[arch-d] Privsec programme conclusion

"Martin Thomson" <mt@lowentropy.net> Tue, 30 July 2019 03:29 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08DC31200B3 for <architecture-discuss@ietfa.amsl.com>; Mon, 29 Jul 2019 20:29:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=nqWfjDzW; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=KKN7uV1A
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RJXHZH2QUahC for <architecture-discuss@ietfa.amsl.com>; Mon, 29 Jul 2019 20:29:26 -0700 (PDT)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 429281200A3 for <architecture-discuss@ietf.org>; Mon, 29 Jul 2019 20:29:26 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 1E3B021B82; Mon, 29 Jul 2019 23:29:23 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute1.internal (MEProxy); Mon, 29 Jul 2019 23:29:23 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm2; bh=k2BliMw3FLyqr2uRv5Apl1mEqc8V2RlbtuBZprqI0SY=; b=nqWfjDzW U+XZAbKupIwjZ736iIg5Z7Mg4cJxGgU9JwCvRKwitRxk9gp40E7rco9ouGp51+Au yRvQiOm1f+OdyXJ9j6Gaidib559z77D5ItoUO0CzF3814+hcuWRHlFLOGRHhrwoe 9/knqI2VOXbjXWShR8ox6nxDsItUGCPDP6ml6e1TzRQ8czpep9SSEWh9Vjsgwkxq EPUYoYcZyOQVebycbS0LsjCEMXHdfWhVHr5eCszsxPpqOWgSs+DvCu6lUzWLsadY Bl881gXN05hpKAthsO+aBKE+vjMEAbaslPdtZhhr11AcCOL/EbAe11fSBBgc7au5 VybWC0Dj6oPrgA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=k2BliMw3FLyqr2uRv5Apl1mEqc8V2 RlbtuBZprqI0SY=; b=KKN7uV1Av72tdbbnHPpBk5Sd0tAWxUUvsmEBuK8NE02/P RYX8jx+ZuDbAGeqyJAWpBfDQFKjHrB8okkrwKXLEQY2pLnEtZ/G4fZSQqTEtA6EH ME3j6hrYah3U384AXxUqreCPNLY2S8s6xuwgz5EsIzVwOkvfRvSLRC7LmkVSsoll +fzAOCEAKfHuHJP+2Wl6x6c0U7fu/qSPy53EgW06fMcWB1xG/EZqcWkhUP4fBn5g I9lq21KAVCNdzEjXQU1YtHIIXMh+Rbh/5tDOg2cZzFuMD4w2X8sdH77UqCUZaGY7 hpi2KR/b5we+sbDn527E9eHOO5zsEB9nv5GUfDk7A==
X-ME-Sender: <xms:krk_XWm543y7AcMpxJEzzaJPRPvdpPQy8ycs7wd-4rewXXr_vpcC2w>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduvddrledvgdejudcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkfffhvffutgesthdtredtre ertdenucfhrhhomhepfdforghrthhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghn thhrohhphidrnhgvtheqnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnh htrhhophihrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:krk_XVGuJsVFgqfnAmrZYznEtx8lh_D42F19lDmSs8Xh2CxfVKAd7w> <xmx:krk_XdNgTJHxAuN_90h6cZ4upLmhmXTpbNQe0MMZn8RyKistKuBXxw> <xmx:krk_XX9reprdApb6lvuBr2cO-LpzAcNF_TT6hXom9SCO1lLM-oribw> <xmx:k7k_XQRKZKq6_GnHlK8DNYa7eghoDhZybf1R0YuP98lMUMlDlV8IjA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 65DA7E00A2; Mon, 29 Jul 2019 23:29:22 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.6-736-gdfb8e44-fmstable-20190718v2
Mime-Version: 1.0
Message-Id: <549d9909-57d2-4f5c-a526-88fe1129f325@www.fastmail.com>
Date: Tue, 30 Jul 2019 13:29:21 +1000
From: "Martin Thomson" <mt@lowentropy.net>
To: architecture-discuss@ietf.org, privsec-program@iab.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/vcxBpylK24cVP5ShyAldvSzgZJk>
Subject: [arch-d] Privsec programme conclusion
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2019 03:29:28 -0000

The IAB recently confirmed its collective intent to close the privsec programme.

The privsec programme was formed from separate privacy and security programmes
in 2014, when it was clear that a unified effort was necessary to deal with the
challenges of the time.  Over that period, there have been improvements in
general awareness of challenges in these areas, with advancements in both the
definition and deployment of secure protocols.  To a large extent, the
responsibility for the problems that motivated the creation of the unified
programme has moved to the IETF.  Even though these are by no means "solved"
problems, it is now accepted they are addressed as part of the normal day-to-day
work of the IETF rather than a semi-closed IAB programme.

Though there continues to be a need for work in this general area, the IAB
believes that the current form of the privsec programme is not well suited to
address the full breadth of contemporary issues.  Today, we are facing a range
of subtle and complex problems in this area, including the effect of improved
security on consolidation, the tension between use of encryption and protective
systems deployed in the network, the way in which centralization of different
services can be simultaneously used to improve privacy and degrade it, and the
demands of governments on systems that provide security.

The IAB welcomes input on how these and related topics may best be addressed and
how the IAB might best contribute.  The IAB very much consider these to be
"live" topics, are committed to continued engagement, and aim to continue to
ensure that these topics are at the forefront of IETF considerations.

The IAB would like to thank members of the program, past and present, for their
contributions.