[rssac-caucus] [Ext] Re: FOR REVIEW: Harmonizing the Anonymization of Queries to the Root
Paul Hoffman
paul.hoffman at icann.org
Tue Feb 13 17:26:37 UTC 2018
On Feb 13, 2018, at 8:38 AM, Joao Damas <joao at bondis.org> wrote:
>
> Great document!
> Any chance the study could analyse the idea of an “anon server” where a centralised system (OARC, ICANN, someone else) would run the crypto-anonimisation based on an input list sent by a given DNS operator, allowing cross-operator correlation for all operators using the system without sharing the secret?
We could do that if there is any interest. It has a few drawbacks:
- The system would not be real-time (although it could be close).
- The RSOs would have to trust the operator of the system to keep the random key secret, forever.
- When one RSO sends its list to the system, that RSO then knows the source addresses seen by other RSOs if there is overlap in the lists.
Does this seem worth pursuing?
--Paul Hoffman
More information about the rssac-caucus
mailing list