On 02/12/15 01:43, Chris Lewis wrote:
It's far better to train them in the reality of what they need to do to
preserve their own privacy, than the impossibility of trying to
privacy-protect everything (and still have something anybody wants to use).
Do you have any evidence for the above?
But in any case, I think your argument is clearly wrong because we
know that it is not possible to "train them" in security or privacy.
(That leaves open the possibility that your conclusion is correct
based on some other argument, but very much weakens confidence in
your conclusion for me.)
IMO the onus is on us as technology developers to ensure that what
we make allows those who deploy that to do a good enough job. In
this case there is room for debate about the cumulative privacy
exposure from many messages including MUA IP addresses (or of
popular implementations defaulting to do so) vs. the benefits
accruing to anti-spam techniques.
For me, claims that any of this is so obvious as to not even need to
be looked are not at all convincing. And in that I do include claims
that "all we need to do is X and it'll be privacy friendly" (for any
X) as well as claims to "move on, there's nothing to see here."
S.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp