Re: Confidentiality notices on email messages

Jorge Contreras <> Tue, 12 July 2011 21:37 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 259579E8035 for <>; Tue, 12 Jul 2011 14:37:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -104.598
X-Spam-Status: No, score=-104.598 tagged_above=-999 required=5 tests=[AWL=1.000, BAYES_00=-2.599, GB_I_LETTER=-2, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id G5IiCfowCAOE for <>; Tue, 12 Jul 2011 14:37:09 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 7BED721F853D for <>; Tue, 12 Jul 2011 14:36:48 -0700 (PDT)
Received: by fxe4 with SMTP id 4so6751696fxe.27 for <>; Tue, 12 Jul 2011 14:36:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=NDb/RaKPYvfi62wh7KRsqLcKU2D7GFOyAmwjgaqMegY=; b=Rq9WmrT7i3GW6477+Mhaly6qdwQBFcMawrId9IGp6JVlQaSBydW/fjgjCNbDC1KXXz 76qnNfPqz4/bwcm3Z3s+J9K/MIsIeZ6+s9nBvR9925Z0ufX2kOr3EvMXLlrH7oxr2pl6 q/3vmXj3Cdxb1WKl3YjsIb3jQtsMRLOxG0s8o=
MIME-Version: 1.0
Received: by with SMTP id t22mr498496fai.145.1310506607353; Tue, 12 Jul 2011 14:36:47 -0700 (PDT)
Received: by with HTTP; Tue, 12 Jul 2011 14:36:47 -0700 (PDT)
In-Reply-To: <>
References: <>
Date: Tue, 12 Jul 2011 16:36:47 -0500
Message-ID: <>
Subject: Re: Confidentiality notices on email messages
From: Jorge Contreras <>
To: Barry Leiba <>
Content-Type: multipart/alternative; boundary=0015174c1326cea04b04a7e618c2
Cc: IETF discussion list <>
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 Jul 2011 21:37:10 -0000


You may want to refer to Section 5.2 of RFC 5378, which addresses this

"Each Contributor agrees that any statement in a Contribution, whether
generated automatically or otherwise, that states or implies that the
Contribution is confidential or subject to any privilege, can be disregarded
for all purposes, and will be of no force or effect."

Best regards,

On Tue, Jul 12, 2011 at 4:28 PM, Barry Leiba <>wrote:

> I am increasingly seeing IETF participants posting messages to IETF
> mailing lists, sending messages to chairs and ADs, and so on, where
> their messages include confidentiality/security/legal notices at the
> bottom.  You know the ones; here are excerpts from two recent
> examples:
> --------------------------------
> > Information Security Notice: The information contained in this
> > mail is solely the property of the sender's organization. This
> > mail communication is confidential. Recipients named above are
> > obligated to maintain secrecy and are not permitted to disclose
> > the contents of this communication with others.
> --------------------------------
> > The information contained in this e-mail and any attachments is
> > CONFIDENTIAL and is intended only for the use of the addressee.
> > Any unauthorized use, disclosure, distribution, dissemination,
> > or copying is strictly prohibited and may be unlawful. If you are
> > not the intended recipient, you are prohibited from any further
> > viewing of the e-mail or any attachments or from making any use
> > of the e-mail or attachments.
> --------------------------------
> Those are just the beginnings of them -- they go on, and continue for
> another paragraph each.  I've seen them in Spanish, French, and
> German, as well as English.
> Now, apart from being long and annoying, they're in conflict with the
> IETF's Note Well, which applies to anything posted to IETF mailing
> lists or sent to anyone in IETF leadership about IETF business:
> I'd also argue that those posting such messages are running afoul of
> their own organizations' rules by posting "confidential" messages
> publicly.  Of course, that's nonsense, but, hey, folks, it wouldn't be
> the first time a company might behave irrationally and discipline
> someone base on the letter, rather than the intent, of a rule.
> Of course, I know that these messages are put there automatically,
> according to your companies' policies.  No one is actually including
> them on purpose, and most probably aren't even aware, any more, that
> they're there.  But they are.
> I don't think this merits any official statement by the IESG, though
> the IESG might want to consider for itself whether it does.  But how
> about if we try to deal with this as a community?  It rather makes you
> look silly to have those notices there.  And you don't want to look
> silly, right?  So have a look at your posts, everyone, and if yours
> have any such junk at the bottoms of them, please do one of two
> things, tout de suite:
> 1. Arrange not to have them put there.  If there's some way you can
> get an exception to your company's rule for things sent to the IETF,
> do it.
> 2. Get a non-company address, and use that for your IETF
> participation.  You can get free addresses easily.  This option also
> has the advantage that if you should change employers, your
> IETF-related email address doesn't need to change.
> Barry
> _______________________________________________
> Ietf mailing list