ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: interception proxies

2000-04-12 11:20:01
from [Salvador Vidal] [Permanent Link] 
Hello Vernon,

At 11:21 12/04/00 -0600, you wrote:

Yes, IP is not the perfect protocol, general rules can lead to trouble, and
so forth.

However, the IESG, AD's and IAB should consider tatooing the following
rule on all WG chairs or the foreheads those who sit in them:

If IPSEC or other strong end-to-end encryption or authentication would
interfere with a protocol or application, then it is almost certainly
fatally flawed idea on other technical, administrative, legal, political,
or ethical grounds.


...........



From: Salvador Vidal <svidal(_at_)lander(_dot_)es>



...
There are also good uses for interception, I think that ONGs, churchs, and
other organizations and people will want to become Internet trusters soon,
to defend their values throught Internet, and not only values there will be
also fun aplications of trusters.
...


That is based on a fundamental misunderstanding of interception proxies.
Unless your ONGs, churges, other organizations, and so forth operate
geographically non-trivial IP networks, they need not and should not use
interception proxies to censor the Internet.  It makes little sense to run
interception proxies only for computers that you also control.  For
example, a church that wants to censor the Internet would be better served
by configuring all of its computers to use its own explicit proxies than
using stealthy interception proxies.  


I´m not talking about the computers inside a organization, but people
computers anywhere that trust in these organizations or persons to do
censor, ranking to do their purchases decisions or whatever they want!, and
probabily some people want to have more than one truster and balance them.


The explicit proxies will be easier
to maintain and harder for backsliders to evade.  They're also more honest,
which some churches claim to consider a virtue.

That you support a goal (e.g. censorship or fighting spam) does not imply
that any mechanism that can be used for that goal is the right tool.


So please, which will be the right tool for a truster service?

Salva


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: interception proxies, Dick St.Peters
Next by Date:  Re: interception proxies, Keith Moore
Previous by Thread:  Re: interception proxies, Vernon Schryver
Next by Thread:  Re: interception proxies, Dick St.Peters
Indexes:  [Date] [Thread] [Top] [All Lists]