Re: [Isms] ISMS charter broken- onus should be on WG to fix it

Ned Freed <ned.freed@mrochek.com> Wed, 14 September 2005 22:57 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EFgC0-00083N-Bv; Wed, 14 Sep 2005 18:57:28 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EFgBx-000837-T7; Wed, 14 Sep 2005 18:57:26 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA17656; Wed, 14 Sep 2005 18:57:22 -0400 (EDT)
Received: from mauve.mrochek.com ([209.55.107.55]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EFgGd-0002my-N1; Wed, 14 Sep 2005 19:02:17 -0400
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01LT0ZC70K68008434@mauve.mrochek.com> (original mail from ned.freed@mrochek.com); Wed, 14 Sep 2005 15:57:13 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=nowsp; d=mrochek.com; s=mauve; t=1126738632; h=Date: From:Subject:MIME-version:Content-type; b=ISiuRMDlqmOMIWh170YhFZQ21 DX3T3ZOrODlY+uue0aA949oK+BzsuRbW45KPSwEkym5DDRZ4e6FXs7avKJa3g==
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01LT0PLKLAV4000092@mauve.mrochek.com>; Wed, 14 Sep 2005 15:57:08 -0700 (PDT)
To: Michael Thomas <mat@cisco.com>
Message-id: <01LT0ZC5UEV8000092@mauve.mrochek.com>
Date: Wed, 14 Sep 2005 15:47:16 -0700 (PDT)
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Wed, 14 Sep 2005 13:23:32 -0700" <432886C4.9040606@cisco.com>
MIME-version: 1.0
Content-type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed
References: <200509131506.j8DF664A016810@pacific-carrier-annex.mit.edu> <tslhdcokeed.fsf@cz.mit.edu> <20050913204555.GA14153@boskop.local> <tslbr2wk78f.fsf@cz.mit.edu> <3C03BDBD60783D559EDAE652@sirius.fac.cs.cmu.edu> <01LSZP7AGR0Y000092@mauve.mrochek.com> <432886C4.9040606@cisco.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3
Cc: isms@ietf.org, david.kessens@nokia.com, Ned Freed <ned.freed@mrochek.com>, 'IETF Discussion' <ietf@ietf.org>, 'Eliot Lear' <lear@cisco.com>, Sam Hartman <hartmans-ietf@mit.edu>, ietfdbh@comcast.net, iesg@ietf.org
Subject: Re: [Isms] ISMS charter broken- onus should be on WG to fix it
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

> Ned Freed wrote:
> > If I were to object to Eliot's proposal (I don't - in fact I strongly
> > support
> > it), it would be on the grounds that the IETF should be taking a long
> > hard look
> > at the issues surrounding call home in general, not just in the special
> > case of
> > SNMP.

> I'll bite: what could the IETF do if it looked
> long and hard?

Well, the one approach that immediately comes to mind is that the introduction
of a third party might provide a means of getting timely information about
software updates without sacrificing user privacy.

Such a third party would act as a repository for update information provided by
vendors. Applications would then "call home" to one of these repositories
rather than directly to the vendor. Various anonymyzing tricks could be
employed to minimize information leakage even if the third party was
compromised.

Mind you, thiis all off the top of my head. This may not work for some reason
I haven't considered, or there may be other, better approaches.

				Ned

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf