On Sun, Dec 13, 2015 at 05:38:37PM +0000, Paul Smith wrote:
The fact is that most people do not really care about privacy! Them
volunteering to send me their credit card statements proves that.
Hiding IP addresses pales into insignificance alongside that.
While it's true that many people are quite clueless when it comes to
email security, I don't think that is a reason not to remove privacy
sensitive information that may not be needed. The fact that many people
quite happily enter personal information on random websites, hasn't
stopped many bigger and smaller sites from serving content over HTTPS.
Moreover, my ideal outcome isn't one where an IETF [WRE]G tells email
providers all over the world which bits to remove. If anything, I think
email is far too established for the IETF to have this kind of
What we can do is guide email providers who want to remove privacy
sensitive information, for reasons that we may or may not agree with, to
do it in a way that doesn't harm our ability to fight other kinds of
abuse. I still think that's possible.
Description: Digital signature
ietf-smtp mailing list