going to voice support from W3C for this work, as there's work in incubation that could use it.)
[17:26:42] <ekr@jabber.org> @shivan: absolutely!
[17:26:44] <sftcd> @wes: more than a threat model IMO, it's spending effort to see how the fine protocols we define could be abused in ways we didn't envisage
[17:26:51] <David Oliver_web_684> perhaps a "WG will study and characterize abuse cases"?
[17:26:52] Christian Amsüss_web_741 leaves the room
[17:26:56] <Jari Arkko_web_797> @ekr - i do think this needs to go forward. and as you say this is generic tech, not necessarily tied to ad use case. (but hopefully you also understand the hesitation about supporting ad cases by some of us. pardon our care about that.)
[17:27:10] <ekr@jabber.org> @David: that's a good addition
[17:27:19] <Jari Arkko_web_797> +1 on abuse cases
[17:27:25] <sftcd> @ekr: I'd be v. happy with that addition
[17:27:34] Patrick Tarpey_web_279 leaves the room
[17:27:38] Patrick Tarpey_web_857 joins the room
[17:27:43] <sftcd> and even hopeful we'd spend real time on it:-)_
[17:27:48] Jari, I see the use case not as 'supporting ad tech' but 'forcing ad tech into healthier patterns so that we can disable problematic mechanisms like cookies'
[17:27:50] <Christopher Wood_web_480> Similar to OHAI, we can note some use cases
[17:27:59] <Jonathan Hoyland_web_432> +1 for explicit chartering of consideration of abuse cases.
[17:28:20] <Andrew Campling_web_858> +1 to documenting use case(s)
[17:28:26] <dkg> ♥ "abuse cases"
[17:28:42] <David Oliver_web_684> @dkg that's today's "meme"
[17:28:55] <Jari Arkko_web_797> @mnot i get that. But perhaps some of us would be happier in the "make advertising and data collection go away" camp. Sorry for being extreme. But it is my opinion :-)
[17:29:00] <Cullen Jennings_web_628> What is the timeline for completing the work ? It looks largely done when I read the draft.
[17:29:01] <Martin Thomson_web_998> I don't want to over-rotate on use cases. As ekr said, it's good to motivate the existence of the mechanism.
[17:29:01] <ekr@jabber.org> @Shivan: can you send a PR?
[17:29:02] <kaduk@jabber.org/barnowl> People who want use cases in the charter, is that having the WG
document use cases, or listing some use cases in the text of the
charter?
[17:29:12] Yaron Sheffer_web_673 leaves the room
[17:29:16] Yaron Sheffer_web_524 joins the room
[17:29:20] <Chris Seal_web_697> +1 for explicit chartering for considering abuse cases
[17:29:28] <ekr@jabber.org> I would be happy to rewrite that text to make it more general
[17:29:39] <David Oliver_web_684> @kaduk the WG should as part of its work clarify use case
[17:29:40] Jari - so you're all for first-part targeting, then? :)
[17:29:41] <sftcd> @ben: I'm fine without much on use-cases, effort spent on abuse cases doesn't require that I think
[17:29:41] <dkg> i'd support such a PR, Shivan
[17:29:42] <Dirk Kutscher_web_654> So, I'm generally supporting this, also for the reasons that Mark mentioned (offering better tech alternatives), but I'd like the technology consequences discussion should be recorded.
[17:29:56] Yaron Sheffer_web_524 leaves the room
[17:29:57] <Christopher Wood_web_480> Thanks, Shivan!
[17:30:00] Yaron Sheffer_web_118 joins the room
[17:30:09] Hannes Tschofenig_web_517 leaves the room
[17:30:12] <Martin Thomson_web_998> "multiple, non-colluding servers" <- threat model
[17:30:13] Hannes Tschofenig_web_459 joins the room
[17:30:13] <Wendy Seltzer_web_168> @jari, this could get halfway there, with making go away some of the bad primitives people are maintaining only to support ads use cases.
[17:30:15] <sftcd> I think David O' suggested text was good enough for charter text no more needed
[17:30:18] I agree that a nuanced discussion and documentation of the use, abuse, and properties will be helpful.
[17:30:19] David Benjamin_web_707 leaves the room
[17:30:29] <Mirja Kühlewind_web_502> do we need something in the charter about the aggression itself? I mean how do I know as the client what exactly would happen with my data? Or why would I support such a system if I don't know that?
[17:30:41] <Jonathan Hoyland_web_432> +1 sftcd @David O.
[17:30:46] <ekr@jabber.org> I think that's delivered out of band
[17:30:53] <Mirja Kühlewind_web_502> maybe this falls into the abuse analysis bucket...
[17:30:55] <kaduk@jabber.org/barnowl> Mirja: did you want s/aggression/aggregation/?
[17:30:56] <Jeffrey Yasskin_web_319> Martin: there's also something about who approves the protocol details. e.g. that in browsers, it would be the browsers adopting aggregation functions, not the advertisers or adtech companies.
[17:31:04] <Jeffrey Yasskin_web_319> Martin: (for the threat model)
[17:31:06] <Mirja Kühlewind_web_502> yes aggregation
[17:31:06] <sftcd> aggression would be funny
[17:31:08] <Alissa Cooper_web_769> @mirja there is language in the charter about aggregation
[17:31:10] <ekr@jabber.org> I think that Erik is proposing probably should be at the vdaf level
[17:31:17] <ekr@jabber.org> But you know, PRs welcome :)
[17:31:32] <Martin Thomson_web_998> Jeffrey: I was being trite. Fact is, a good threat model for this is far too difficult to write into a charter.
[17:31:33] <dkg> aggression and abuse cases -- it's getting pretty dark
[17:31:46] Mariana Raykova_web_915 leaves the room
[17:31:50] <Mirja Kühlewind_web_502> sorry :-(
[17:31:53] <Roman Danyliw_web_712> I heard "add a work item to document the use cases/abuse cases"
[17:31:55] <kaduk@jabber.org/barnowl> At least nobody has been called a dog in this session...
[17:31:55] Mariana Raykova_web_105 joins the room
[17:31:59] <ekr@jabber.org> I would consider that an aggregate
[17:32:00] @dkg getting?
[17:32:02] Prapanch Ramamoorthy_web_134 leaves the room
[17:32:10] <Bradford Lassey_web_523> I would as well
[17:32:14] <Christopher Patton_web_328> @charlie I think an ML model can be considered an "aggregate".
[17:32:17] <Bradford Lassey_web_523> but would be good to clarify
[17:32:17] <dkg> mnot: sorry, i believe the term is "going" dark
[17:32:17] <Jeffrey Yasskin_web_319> Martin: +1
[17:32:17] <sftcd> @roman: the more that effort was spent on abuse cases and the less on use cases the happier I'd be
[17:32:18] <Erik Taubeneck_web_190> +1 to Charlie's inclusion of ML models as aggregates
[17:32:22] <ekr@jabber.org> Though really you should just do OLS!
[17:32:26] <Roman Danyliw_web_712> I also heard "clarify charter text to generalize for flexibility for alternatives/agility to add/swap approaches (e.g., Prio/heavy hitters)"
[17:32:30] @dkg LOLOLOL
[17:33:01] <Martin Thomson_web_998> I think that we already have one specific abuse case and a mitigation (proofs of validity)
[17:33:07] <Roman Danyliw_web_712> @sftcd, yes, but there was other feedback to clarify the use cases too
[17:33:20] <Watson Ladd_web_816> LASSO
[17:33:40] <Christopher Patton_web_328> what do we mean by "abuse"?
[17:33:40] <ekr@jabber.org> @watson: indeed.
[17:33:51] <David Oliver_web_684> @sftcd is abuse "collusion" in your mind?
[17:33:54] <sftcd> @chrisP: that'd be the work to do
[17:33:57] Bill Woodcock_web_175 leaves the room
[17:34:05] <Christopher Patton_web_328> one of our goals is that "invalid inputs" should be detected and removed from thei nputs
[17:34:19] <dkg> Patton: there are at least two forms: (a) "gathering private data" that ends up exposing sensitive info and (b) clients tampering with aggregate measurements
[17:34:25] <Martin Thomson_web_998> Building a machine learning model, step 1: build it without machine learning.
[17:34:29] <Dirk Kutscher_web_654> "collusion" is a threat model -- "bad use cases" are abuse
[17:34:33] <sftcd> @davidO: that's one, but also maybe e.g. measuring with too-small aggregates maybe or changing the kind of measurements after someone opted-in - not all abuses might be fixable but some may
[17:34:43] <ekr@jabber.org> @sftcd: absolutely
[17:34:48] <Jonathan Lennox_web_173> Especially in the cases where invalid inputs are not just griefing but actively conducive for fraud.
[17:35:06] <dkg> "invalid inputs" is only one form of potential abuse from clients -- there could also be invalid patterns of submission (e.g. sybil attacks)
[17:35:06] <ekr@jabber.org> I don't object to changing it from PRIV
[17:35:12] <Charlie Harrison_web_608> +1 to changing the name
[17:35:15] <Christian Huitema_web_594> +1 on name being confusing
[17:35:20] <Florence D_web_881> I think use cases and abuse cases are very different (if similarly named) things, both have value for different reasons.
[17:35:23] <ekr@jabber.org> Though people seemed to be perfectly happy to have a protocol named QUIC even though it wasn't the only fast thing on the Web
[17:35:27] <Erik Taubeneck_web_190> +1 to changing the name
[17:35:27] <Eric Orth_web_146> +1 to "PRIV" sounding too much like some overall privacy group.
[17:35:33] <Tommy Jensen_web_528> How about "Gather Data Privately at Runtime" as a name, GDPR for short?
[17:35:37] <Robin Wilton_web_962> @Watson would you remove "values" from the name, or insert them in the Charter?
[17:35:48] <Chris Box_web_873> @tommy lol
[17:35:52] <David Oliver_web_684> @sftcd you really got the crowd riled up!
[17:36:09] <Andrew Campling_web_858> @Tommy J :slightly_smiling_face:
[17:36:13] <ekr@jabber.org> I want to be clear that I generated PRIV by backronyming after people objected to PPM
[17:36:20] <Charlie Harrison_web_608> :S
[17:36:23] Christopher Patton_web_328 leaves the room
[17:36:27] Christopher Patton_web_567 joins the room
[17:36:31] <Jonathan Lennox_web_173> What was the objection to PPM?
[17:36:32] Warren Kumari_web_132 leaves the room
[17:36:38] <ekr@jabber.org> Too close to IPPM
[17:37:02] <kaduk@jabber.org/barnowl> Also, "it's not parts per million"
[17:37:13] <kaduk@jabber.org/barnowl> But I think the IPPM people cared more than I did about that part
[17:37:17] <Erik Taubeneck_web_190> why not include aggregation? PPA? (Privacy Preserving Aggregation)
[17:37:24] <Martin Thomson_web_998> One obvious problem here is Sybil attacks.
[17:37:27] <dkg> PPAM -- privacy-preserving aggregated metrics
[17:37:28] <ekr@jabber.org> Because it puns on Privacy Preserving ADs
[17:37:30] <Mirja Kühlewind_web_502> (is PRIV like DPRIVE but without DNS and Encryption?)
[17:38:06] Mariana Raykova_web_105 leaves the room
[17:38:10] Mariana Raykova_web_876 joins the room
[17:38:16] <Mariana Raykova_web_876> PPA = Privacy Preserving Analytics
[17:38:21] <Martin Thomson_web_998> Jari: most of the systems allow users to opt out without obviously doing so
[17:38:22] <Jonathan Hoyland_web_432> @dkg Does English allow a double P at the start of a word?
[17:38:33] <dkg> english allows everything
[17:38:36] Philip Eardley_web_476 joins the room
[17:38:38] <sftcd> ppossibly
[17:38:46] <Andrew Campling_web_858> It's very inclusive
[17:38:58] <Patrick Tarpey_web_857> Private Aggregate Measurements...
[17:39:25] <npd> I think realistic opt-in and opt-out (about privacy-relevant activities in online browsing) are super valuable topics to work on, but it seems like this charter is not about that topic
[17:39:33] Pete Resnick_web_163 leaves the room
[17:39:37] <Antoine Fressancourt_web_979> @Martin would a generic opt out switch be possibly in the priv work ?
[17:39:40] <Mirja Kühlewind_web_502> aggregated measurements for privacy (AMP)
[17:39:42] <ErikAnderson> Microsoft is interested in pursuing this work. As discussed in other forums, we would like to flesh out the ads-related use cases within the W3C's PAT CG to provide input into the IETF work here. Similar to Charlie's point, we'd like to make sure that the charter isn't overconstrained on use cases that would be considered.
[17:39:43] <David Oliver_web_684> +1 @npd
[17:39:54] Mirja: well done.
[17:40:11] <ErikAnderson> And in the spirit of fun name proposals, perhaps "Collection and Computation of Private Aggregates" (CCPA)?
[17:40:18] <Benjamin Schwartz_web_452> SPLITSTATS
[17:40:24] <sftcd> i agree that arguing about desirability of opt-in/out here wouldn't likely be useful, but considering what can happen after e.g. an opt-in that results in a mismatch with reaonable user expectation might be in scope
[17:40:26] <Andrew Campling_web_858> Noting abuse, PPAM - Possibly Private Aggregated Mechanism?
[17:40:29] <ekr@jabber.org> I hear anybody complaining about the name, I'm gonna spend some time inventing a name that has the acronym QUIC
[17:40:41] <Jonathan Hoyland_web_432> @Erik too close to CPA
[17:40:52] <sftcd> CIUQ expanded somehow
[17:40:53] <dkg> schwartz: we just talked about updating the charter to not require "splits" (non-colluding servers)
[17:41:03] <npd> mt, jari -- was the opt-in/opt-out about participating in the aggregated measurement? or that separately users need more effective ways to opt in and opt out of tracking?
[17:41:18] Transmitting Collections Privately
[17:41:27] <dkg> mnot: ha ha
[17:41:34] Nick Doty_web_892 leaves the room
[17:41:38] Nick Doty_web_374 joins the room
[17:41:53] Tara Whalen_web_968 joins the room
[17:42:19] <Jonathan Hoyland_web_432> I'm still a fan of PPAM, just because of the double P at the start. Sounds like something out of a comic book.
[17:42:23] Patrick Tarpey_web_857 leaves the room
[17:42:27] Patrick Tarpey_web_751 joins the room
[17:42:44] <Lucas Pardue_web_779> cumulative, reliable , anonymous, private, browser aggregate generation
[17:42:51] <Chris Box_web_873> Something I haven't seen discussed so far (unless I missed it) is transparency. As a end user it would be useful to know which data my device is sending and who gets to see the results. Is there anything the WG could do to enable greater transparency of the measurements shared, either to me, or to an independent organisation that watches these things? Possibly not, but thought I'd ask.
[17:43:35] <Andrew Campling_web_858> @Lucas Genius
[17:43:58] <Jonathan Hoyland_web_432> @Chris from the charter:A successful PRIV system assumes that clients and the various
servers are configured with each other's identities and details of
the types of measurements to be taken.
[17:44:11] Hannes Tschofenig_web_459 leaves the room
[17:44:24] <Chris Box_web_873> So I have to disassemble the client software to find out?
[17:44:25] <npd> I think it's a serious problem (that could decrease the relative advantage of adopting these systems) that users may not actually understand the details of all the parties involved or who they are trusting. +1 Chris Box
[17:44:27] Göran Selander_web_299 joins the room
[17:44:28] <sftcd> @ekr: I guess it depends to some extent on how delay-tolerant the protocols are - if they can have higher latency etc it'd be more easy for wes to be a helper (I'm not sure the name suits me though:-)
[17:45:00] <dkg> npd: i think we can guarantee that the overwhelming majority of users will not actually understand the details, regardless of transparency :/
[17:45:02] <Martin Thomson_web_998> Chris Patton: that goal might not be achievable in all cases
[17:45:05] <Andrew Campling_web_858> Could the helper functionality be used as proof of work for crypto?
[17:45:06] Mariana Raykova_web_876 leaves the room
[17:45:06] <Watson Ladd_web_816> do you need to dissable firefox to see about:telemetry?
[17:45:10] Mariana Raykova_web_123 joins the room
[17:45:14] <dkg> (that said, +1 to Box's point about wanting it to be available)
[17:45:20] <ekr@jabber.org> @Chris: well, I would hope that clients would tell you (for instance, if you go to about:telemetry in Firefox you can see what we send). But it's generally true that you have to trust clients not to just send your data to DKG
[17:45:27] <David Oliver_web_684> Pareto Principle would claim that while a large number would try early on, it will devolve to a very small number in the future
[17:45:31] <Mirja Kühlewind_web_502> Chris I was also thinking about transparency (but didn't find the right word). would be nice to have that addressed in this group as well but not sure how that could work.
[17:45:39] <dkg> ekr: your jabber client is sending data to me right now
[17:45:46] <npd> "modulo any changes we discussed today" is pretty big
[17:45:48] <ekr@jabber.org> Damn, I wish I had reconfigured
[17:45:55] Subir Das_web_249 leaves the room
[17:46:03] <Watson Ladd_web_816> is this inclusive of tweaks?
[17:46:05] Erik Taubeneck_web_190 leaves the room
[17:46:09] <David Oliver_web_684> also research was presented yesterday suggested backend service providers were consolidating not getting more diverse
[17:46:09] Erik Taubeneck_web_291 joins the room
[17:46:10] <Benjamin Schwartz_web_452> Random thought: It might be good for the helpers to provide the client with a signed, dated claim about the VDAF parameters in use.
[17:46:11] <sftcd> @watson: yes
[17:46:12] <Christopher Patton_web_567> I'd love to hear from dissenters
[17:46:13] <Martin Thomson_web_998> This poll tool is terrible. What is wrong with Yes/No?
[17:46:13] <Christopher Wood_web_480> @Watson I believe so
[17:46:17] <Andrew Campling_web_858> @npd +1, some mutually exclusive points made
[17:46:24] <Alissa Cooper_web_769> Yes, inclusive of tweaks @Watson
[17:46:25] <dkg> watson, i said yes based on it being inclusive of tweaks today
[17:46:27] <ekr@jabber.org> @watson: yes, there will be a final IETFLC with a real charter, so it's not a binding cntract
[17:46:36] <Ted Hardie_web_713> I didn't answer this one because I do not have a good sense of the modulo clause. (no answer, that is, not a negative answer)
[17:46:48] <Robin Wilton_web_962> ditto to Ted
[17:46:57] <ekr@jabber.org> > Random thought: It might be good for the helpers to provide the client with a signed, dated claim about the VDAF parameters in use.
[17:47:06] <sftcd> what was the result for the record? (I closed the window after saynig yes)
[17:47:12] <ekr@jabber.org> 63:10 for
[17:47:29] <Jonathan Lennox_web_173> Results can be seen in the Meetecho "Show of Hands Tool" tab
[17:47:29] <npd> I understand it's not completely binding, but "modulo" is just very open-ended
[17:47:32] <ekr@jabber.org> SFTCD: as I said 63 for, 10 against
[17:47:52] <dkg> that's a lot of things. do we have to agree with all three statements to raise hands?
[17:47:53] <Bob Moskowitz> NOt well enough scoped. But that can be fixed.
[17:47:55] <ekr@jabber.org> @npd: some of the VDAF parameters are manifest to the client
[17:47:56] Monika Ermert_web_607 leaves the room
[17:47:57] <ekr@jabber.org> Some of them are not
[17:47:59] Peter Koch_web_291 leaves the room
[17:48:00] Monika Ermert_web_228 joins the room
[17:48:07] <kaduk@jabber.org/barnowl> dkg: as written, yes, you have to agree to all three
[17:48:14] Peter Koch_web_250 joins the room
[17:48:29] Yaron Sheffer_web_118 leaves the room
[17:48:39] <dkg> i'm amazed that so many people are confident this is solvable.
[17:48:43] <Martin Thomson_web_998> this question is "ready for engineering", which is hard to answer "no" to given the scale of the ISRG deployment
[17:49:08] <Allison Mankin_web_843> I'd be happier answering "Do we think the problem statement is in good shape and will be all those things with some work". But I think it's all useful to solve and solvable
[17:49:14] <Mirja Kühlewind_web_502> we can spec a protocol. does it actually solve the problem? Who knows...
[17:49:17] <sftcd> +1 Alison
[17:49:25] <David Oliver_web_684> @dkg that's why I think we need the WG to set out a "solvable subset" based on "use" or "abuse" cases <grin>
[17:49:30] <dkg> +1 Mirja
[17:49:36] <Phillip Hallam-Baker_web_734> Nope, I don't believe we know what the problem is!
[17:49:53] <Alissa Cooper_web_769> we took the questions from RFC 5434
[17:49:57] <Bob Moskowitz> Have to go now. Been interesting. Bye.
[17:50:00] <Lixia Zhang_web_776> the question being asked sounds over-stated
[17:50:00] Bob Moskowitz leaves the room
[17:50:08] <David Oliver_web_684> Whether it's use or abuse, the WG needs to do it AFTER charter in my view
[17:50:26] <sftcd> +1
[17:50:40] Patrick Tarpey_web_751 leaves the room
[17:50:41] <ekr@jabber.org> To be clear, "Value" was just there to make it be PRIV
[17:50:42] <Jari Arkko_web_797> I think the charter can briefly justify the work by referring to the (clear) use cases. The charter shuld require work on identiifynig abuse cases because that's the work needed to ensure we can do this safely.
[17:50:44] Robert Moskowitz_web_809 leaves the room
[17:50:47] Sanjay Mishra_web_794 leaves the room
[17:51:10] <Lucas Pardue_web_779> one more: measuring users with a privacy preserving extensible technology - MUPPET
[17:51:17] <Robin Wilton_web_962> @ekr Right, but the word "value" is loaded.
[17:51:20] <David Oliver_web_684> @ekr is admitting it was an in-joke I love it
[17:51:22] <Roman Danyliw_web_712> The name of the WG does NOT formally affect the scope of the WG. The charter text is what matters.
[17:51:23] <Erik Taubeneck_web_291> doesn't aggregation/measurement imply value? i'm not sure why not inclucding "value" is meaningful
[17:51:27] <npd> I think the name and the use cases/abuse cases is definitely addressable
[17:51:28] <Shivan Sahib_web_323> honestly like PPM
[17:51:35] <ekr@jabber.org> @Shivan: me too!
[17:51:39] <Jonathan Lennox_web_173> I think people are thinking ethical values.
[17:51:41] <Erik Taubeneck_web_291> +1 to PPM
[17:51:42] <dkg> Erik: "values" like moral values
[17:51:45] <Christopher Wood_web_480> review
[17:51:45] <Richard Barnes_web_931> +1 to PPM. confusion with IPPM seems unlikely
[17:51:45] <Watson Ladd_web_816> review
[17:51:46] <Erik Taubeneck_web_291> review
[17:51:47] <Robert Sparks_web_297> review
[17:51:47] <ekr@jabber.org> review
[17:51:47] <David Oliver_web_684> REVIEW
[17:51:48] <sftcd> review
[17:51:48] <Wendy Seltzer_web_168> review
[17:51:49] <dkg> review
[17:51:49] <Tim Geoghegan_web_152> review
[17:51:49] <Christopher Patton_web_567> review
[17:51:50] <Martin Thomson_web_998> review
[17:51:50] <Richard Barnes_web_931> review
[17:51:51] review
[17:51:51] <Charlie Harrison_web_608> review
[17:51:51] <Dirk Kutscher_web_654> review
[17:51:52] <ErikAnderson> review
[17:51:53] <Shivan Sahib_web_323> review
[17:51:53] <Kris Shrishak_web_154> review
[17:51:53] <Rich Salz_web_841> review
[17:51:53] <Joseph Salowey_web_478> review
[17:51:54] <stpeter> review
[17:51:55] <npd> review
[17:51:56] <Cullen Jennings_web_628> Review
[17:51:59] Mariana Raykova_web_123 leaves the room
[17:52:01] <Nalini Elkins_web_109> review
[17:52:01] <Chris Box_web_873> review
[17:52:02] <Robin Wilton_web_962> @Roman fine, but the *discussion* in the chat left doubt about the scope, not just the label.
[17:52:07] <Shivan Sahib_web_323> "+1 to PPM. confusion with IPPM seems unlikely" +100
[17:52:08] <Allison Mankin_web_843> Review
[17:52:08] <Wes Hardaker_web_459> DATA: data anonymization toward aggregators
[17:52:10] Mariana Raykova_web_148 joins the room
[17:52:11] <Jari Arkko_web_797> review
[17:52:14] <ekr@jabber.org> To be clear this was "value" in the mathematical sense. I assume we bring values to all of our work
[17:52:16] <ekr@jabber.org> eidt
[17:52:16] <Richard Barnes_web_931> edit
[17:52:17] <ekr@jabber.org> edit
[17:52:18] <Christopher Wood_web_480> edit
[17:52:18] <Erik Taubeneck_web_291> edit
[17:52:20] <Tim Geoghegan_web_152> edit
[17:52:24] <Martin Thomson_web_998> edit
[17:52:24] <Christopher Patton_web_567> edit
[17:52:27] <sftcd> maybe edit, depending
[17:52:37] <Mariana Raykova_web_148> edit, review
[17:52:37] <Phillip Hallam-Baker_web_734> eidt
[17:52:38] <kaduk@jabber.org/barnowl> SHEEP: Secure HTTP-based Engagement and Effectiveness Protocol
[17:52:39] <sftcd> (not plans to but willing to)
[17:52:40] Burt Kaliski_web_736 leaves the room
[17:52:47] <Dirk Kutscher_web_654> +1 to DATA
[17:52:49] <Charlie Harrison_web_608> possibly edit
[17:52:59] <Eric Orth_web_146> I liked "MUPPET" even though it scrolled out of my window before I could read what it stood for.
[17:53:00] <ekr@jabber.org> @Dirk: because nothing else in IETF involves DATA
[17:53:02] <dkg> sheep is a great way to get ppl to avoid adopting
[17:53:11] <sftcd> wolves
[17:53:22] <Phillip Hallam-Baker_web_734> I might have a bunch of text already...
[17:53:24] <Dirk Kutscher_web_654> yes...
[17:53:28] <Jonathan Lennox_web_173> Would not recommend WG names that are Disney trademarks
[17:53:31] <Jonathan Hoyland_web_432> Given that KITTEN is taken, maybe PUPPY?
[17:53:42] <Jonathan Hoyland_web_432> Most people like puppies.
[17:53:48] <David Oliver_web_684> I think it's very valuable to abstract farther than "advertising" use cases
[17:53:51] <Mirja Kühlewind_web_502> +1 for PUPPY is has a P that all we need right?
[17:53:53] <Andrew Campling_web_858> AD Tag - needs reverse engineering
[17:53:53] <Lucas Pardue_web_779> kermit protocol
[17:54:09] <Watson Ladd_web_816> kermit is already taken
[17:54:15] <Phillip Hallam-Baker_web_734> MOPPET
[17:54:16] Francois Ortolan_web_120 leaves the room
[17:54:22] <npd> where are charter suggestions/discussion to take place?
[17:54:28] <Martin Thomson_web_998> ppm@ietf.org
[17:54:29] <ekr@jabber.org> @npd: on the list or github
[17:54:30] <David Oliver_web_684> "Quite Unique and Interesting Challenge" Working Group
[17:54:38] <npd> thanks
[17:54:39] <sftcd> idkwtsi could be a good wg name (I don't know what the solution is)
[17:54:40] <ekr@jabber.org> https://github.com/abetterinternet/ppm-specification/blob/main/charter.md
[17:54:41] <Phillip Hallam-Baker_web_734> DOOMED
[17:54:45] Christopher Wood_web_480 leaves the room
[17:54:46] <Dirk Kutscher_web_654> thanks -- was interesting
[17:54:47] Bradford Lassey_web_523 leaves the room
[17:54:47] Philip Eardley_web_476 leaves the room
[17:54:47] <David Oliver_web_684> excellent work, folks
[17:54:48] Jake Holland_web_664 leaves the room
[17:54:48] Florence D_web_881 leaves the room
[17:54:49] <Massimiliano Pala_web_503> Thanks everybody!
[17:54:49] Jonathan Hammell_web_124 leaves the room
[17:54:49] Chris Lemmons_web_328 leaves the room
[17:54:50] <Martin Thomson_web_998> and a well-run BoF, thanks chairs
[17:54:50] Tommy Pauly_web_499 leaves the room
[17:54:51] Bradford Lassey_web_644 joins the room
[17:54:51] <Wendy Seltzer_web_168> Applied Privacy Preserving Labels Evolved Privately In E... APPLE PIE
[17:54:51] Valery Smyslov_web_954 leaves the room
[17:54:51] Tara Whalen_web_968 leaves the room
[17:54:53] Deb Cooley_web_496 leaves the room
[17:54:53] <Charlie Harrison_web_608> thanks everyone!
[17:54:54] Kyle Ouellette_web_348 leaves the room
[17:54:54] Steve Olshansky_web_345 leaves the room
[17:54:54] Ben Campbell_web_563 leaves the room
[17:54:56] Lucy Lynch_web_784 leaves the room
[17:54:57] Göran Selander_web_299 leaves the room
[17:54:58] Kris Shrishak_web_154 leaves the room
[17:54:58] Chi-Jiun Su_web_746 leaves the room
[17:54:59] <Robin Wilton_web_962> Thanks all - lively and relevant.
[17:55:00] Richard Barnes_web_931 leaves the room
[17:55:00] <Tim Geoghegan_web_152> Thanks, this was fun!
[17:55:00] Roman Danyliw_web_712 leaves the room
[17:55:04] <Christopher Patton_web_567> hahahaha @Wendy
[17:55:04] Andrew Campling_web_858 leaves the room
[17:55:04] David Oliver_web_684 leaves the room
[17:55:08] Brandon Pitman_web_649 leaves the room
[17:55:09] Shinta Sato_web_942 leaves the room
[17:55:10] Benjamin Kaduk_web_346 leaves the room
[17:55:11] Daniel Gillmor_web_422 leaves the room
[17:55:13] Charlie Harrison_web_608 leaves the room
[17:55:14] <Erik Taubeneck_web_291> thanks all, and chairs!
[17:55:14] Lorenzo Miniero_web_125 leaves the room
[17:55:15] Benjamin Schwartz_web_452 leaves the room
[17:55:15] Kesara Rathnayake_web_277 leaves the room
[17:55:16] James Galvin_web_308 leaves the room
[17:55:17] <Juan-Carlos Zúñiga_web_169> Thanks!
[17:55:18] Christopher Inacio_web_915 leaves the room
[17:55:18] Dirk Kutscher_web_654 leaves the room
[17:55:21] Jeffrey Yasskin_web_319 leaves the room
[17:55:21] Jonathan Hoyland_web_432 leaves the room
[17:55:22] Joseph Salowey_web_478 leaves the room
[17:55:23] Barry Leiba_web_605 leaves the room
[17:55:23] Yoshiro Yoneya_web_736 leaves the room
[17:55:23] Ted Hardie_web_713 leaves the room
[17:55:23] Robert Sparks_web_297 leaves the room
[17:55:24] Nick Banks_web_897 leaves the room
[17:55:25] Joey Salazar_web_442 leaves the room
[17:55:25] Michael Bilca_web_725 leaves the room
[17:55:25] Joerg Ott_web_214 leaves the room
[17:55:26] Justin Richer_web_266 leaves the room
[17:55:27] Nalini Elkins_web_109 leaves the room
[17:55:27] Christian Huitema_web_594 leaves the room
[17:55:27] Mark Nottingham_web_721 leaves the room
[17:55:28] Eric Rescorla_web_902 leaves the room
[17:55:28] Jari Arkko_web_797 leaves the room
[17:55:28] Eric Rosenberg_web_326 leaves the room
[17:55:28] Benoît Claise_web_735 leaves the room
[17:55:29] Watson Ladd_web_816 leaves the room
[17:55:30] Rich Salz_web_841 leaves the room
[17:55:31] Tero Kivinen_web_830 leaves the room
[17:55:32] Stephen Farrell_web_831 leaves the room
[17:55:32] Chris Seal_web_697 leaves the room
[17:55:32] Yuji Suga_web_943 leaves the room
[17:55:33] Xavier de Foy_web_612 leaves the room
[17:55:34] Cullen Jennings_web_628 leaves the room
[17:55:35] <Phillipp Schoppmann_web_917> Thanks everyone!
[17:55:35] Greg Wood_web_138 leaves the room
[17:55:36] Tommy Jensen_web_528 leaves the room
[17:55:43] Phillip Hallam-Baker_web_734 leaves the room
[17:55:44] Jim Reid_web_171 leaves the room
[17:55:44] Lixia Zhang_web_776 leaves the room
[17:55:45] Robin Wilton_web_962 leaves the room
[17:55:47] Karen Staley_web_276 leaves the room
[17:55:48] <npd> did we finish five minutes early? that's especially impressive time-management
[17:55:48] Eric Orth_web_146 leaves the room
[17:55:50] Christopher Patton_web_567 leaves the room
[17:55:51] Erik Anderson_web_681 leaves the room
[17:55:52] Eric Kinnear_web_465 leaves the room
[17:55:52] Alissa Cooper_web_769 leaves the room
[17:55:53] Chonggang Wang_web_474 leaves the room
[17:55:54] Timothy Carlin_web_166 leaves the room
[17:55:55] Michael Breuer_web_440 leaves the room
[17:55:56] Alyssa Thompson_web_197 leaves the room
[17:55:56] Mirja Kühlewind_web_502 leaves the room
[17:55:56] abdullahalshoaili_web_216 leaves the room
[17:55:57] Jen Hufford_web_558 leaves the room
[17:55:57] Chris Box_web_873 leaves the room
[17:55:58] Wendy Seltzer_web_168 leaves the room
[17:55:58] Monika Ermert_web_228 leaves the room
[17:55:58] Jiri Novotny_web_113 leaves the room
[17:55:59] Takahiro Nemoto_web_986 leaves the room
[17:55:59] Andrew S_web_200 leaves the room
[17:56:00] Kirsty Paine_web_358 leaves the room
[17:56:01] Michael B_web_231 leaves the room
[17:56:02] Wendy Seltzer_web_277 joins the room
[17:56:03] Yoshiro Yoneya leaves the room
[17:56:04] Peter Koch_web_250 leaves the room
[17:56:05] Juan-Carlos Zúñiga_web_169 leaves the room
[17:56:06] Yumi Sakemi_web_176 leaves the room
[17:56:06] Tim Geoghegan_web_152 leaves the room
[17:56:06] ErikAnderson leaves the room
[17:56:08] Mariana Raykova_web_148 leaves the room
[17:56:10] Taiji Kimura_web_103 leaves the room
[17:56:10] Alessandro Ghedini_web_232 leaves the room
[17:56:12] John Preuß Mattsson_web_641 leaves the room
[17:56:12] Martin Thomson_web_998 leaves the room
[17:56:12] Jonathan Lennox_web_173 leaves the room
[17:56:13] Wes Hardaker_web_459 leaves the room
[17:56:13] David Lawrence_web_356 leaves the room
[17:56:15] Dominique Lazanski_web_239 leaves the room
[17:56:17] Phillipp Schoppmann_web_917 leaves the room
[17:56:18] Peter Saint-Andre_web_698 leaves the room
[17:56:23] Rikard Höglund_web_883 leaves the room
[17:56:29] Satoru Kanno_web_135 leaves the room
[17:56:38] Erik Taubeneck_web_291 leaves the room
[17:56:39] Bradford Lassey_web_644 leaves the room
[17:56:40] abdullahalshoaili_web_835 joins the room
[17:56:50] Shivan Sahib_web_323 leaves the room
[17:56:51] Ned Freed_web_400 leaves the room
[17:56:52] Daniel Migault_web_506 leaves the room
[17:56:52] Alessandro Amirante_web_206 leaves the room
[17:56:52] Sue Ciminelli_web_148 leaves the room
[17:56:52] Ken Takayama_web_107 leaves the room
[17:56:52] Lucas Pardue_web_779 leaves the room
[17:56:52] Zaid AlBanna_web_521 leaves the room
[17:56:52] Adam Roach_web_173 leaves the room
[17:56:52] David Schinazi_web_818 leaves the room
[17:56:52] Kazunori Fujiwara_web_580 leaves the room
[17:56:52] Stuart Cheshire_web_644 leaves the room
[17:56:52] Frode Kileng_web_534 leaves the room
[17:56:52] Quynh Dang_web_171 leaves the room
[17:56:52] Chris Wendt_web_566 leaves the room
[17:56:52] Yahya_web_838 leaves the room
[17:56:52] Tadahiko Ito_web_770 leaves the room
[17:56:52] Simon Hicks_web_865 leaves the room
[17:56:52] Greg Schumacher_web_595 leaves the room
[17:56:52] Kohei Isobe_web_185 leaves the room
[17:56:52] Joel Jaeggli_web_578 leaves the room
[17:56:52] Karen O'Donoghue_web_130 leaves the room
[17:56:52] Stephen McQuistin_web_968 leaves the room
[17:56:52] Massimiliano Pala_web_503 leaves the room
[17:56:52] Allison Mankin_web_843 leaves the room
[17:56:52] Erik Nordmark_web_675 leaves the room
[17:56:52] Bernie Hoeneisen_web_511 leaves the room
[17:56:52] Luigi Iannone_web_896 leaves the room
[17:56:52] Craig Pearce_web_574 leaves the room
[17:56:52] Nick Doty_web_374 leaves the room
[17:56:52] Stephan Emile_web_126 leaves the room
[17:56:52] Antoine Fressancourt_web_979 leaves the room
[17:56:52] Wendy Seltzer_web_277 leaves the room
[17:56:52] abdullahalshoaili_web_835 leaves the room
[17:56:54] Craig Pearce joins the room
[18:02:56] Meetecho leaves the room
[18:03:34] Craig Pearce leaves the room
[18:03:39] Craig Pearce joins the room
[18:08:41] Craig Pearce leaves the room
[18:16:10] fightingnemo leaves the room
[18:20:12] alexamirante leaves the room
[18:21:04] Craig Pearce joins the room
[18:25:19] ekr@jabber.org leaves the room
[18:26:06] Craig Pearce leaves the room
[18:27:20] ekr@jabber.org joins the room
[18:28:13] sftcd leaves the room
[18:42:49] ekr@jabber.org leaves the room
[18:45:21] ekr@jabber.org joins the room
[18:57:53] ekr@jabber.org leaves the room
[19:03:01] ekr@jabber.org joins the room
[19:17:21] ekr@jabber.org leaves the room
[19:21:02] ekr@jabber.org joins the room
[19:33:22] ekr@jabber.org leaves the room
[19:38:20] ekr@jabber.org joins the room
[19:52:01] ekr@jabber.org leaves the room
[19:56:47] ekr@jabber.org joins the room
[20:09:31] ekr@jabber.org leaves the room
[20:13:47] ekr@jabber.org joins the room
[20:52:43] stpeter leaves the room
[21:07:32] ekr@jabber.org leaves the room
[22:02:15] ekr@jabber.org joins the room
[22:34:12] ekr@jabber.org leaves the room

Powered by ejabberd - robust, scalable and extensible XMPP server