ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA

2013-09-06 10:41:50
from [Pete Resnick] [Permanent Link] 
On 9/6/13 8:23 AM, John C Klensin wrote:


I think that one of the more important things we
can do is to rethink UIs to give casual users more information
about what it going on and to enable them to take intelligent
action on decisions that should be under their control.  There
are good reasons why the IETF has generally stayed out of the UI
area but, for the security and privacy areas discussed in this
thread, there may be no practical way to design protocols that
solve real problems without starting from what information a UI
needs to inform the user and what actions the user should be
able to take and then working backwards.
[...]
And the fact that those are 75% of more UI issues is probably no
longer an excuse.
Absolutely. There is clearly a good motivation: A particular UI choice should not *constrain* a protocol, so it is essential that we make sure that the protocol is not *dependent* on the UI. But that doesn't mean that UI issues should not *inform* protocol design. If we design a protocol such that it makes assumptions about what the UI will be able to provide without verifying those assumptions are realistic, we're in serious trouble. I think we've done that quite a bit in the security/application protocol space. 


one of my personal peeves is the range of unsatisfactory
conditions --from an older version of certificate format or
minor error to a verified revoked certificate -- that can
produce a message that essentially says "continuing may cause
unspeakable evil to happen to you" with an "ok" button (and only
an "ok" button).
OK, one last nostalgic anecdote about Eudora before I go back to finishing my spfbis Last Call writeup:
MacTCP (the TCP/IP stack for the original MacOS) required a handler routine for ICMP messages for some dumb reason; you couldn't just set it to null in your code. So Steve implemented one. Whenever an ICMP message came in for a current connection (e.g., Destination Unreachable), Eudora would put up a dialog box. It read "Eudora has received an ICMP Destination Unreachable message." The box had a single button. It read, "So What?" 

Working for Steve was a hoot.

pr

--
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: [v6ops] Last Call: <draft-ietf-v6ops-mobile-device-profile-04.txt> (Internet Protocol Version 6 (IPv6) Profile for 3GPP Mobile Devices) to Informational RFC, Ray Hunter
Next by Date:  Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Scott Brim
Previous by Thread:  Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, John C Klensin
Next by Thread:  Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Scott Brim
Indexes:  [Date] [Thread] [Top] [All Lists]