On Sat, Apr 5, 2014 at 1:50 AM, Stewart Bryant (stbryant) <
stbryant(_at_)cisco(_dot_)com> wrote:
Please confirm that "friendly" implies that the user gets to
choose the degree of security privacy that they consider
appropriate, and that their applications and devices are not
encumbered with the overheads unless they choose to invoke
the privacy and security mechanisms.
Here, I think, is a key issue. I disagree with Stewart. WHAT?! How can I
possibly disagree with
user choice? Because, a huge majority of people
(a) aren’t aware that there is a choice to be made, and shouldn’t need to be
(b) do not understand the technical issues surrounding the choice, and
shouldn’t have to
(c) do not understand the legal/policy issues surrounding the choice, and
shouldn’t have to
This includes both the people who use online services and the people who
offer them. Thus, the only sane ethical position is to operate in a mode
that is private by default, because the consequences of a negative failure
(the user really didn’t need privacy but got it anyhow) are immensely less
damaging than the consequences of a positive failure (the user really
needed privacy but didn’t get it).
Yes, it is certainly desirable that for those who are in the unusual
position of being confident that they understand the technical and policy
issues, they be given the option of choosing to operate in plain-text
anyone-can-MITM anyone-can-eavesdrop mode. But saying that the needs of
that very small and specialized group of people should trump the interests
of the vast majority who shouldn’t have to understand or worry about where
privacy is appropriate and how to provide it; that seems bizarre to me.
So yeah, please turn the IETF’s public-facing offerings over into
private-by-default mode. It’s the only ethical course of action. -T