On 9/9/2013 8:58 AM, Stephen Farrell wrote:
The IAB are considering how to deal with some of this stuff as
part of the tech plenary in Vancouver. [5] I guess we'll hear
more about that as it firms up.
But since a tech plenary is probably not the best place to try
get work (or plans for work) done, the IESG and IAB also discussed
having a BoF-like session for more detailed discussion of the
topic and what the IETF could or should be doing.
The plenary could be an excellent venue for a tutorial on operational
and technical privacy issues at Internet-scale systems level.
The current furor is over "monitoring", where that seems to have less to
do with simple, link-level wiretapping and more to do with compromised
intermediaries. (It's fine if I have that wrong; I'm interested in
having the tutorial offer clarity about the actual threats we should be
focusing on and, perhaps, comment on basic techniques for mitigating them.)
The purpose of the plenary, then, would be to get the IETF onto the same
page about the problem space we should be considering and the technical
toolset available for dealing with it.
If it happens that there is simple, low-hanging fruit, such as improving
random-number implementations, or the like that's obviously good and
needs to be pursued, but I doubt that's the serious and substantive part
of the work that needs to be done.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
