Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 30 January 2015 19:48 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E20E31A1BBE; Fri, 30 Jan 2015 11:48:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uuZlA0an2WBa; Fri, 30 Jan 2015 11:48:17 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 641321A1BBC; Fri, 30 Jan 2015 11:48:07 -0800 (PST)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id A1B9DF984; Fri, 30 Jan 2015 14:48:04 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 847952016E; Fri, 30 Jan 2015 14:48:03 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Cyrus Daboo <cyrus@daboo.name>, Eliot Lear <lear@cisco.com>, Daniel Migault <mglt.ietf@gmail.com>, ietf-privacy@ietf.org
In-Reply-To: <7C672BF606D0621F4E873E1C@cyrus.local>
References: <CADZyTkkLu6qQ9LCqDkTHA9o+-YVvQuaUp33kqkAt=PRaQS-Jew@mail.gmail.com> <CADZyTkkCrvTam_ba7Tq6A-cHAVZn+ktKqwWsr_PNQaz2jyTkUQ@mail.gmail.com> <874mr9aucv.fsf@alice.fifthhorseman.net> <54CB15AB.40400@cisco.com> <54CB2D4F.7050302@cisco.com> <7C672BF606D0621F4E873E1C@cyrus.local>
User-Agent: Notmuch/0.18.2 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu)
Date: Fri, 30 Jan 2015 14:48:00 -0500
Message-ID: <87k304qccv.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-privacy/ArN9IXt9Uii9vojIXkKn-OlEbRA>
Cc: Time Zone Data Distribution Service <tzdist@ietf.org>
Subject: Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jan 2015 19:48:31 -0000
Thanks for the response, Cyrus! On Fri 2015-01-30 11:39:33 -0500, Cyrus Daboo wrote: > Whilst that is true I don't think we should be required to deal with issues > that are generic to HTTP itself (and in some cases already covered in the > base HTTP specs - e.g. server log information). I'm not convinced by this argument. This proposal sets up a particular profile that an HTTP server is likely to run, with clients that are going to access it in a very particular pattern under normal circumstances. As a result, we can characterize the expected system behavior in much more detailed ways, so we can think more concretely about how and why logs (and other aspects of HTTP operation) might be useful or harmful. For example, the spec already says that the server needs to be configured to work with HTTPS. that's distinct from many HTTP server configurations in the wild, and with good reason. Why doesn't this apply to other aspects of HTTP operation like logging? (side note: i just noticed, do you want to require the clients to use HTTPS with the SNI extension of TLS? If you do make that a requirement, it would make it easier for Providers to deploy their systems on shared IP addresses) --dkg
- Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Daniel Kahn Gillmor
- Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Eliot Lear
- Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Eliot Lear
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Stephen Farrell
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Cyrus Daboo
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Daniel Kahn Gillmor
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Daniel Kahn Gillmor
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Paul Eggert
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Paul Eggert
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
- Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Eliot Lear
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Paul Eggert
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Cyrus Daboo
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Paul Eggert
- Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for … Lester Caine
- Re: [ietf-privacy] [saag] Fwd: WGLC for draft-iet… Daniel Kahn Gillmor