On Sunday, May 1, 2016 4:12 PM, Dave Crocker wrote: > > If the term is to be a non-technical and vague reference, then let's stop using it > as if it were a technical term. Philosophical, academic and social terms are > fine; the problem is when we use them as if they pertained to technical > specifics.
Well, we do use the term "security" liberally, don't we? It is certainly just as vague, but it is useful as a section header. It encourages protocol designers to be concerned with the broad issue of security attacks. I think that we have consensus that protocol designers should also be concerned with the broad issue of privacy attacks. > If we intend the term to have technical utility, it's needs precise and useful > definition. It took some time to establish categories for security attacks -- denial of service, information disclosure, spoofing, elevation of privilege, etc. The analysis of privacy attacks is not quite as advanced, but we start getting broad categories, such as disclosure of the exchanged data, disclosure of metadata, linkability of different activities, and disclosure of traffic patterns. As we gain more experience, I expect that these categories will stabilize. -- Christian Huitema _______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
