Yes, IP is not the perfect protocol, general rules can lead to trouble, and
so forth.
However, the IESG, AD's and IAB should consider tatooing the following
rule on all WG chairs or the foreheads those who sit in them:
If IPSEC or other strong end-to-end encryption or authentication would
interfere with a protocol or application, then it is almost certainly
fatally flawed idea on other technical, administrative, legal, political,
or ethical grounds.
...........
From: Salvador Vidal <svidal(_at_)lander(_dot_)es>
...
There are also good uses for interception, I think that ONGs, churchs, and
other organizations and people will want to become Internet trusters soon,
to defend their values throught Internet, and not only values there will be
also fun aplications of trusters.
...
That is based on a fundamental misunderstanding of interception proxies.
Unless your ONGs, churges, other organizations, and so forth operate
geographically non-trivial IP networks, they need not and should not use
interception proxies to censor the Internet. It makes little sense to run
interception proxies only for computers that you also control. For
example, a church that wants to censor the Internet would be better served
by configuring all of its computers to use its own explicit proxies than
using stealthy interception proxies. The explicit proxies will be easier
to maintain and harder for backsliders to evade. They're also more honest,
which some churches claim to consider a virtue.
That you support a goal (e.g. censorship or fighting spam) does not imply
that any mechanism that can be used for that goal is the right tool.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com