Actually, I think what the sentence below illustrates is that a single scenario can represent both security and privacy problems. The key to identifying them seems to me to be about expectations...
- if I expect that by using TLS and "nice long keys", I can keep my conversation secret from the government for 5 years, and they crack it in 5 minutes, then there are clearly some issues with my assumptions about algorithm strength; I'd classify that as a security problem. - if I expect to be able to have a conversation without the government listening in, and they can and do listen in, then that's a privacy problem. In other words, the same scenario can be both a security and a privacy problem, depending on the perspective from which you look at it. R Robin Wilton Technical Outreach Director - Identity and Privacy On 1 Mar 2013, at 00:34, SM <[email protected]> wrote: > Hi Claudia, > At 14:42 26-02-2013, Claudia Diaz wrote: >> >> - If the gov listens to my encrypted conversations (eg, by reconstructing >> the conversation from the traffic), it is a security problem. _______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
