On 12/07/2015 05:50 AM, Stephen Farrell wrote:
On 07/12/15 02:34, John Levine wrote:
This is increasingly looking like a RG, not a WG.
Hmm, not sure. A good RG is one that'd attract an active
research community and be relatively long lived whereas
this seems like a bit of work where we need to do a relatively
small and discrete amount of research on one topic. (Which
is roughly "What'd happen if you mucked with received headers
the MSA passes on to the rest of the mail infrastructure?")
The way I think of it is a good RG would produce a stream
of academic publications and then some stuff that'd be of
use to the IETF. This sounds more like one paper's worth
of research then stuff would be done in the IETF or not,
depending on the findings.
One could envision a RG constituted to long-term specifically work on
privacy implications of IETF RFCs in general, with a view towards
improving privacy via future RFCs. There is at least some precedent
given the requirements about security area oversight of new RFCs, and
the required SECURITY sections of RFCs now. Which would be a "good
thing", but huge, unwieldy, and perhaps unsustainable long-term (given
that most people may only have narrow topic-area interests).
You could, instead, have it focus on specific areas for periods of time.
Like, "today SMTP, 6 months from now web" etc. May still be
unwieldy/ineffective for the same reasons.
Or finally, make it narrow - "RG on email privacy leakage" - a WG with a
stronger research/analysis mandate.
OTOH, if we stayed with the WG approach, the mandate still has to be
adjusted to do the research for guiding output documents w.r.t. privacy
vs other tradeoffs.
I'm tending more towards RG on email privacy leakage. Even just a
document outlining where the potential leaks are, and outlining the
threat landscape tradeoffs (both privacy and other) of
eliding/not-eliding the info.
So put me up as a strongish vote for a narrow RG.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp