ietf
[Top] [All Lists]

Re: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an Attack) to Best Current Practice

2014-01-03 13:23:08
On Jan 3, 2014, at 12:33 PM, Eric Rosen <erosen(_at_)cisco(_dot_)com> wrote:
Ted> The point of the IETF stating a position on this is not to give ADs
Ted> another thing they can hassle document authors about.
One has to look at the likely impact of the draft, not merely at the
intentions of the authors. 

I'm sorry, I know that there have been some really painful incidents in the 
past, and that people are sensitized to the potential for a repeat, but I'd 
like to think that the IETF has learned from those experiences.

You say that we are edging into politics here, but I don't think that's true.   
I think that it's entirely appropriate for us to document pervasive monitoring 
as an attack, because it is one.   If you disagree with that, that's fine, I'd 
like to hear your explanation.   If you agree that it's an attack, but think 
the IETF doesn't need to address it, I'd like to hear about that.   But it 
seems to me that you are doing neither of those things.

I think one likely impact of this draft is that authors and working groups will 
take pervasive monitoring more seriously as a threat when they are designing 
their protocols.   It's also possible that ADs will use this document as a 
bludgeon.   I don't think anyone on the current IESG wants to see that happen.  
 If you completely disagree that authors and working groups ought to be 
thinking about this, then I can see why you would argue for simply scrapping 
the document.   But if you are solely trying to address the concern that the 
IESG will go mad with power, then let's talk about how to tweak the document to 
address that concern.


<Prev in Thread] Current Thread [Next in Thread>