Ned Freed wrote:
> If I were to object to Eliot's proposal (I don't - in fact I strongly
> support
> it), it would be on the grounds that the IETF should be taking a long
> hard look
> at the issues surrounding call home in general, not just in the special
> case of
> SNMP.
I'll bite: what could the IETF do if it looked
long and hard?
Well, the one approach that immediately comes to mind is that the introduction
of a third party might provide a means of getting timely information about
software updates without sacrificing user privacy.
Such a third party would act as a repository for update information provided by
vendors. Applications would then "call home" to one of these repositories
rather than directly to the vendor. Various anonymyzing tricks could be
employed to minimize information leakage even if the third party was
compromised.
Mind you, thiis all off the top of my head. This may not work for some reason
I haven't considered, or there may be other, better approaches.
Ned
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf