Avri,
...
Yes, but in doing so, it should provide the ability for the individual users,
whether companies or individuals, to mitigate their risks. If technical
standards do not include a mandatory option (MTI) of privacy protection they
are making a political techno-decsion against privacy. If the Internet cannot
be used in a manner that enhances privacy, for those who value privacy, but
only maximizes surveillance based security for those who value surveillance,
then it looks to me like we are acting evangelically.
We can only maintain the belief that our technology and protocols are neutral
if they can be used by people of diverse socio-political views.
So while I can see problems with MTU, I think genuine MTI (and perhaps some
MTU) is needed for privacy enhancements at a level that matches the MTIs and
MTUs for security. I technical neutrality requires it.
To first order, we're in agreement, i.e., MTI provides a reasonable
basis for deploying privacy
measures when users and service providers choose to make use of them. If
we fail to provide
MTI options, we deprive users and providers of the ability to engage in
interoperable
security/privacy measures.
The question Stephen raised is whether that's enough. For me, the answer
is yes, and going
beyond MTI to MTU is pursuing an "evangelical" path that we ought to avoid.
Since you alluded to "some MTU" above, the obvious question is what are
examples of
MTU mechanisms that you support?
Steve
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
