ietf
[Top] [All Lists]

RE: Proposed Statement on "HTTPS everywhere for the IETF"

2015-06-04 10:38:14
Brian E Carpenter wrote:
Hi Tony,
On 04/06/2015 15:06, Tony Hain wrote:
Stephen Farrell wrote:
On 03/06/15 22:03, Tony Hain wrote:
Stephen Farrell wrote:

I would assert that the existence of the dprive WG is good evidence
that the IETF does not consider data-integrity as the only real
concern for public data.

And I would assert that it shows a group-think knee-jerk
overreaction to threats that hypothetically could be applied in
broader contexts than history documents. We are both free to express
our own assertions.


Disagreeing is of course fine but does not require that those with
whom one disagrees are stuck in a group-think knee-jerk mixed
metaphor;-)

Looking at the actual text of the statement though [1] I could agree
that the 3rd paragraph is maybe more justified on security grounds,
so maybe s/privacy/security&privacy/ would be better there.

No, more below.


That said, there is a real threat to privacy (cf. tempora) when it is
credible to assume that any of our traffic that transits undersea
cables is recorded, and traffic to the IETF is a part of that even if
it's quite unlikely, by itself, to be privacy sensitive.

I never argued that there is not a general threat to privacy due to
recording, just that it does not apply here. My point was that the IETF does
not have a general technical REQUIREMENT for privacy. There are many that
WANT privacy in everything they do, but that does not equate to a real
requirement for the public content of an open organization. Substituting
security&pirvacy only makes a bad choice of words worse. The IETF has no
business case for either, and if there was a case something would have
been done about it long before now.

It isn't the content that is private, of course. However, if there are IETF
participants who require a degree of privacy about their use of IETF public
information, it is entirely reasonable for the IETF to support that with a
straightforward measure like HTTPS. As has been pointed out already, that
is insufficient to provide a high degree of privacy.

Try "...the act of accessing public information required for routine tasks can
be privacy sensitive *on the user's side*..."

So that text exposes the silliness of this effort. IF there are people that 
really need privacy of their access of IETF content, they had better be using 
more than HTTPS. If they are not using something like TOR they are toast, 
because it doesn't take much traffic analysis to figure out which documents are 
being read. Anyone can create a mirror, and with that data they will know which 
documents and requests create which byte stream lengths. 


I don't see anything political about that. It's factual.

It is dangerous to imply that simple https provides any privacy when the 
original content is public information. If true privacy is the requirement then 
the IETF needs to be serious about expanding TOR. This proposed text is 
unnecessary theater to make a political statement. If the I* wants to make a 
political statement, the ISOC or maybe IAB should make it. The IESG has no 
business making anything more than a technical statement, and the only thing 
they need to say is that data-integrity is important so we are making https the 
default. The clear refusal to drop the word privacy from the statement just 
underscores how much this is politically driven rather than a serious effort to 
ensure that the IETF content is delivered intact. 

My overall concern here is that statements like this undermine the integrity of 
the organization. I understand people wanting to improve overall privacy, but 
this step does not do that in any meaningful way. 

Tony


    Brian


<Prev in Thread] Current Thread [Next in Thread>