Emphasizing data minimization among protocol participants
draft-arkko-iab-data-minimization-principle-05
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Jari Arkko | ||
Last updated | 2024-01-11 (Latest revision 2023-07-10) | ||
RFC stream | Internet Architecture Board (IAB) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | IAB state | (None) | |
Consensus boilerplate | Unknown | ||
IAB shepherd | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Data minimization is an important privacy technique, as it can reduce the amount information exposed about a user. This document emphasizes the need for data minimization among primary protocol participants, such as between clients and servers. Avoiding data leakage to outside parties is of course very important as well, but both need to be considered in minimization. This is because is necessary to protect against endpoints that are compromised, malicious, or whose interests simply do not align with the interests of users. It is important to consider the role of a participant and limit any data provided to it according to that role.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)