Explain client IP anonymization and how it relates to nav speculation. (

#99) Explain client IP anonymization and how it relates to nav speculation.
WICG · Dec 14, 2021 · 0a093d8 · 0a093d8
1 parent 8b972b8
commit 0a093d8
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 1 deletion.
diff --git a/anonymous-client-ip.md b/anonymous-client-ip.md
@@ -0,0 +1,21 @@
+# Anonymous Client IP
+
+## Why anonymize the client IP when prefetching for navigation?
+
+The [role of the client IP address in Internet privacy][ietf-ip-privacy] has been discussed elsewhere, and many software vendors and service providers have started offering features which obscure it, e.g., using a proxy or virtual private network.
+
+Outgoing prefetch traffic may imply information about the content the user is currently viewing before they have clicked a link. Accordingly, some sites (e.g., search engines, email providers, and social media networks) may be happy to enhance the performance of outbound navigations to other sites only if client IP anonymity is possible. For navigations from such sites, users with IP privacy may actually experience better performance than possible without it.
+
+## Is IP-anonymized prefetching feasible for browsers?
+
+Yes. Many major browser vendors already offer an HTTP proxy or VPN service to protect IP privacy, such as Google Chrome's [private prefetch proxy][chrome-ppp], Safari's [iCloud Private Relay][safari-ipr], [Mozilla VPN][mozilla-vpn] and [Opera VPN][opera-vpn]. This technology can be leveraged to enable private prefetch for eligible users.
+
+## How can browsers know which prefetches require anonymous client IP?
+
+The Speculation Rules syntax allows authors to [expressly mark](triggers.md#extension-requirements) that particular cross-origin prefetches should only occur when the browser can anonymize the client IP. Browsers must not execute such rules otherwise.
+
+[ietf-ip-privacy]: https://datatracker.ietf.org/doc/draft-ip-address-privacy-considerations/
+[chrome-ppp]: https://blog.chromium.org/2020/12/continuing-our-journey-to-bring-instant.html#:~:text=to%20the%20user.-,Private%20prefetch%20proxy,between%20Chrome%20and%20that%20website.
+[safari-ipr]: https://support.apple.com/en-ca/HT212614
+[mozilla-vpn]: https://www.mozilla.org/products/vpn/
+[opera-vpn]: https://www.opera.com/features/free-vpn
diff --git a/triggers.md b/triggers.md
@@ -122,7 +122,7 @@ The link element itself can also be [matched][selector-match] using [CSS selecto
 
 This feature is designed to allow future extension, such as a notion of requirements: assertions in rules about the capabilities of the user agent while executing them. Since user agents disregard rules they do not understand, this can be safely added later on without violating the requirements listed.
 
-For example, an "anonymous-client-ip-when-cross-origin" requirement might mean that the rule matches only if the user agent can prevent the client IP address from being visible to the origin server if a cross-origin request is issued.
+For example, an "anonymous-client-ip-when-cross-origin" requirement might mean that the rule matches only if the user agent can [prevent the client IP address from being visible to the origin server](anonymous-client-ip.md) if a cross-origin request is issued.
 
 ```json
 {"prerender": [