On Thu, Dec 5, 2013 at 1:59 PM, Wesley Eddy <wes(_at_)mti-systems(_dot_)com>
wrote:
"The target of pervasive monitoring attacks on the Internet is
not the Internet protocols themselves, but it is the users of
the protocols and the general utility of the Internet itself as
a medium of communications for specific applications that are
monitored.
In the case of surveillance, the general utility of the Internet for
specific applications is not the target, it's an indirect target in
order to get at the ultimate users. I think your first statement was
correct, without the "and".
The protocol mitigations that are useful need to
be applied in ways that benefit the user-oriented applications,
and not necessarily other protocols in the network such as those
that may be used for network management, measurements, services
not linked to specific users and groups, control plane functions,
or some machine-to-machine or sensor communications, for instance.
Yes but protocol designs at all layers do need to pay more attention
to modern privacy attacks and may need mitigations in support of
making privacy possible. (Whether protocol implementations do depends
on their context.)
Scott