The long-running work on MASQUE - proxying all network-layer datatypes over QUIC (HTTP/3) - is nearing completion, with the specification for Proxying IP in HTTP in IESG review. With these components in place, the original MASQUE concept - a non-probable relay for client traffic providing privacy guarantees - has been revived, now defined within the new framework and leveraging HTTP Unprompted Authentication.
Privacy-preserving measurement is much on the minds of IETF attendees as the Privacy Preserving Measurement Working Group continues to make progress. Two new concepts were debuted in the Privacy Enhancements and Assessments Research Group PEARG meeting: Secure Partitioning Protocols and Interoperable Private Attribution. Partitioning is new work looking at how multi-party statistical aggregation can be efficiently accomplished with improved privacy guarantees and is applicable to the on-going work on the Distributed Aggregation Protocol DAP. Private attribution measures events that occur in different contexts to the same person (shown an ad, then bought the product, for example). As a sort of counterpoint, PEARG attendees also heard about the design decisions made in the development of a privacy-preserving contact tracing application rolled out during the recent COVID-19 pandemic. Perhaps the defining characteristic of the design of this app was purpose limitation - building out features that specifically can not be used for any other purpose (such is the wide-spread fear of these applications being used as the infrastructure of a much more broader system of social control).