On 1/7/19 2:28 PM, Matthew Miller wrote:
On Mon, Jan 07, 2019 at 06:24:14PM +0100, Lennart Poettering wrote:
>> * The Fedora community cares about privacy and is adverse to tracking
>> measures. We don't want to track; just count.
> Uh, so what's the story there? i mean, if you pass over the uuid you
> make clients trackable, regardless if you want to make use of that or
> not...
Not if we don't keep them for long. One idea is to rotate them fairly
frequently. But this is mostly a statement of intent and might be more about
how we build the backend than about what we force in the client.
If the client generate a new UUID every month (for example), or use the
current month in the UUID generation algorithm, There is no need for the
users to trust that the server is removing the logs is true. You can
have an approximation of how many active users Fedora has, not realtime
and with some inaccuracies at the start of the period (months in this
example)
>
>> * For this reason, we don’t want to use any identifier like
>> /etc/machine-id which may be used for other purposes.
> For purposes like this we have "application-specific machine
> IDs". This is exposed in the sd_id128_get_machine_app_specific() API:
>
https://www.freedesktop.org/software/systemd/man/sd_id128_get_machine.html
[...]
> It appears to me that this concept is what you might want to use
> here. You could either use our C API for that, but you can easily
> reimplement it in a fully compatible way in any programming language
> you like without using our C API too, after all HMAC-SHA256 is pretty
> commonly available and not fancy in any way.
Thanks, that makes sense.
> BTW, afaik Ubuntu counts installations through NTP: they provide their
[..]
> Of course, doing it that way would mean fedora would have to host NTP
> servers...
Hmmm. We have
fedora.pool.ntp.org, in fact. I'm not sure who actually runs
that!