Hay,
Hiya,
I...
I disagree. IMO all the snowdonia stuff is very good evidence that
we need to do better. And "enforcer" is not at issue.
Can yo be more specific here? I have not examined all of what is being made
public; I do have a day job :-) .
And the 2nd. But the 2nd is a case where there's a teeny bit of
crypto baked into websockets so that websockets just doesn't
work without it. But not one to rathole on.
OK, moving on.
...
Going back to a mail from Yoav a few weeks ago - we're not trying to
prevent state surveillance, but we would like to make it more
expensive so Yoav isn't on the list of folks that they can afford
to surveil. Assuming we share that description as a goal, (do we?)
what other kind of folks do you think we might need to make progress
on that?
I understand the goal of making life harder for state surveillance.
However, I am not willing (personally) to incur any degraded user
experience,
premature cell phone battery depletion, etc in order to support this goal.
I suspect, but cannot prove, that most users would express similar feelings.
But, if there are things we can do that are "free" of adverse impacts,
and supportive of the goal you noted, we should consider them.
There is a fair point there but dealing with what people do on FB
is not really within the IETF's scope I think. Making it harder for
a few hacked nodes to record everything everyone does is though.
(And if we can do that well, I suspect we'll get a bunch of other
security benefits too.)
I use Gmail for some traffic. If I really cared about the confidentiality
of that traffic, I should choose another provider. How many million
folks make the same decision?
I use the weather channel to check forecasts for my home area, and
for airports en route to destinations, and for vacation and work
trips. I see ads popping up that are a obvious, direct result of
the WC folks having access to cookies from my browser! Somehow
I learned to live with that ;-) .
And there's also the user-consent issue - regardless of what one
thinks about web site T&C, it is absolutely the case that users
have not given permission for the pervasive monitoring that's
been reported.
Agreed.
Steve
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
