Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 30 January 2015 19:48 UTC

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Cyrus Daboo <cyrus@daboo.name>, Eliot Lear <lear@cisco.com>, Daniel Migault <mglt.ietf@gmail.com>, ietf-privacy@ietf.org
In-Reply-To: <7C672BF606D0621F4E873E1C@cyrus.local>
References: <CADZyTkkLu6qQ9LCqDkTHA9o+-YVvQuaUp33kqkAt=PRaQS-Jew@mail.gmail.com> <CADZyTkkCrvTam_ba7Tq6A-cHAVZn+ktKqwWsr_PNQaz2jyTkUQ@mail.gmail.com> <874mr9aucv.fsf@alice.fifthhorseman.net> <54CB15AB.40400@cisco.com> <54CB2D4F.7050302@cisco.com> <7C672BF606D0621F4E873E1C@cyrus.local>
User-Agent: Notmuch/0.18.2 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu)
Date: Fri, 30 Jan 2015 14:48:00 -0500
Message-ID: <87k304qccv.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-privacy/ArN9IXt9Uii9vojIXkKn-OlEbRA>
Cc: Time Zone Data Distribution Service <tzdist@ietf.org>
Subject: Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05
Precedence: list

Thanks for the response, Cyrus!

On Fri 2015-01-30 11:39:33 -0500, Cyrus Daboo wrote:
> Whilst that is true I don't think we should be required to deal with issues 
> that are generic to HTTP itself (and in some cases already covered in the 
> base HTTP specs - e.g. server log information).

I'm not convinced by this argument.  This proposal sets up a particular
profile that an HTTP server is likely to run, with clients that are
going to access it in a very particular pattern under normal
circumstances.

As a result, we can characterize the expected system behavior in much
more detailed ways, so we can think more concretely about how and why
logs (and other aspects of HTTP operation) might be useful or harmful.

For example, the spec already says that the server needs to be
configured to work with HTTPS.  that's distinct from many HTTP server
configurations in the wild, and with good reason.  Why doesn't this
apply to other aspects of HTTP operation like logging?

(side note: i just noticed, do you want to require the clients to use
HTTPS with the SNI extension of TLS?  If you do make that a requirement,
it would make it easier for Providers to deploy their systems on shared
IP addresses)

   --dkg

Attachment: signature.asc

Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Daniel Kahn Gillmor
Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Eliot Lear
Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Eliot Lear
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Stephen Farrell
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Cyrus Daboo
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Daniel Kahn Gillmor
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Daniel Kahn Gillmor
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Paul Eggert
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Paul Eggert
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Eliot Lear
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Paul Eggert
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Cyrus Daboo
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Paul Eggert
Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Daniel Kahn Gillmor

Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05

Attachment: signature.asc