I had started to draft something India-specific in the IAB Privacy and Security Program last night before this withdrawal came up. I'll see what we can do to pivot...
On Tue, Sep 22, 2015 at 8:25 AM, Stephen Farrell <[email protected]> wrote: > > > On 22/09/15 13:17, Hugo Maxwell Connery wrote: >> Hi, >> >> Back in August was the process of BCP'ing RFC1984. (Subject: >> Recognising RFC1984 as a BCP). >> >> If this has been completed, it could act as an 'attachment' or >> compliment in some way the form letter which Brian suggests below. > > That has been completed [1] so RFC1984 is now an IETF BCP. > > I'm not sure how long the RFC editor will need before this > is visible as BCPnnn but it shouldn't be too long, some weeks > maybe. (It's an odd case though changing status on a 1996 RFC, > so some tooling might break or something;-) > > S. > > [1] > https://mailarchive.ietf.org/arch/msg/ietf-announce/FXpz3-UELhF7S5kBxXvTrRDXSgs > >> >> I repeat that I think the reuse of RFC1984 at this time is an >> excellent strategy as it clearly states "we've been here before, and >> the arguments still hold". >> >> Regards, Hugo Connery -- Head of IT, DTU Environment, >> http://www.env.dtu.dk ________________________________________ From: >> perpass [[email protected]] on behalf of Brian Trammell >> [[email protected]] Sent: Tuesday, 22 September 2015 14:04 To: Joseph >> Lorenzo Hall Cc: perpass; Dan York; Stephen Farrell Subject: Re: >> [perpass] India withdraws encryption policy - Re: India posed to >> require cleartext, cleartext retention, cipher and backdoor mandates >> >> It seems to me in general that this type of policy remains very >> attractive; governments in particular tend to prize temporary >> security over essential freedom. This policy was so obviously silly >> in its technical detail that it would inevitably need to be >> withdrawn, though I was impressed by the speed and openness with >> which that was done here. >> >> But in general, playing whack-a-mole takes a lot of energy especially >> when the policies themselves are largely copypasta. Perhaps we should >> put together an IAB/program form letter ("So You've Decided to Ban >> Crypto, Here's Why That Won't Work") that we can quickly tailor to >> the details in order to be able to make constructive public comments >> *before* the withdrawal happens next time? :) >> >> Cheers, >> >> Brian >> >> >>> On 22 Sep 2015, at 13:49, Joseph Lorenzo Hall <[email protected]> wrote: >>> >>> I'm not so sure we should take comfort in their withdrawal of the >>> policy as all reports are that they are revising and reissuing... >>> We'll see what the next iteration involves! >>> >>> On Tuesday, September 22, 2015, Dan York <[email protected]> wrote: >>> There was a significant amount of public outcry yesterday within >>> India and the latest news is that the government of India is >>> apparently withdrawing the draft policy: >>> >>> http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draft-of-encryption-policy/articleshow/49057232.cms >>> >>> >>> > Prior to that the government agency involved had already issued an > update saying that the draft policy would NOT apply to TLS in web > commerce and social media, messaging, etc. The update document seems to > have been removed, but is captured here by a news site: >>> >>> http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ >>> >>> >>> > Dan >>> >>>> On Sep 21, 2015, at 1:07 PM, Stephen Farrell >>>> <[email protected]> wrote: >>>> >>>> >>>> Sheesh, there is so much wrong in that document. And they top it >>>> off by recommending RC4. >>>> >>>> Does anyone know if this is a policy that is likely to be >>>> enforced or one that'd be more honoured in the breach? >>>> >>>> S. >>>> >>>> On 21/09/15 17:45, Joseph Lorenzo Hall wrote: >>>>> Obviously, of relevance to those that will be at the IAB >>>>> MARNEW workshop this week (although this isn't in any way >>>>> specific to radio networks). >>>>> >>>>> * Everyone (all individuals and businesses) using encryption >>>>> must store unencrypted content for 90 days * Government will >>>>> dictate algorithms and key sizes * Possibility of a legally >>>>> mandated backdoor >>>>> >>>>> Article from Daily Dot: >>>>> http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ >>>>> >>>>> >>>>> > Text of the proposal (comments due 16 Oct.): >>>>> https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf >>>>> >>>>> >>>> >>>> >>>>> > _______________________________________________ >>>> perpass mailing list [email protected] >>>> https://www.ietf.org/mailman/listinfo/perpass >>> >>> -- Dan York Senior Content Strategist, Internet Society >>> [email protected] +1-802-735-1624 Jabber: [email protected] Skype: >>> danyork http://twitter.com/danyork >>> >>> http://www.internetsociety.org/ >>> >>> >>> >>> >>> >>> -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & >>> Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) >>> 202-407-8825 (f) 202-637-0968 [email protected] PGP: >>> https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 >>> 4B10 1607 5F86 6987 40A9 A871 >>> >>> >>> >>> _______________________________________________ perpass mailing >>> list [email protected] >>> https://www.ietf.org/mailman/listinfo/perpass >> >> _______________________________________________ perpass mailing list >> [email protected] https://www.ietf.org/mailman/listinfo/perpass >> >> _______________________________________________ perpass mailing list >> [email protected] https://www.ietf.org/mailman/listinfo/perpass >> -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 [email protected] PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
