--On Saturday, November 28, 2015 7:34 PM -0800 "Carl S.
Gutekunst" <csg(_at_)alameth(_dot_)org> wrote:
On 11/28/2015 06:58 PM, John R Levine wrote:
You might want to take a look at this proposed WG charter and
send appropriate comments. It looks to me actively harmful,
for a variety of reasons including that tits proponents
appear to be painfully unfamiliar with the realities of
modern e-mail systems where 90% of the mail is spam, malware
and phishes, and the main privacy threats to users are from
the criminals sending the spam.
Gah.... just what I do not need. I've spent endless hours
trying to explain to paranoid customers that the diagnostic
value provided by Received fields far offsets any possible
data leakage. Consistently, these are folks with the poorest
understanding of the technology, making them hard to sway with
technical arguments, but easy prey for "official" efforts like
I don't suppose there's any way for the chairs to just kill
So far, this is just a mailing list, with its proponents
seemingly to actively push the idea/proposal. I certainly
didn't notice "consider the harm it would cause and whether
there are any real privacy benefits to offset it and then figure
out whether this is a good idea" as part of either the draft
charter for a WG or the description of the mailing list.
IMO, the IETF seems to be suffering from two patterns of late
that interact with this:
(1) All one has to do to get approval and resources for an idea
in various quarters is to say "need to improve privacy" in
appropriately enthusiastic tones. Whether the idea would
actually accomplish that to any significant degree, much less
whether it would outweigh the operational harm it would cause,
seems to be irrelevant.
(2) "We worked very hard" is equivalent to "this deserves the
next step and all the community can do is fine-tune, not say
'no'". The applies to "can we have a mailing list", "given the
mailing list, can we have a WG", and "given the WG and a few
documents, can the work be advanced to standards track" (where,
in each case, "can we" might accurately be replaced by "we are
If one wants this killed, one possibility is that, , as Arnt
suggests, it will be an exception to (2) and will just
self-destruct. Otherwise, I see two possible (and compatible)
(i) Tell the Nomcom, as loudly and clearly as possible, that any
AD who has been part of either of the patterns above should be
retired and candidates evaluated on the basis of whether they
will contribute to those patterns or push back against them.
Remind them that there is nothing in the BCPs that allows them
to stop paying attention to input after some cutoff that they
established, especially when that input is linked to unfolding
events in the community.
(ii) Appeal the decision to grant this effort a mailing list and
to encourage them to develop a charter. I won't initiate such
an appeal, but would be happy to join in and help draft if
others wanted to.
Or one can sit and wait and try stopping the juggernaut after it
has acquired the momentum and level of investment that leads to
pattern (2) above.
ietf-smtp mailing list