IETF Logo Mail Archive

Re: [Fwd: I-D Action: draft-carpenter-prismatic-reflections-00.txt]

Josh Howlett <Josh.Howlett@ja.net> Fri, 20 September 2013 09:59 UTC

Return-Path: <Josh.Howlett@ja.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F122621F8948 for <ietf@ietfa.amsl.com>; Fri, 20 Sep 2013 02:59:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.649
X-Spam-Level:
X-Spam-Status: No, score=-100.649 tagged_above=-999 required=5 tests=[AWL=-0.650, BAYES_50=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U2cf64I24DEm for <ietf@ietfa.amsl.com>; Fri, 20 Sep 2013 02:59:08 -0700 (PDT)
Received: from egw002.ukerna.ac.uk (egw002.ukerna.ac.uk [194.81.3.65]) by ietfa.amsl.com (Postfix) with ESMTP id 8C74921F85E6 for <ietf@ietf.org>; Fri, 20 Sep 2013 02:59:08 -0700 (PDT)
Received: from egw002.ukerna.ac.uk (localhost.localdomain [127.0.0.1]) by localhost (Email Security Appliance) with SMTP id 2C93420C71B7_23C1C68B; Fri, 20 Sep 2013 09:59:04 +0000 (GMT)
Received: from EXC001.atlas.ukerna.ac.uk (exc001.atlas.ukerna.ac.uk [193.62.83.37]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client CN "staffmail.ja.net", Issuer "TERENA SSL CA" (verified OK)) by egw002.ukerna.ac.uk (Sophos Email Appliance) with ESMTPS id D69D020C7137_23C1C67F; Fri, 20 Sep 2013 09:59:03 +0000 (GMT)
Received: from EXC001.atlas.ukerna.ac.uk ([193.62.83.37]) by EXC001 ([193.62.83.37]) with mapi id 14.02.0247.003; Fri, 20 Sep 2013 10:59:03 +0100
From: Josh Howlett <Josh.Howlett@ja.net>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, IETF discussion list <ietf@ietf.org>
Subject: Re: [Fwd: I-D Action: draft-carpenter-prismatic-reflections-00.txt]
Thread-Topic: [Fwd: I-D Action: draft-carpenter-prismatic-reflections-00.txt]
Thread-Index: AQHOtb2cIhmcJfhi2k6TjfZ901wwP5nOZI4A
Date: Fri, 20 Sep 2013 09:59:02 +0000
Message-ID: <CE61D529.11007%Josh.Howlett@Ja.net>
In-Reply-To: <523BD51A.2080101@gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.6.130613
x-originating-ip: [194.82.140.76]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <2F7218B3BFAE2B4085EE40279BBC79CB@ukerna.ac.uk>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2013 09:59:15 -0000

I confess that I am confused by much of this discussion. As I understand
it, PRISM is not a signals intelligence activity; it only addresses that
data at rest within those organisations who have partnered with the NSA.
As such, improving protocol security will achieve nothing against PRISM;
it is a socio-political issue that is outside of the scope of a technical
standards organisation.

As such the only practical way for a typical user to protect themselves
against PRISM is to switch to other providers based in jurisdictions that
provide the appropriate protections, or agitate to change the applicable
laws within their own jurisdiction, where appropriate.

This is not, of course, an argument not to improve the security of our
protocols for other reasons, but let's please motivate this work
correctly. It will yield a greater probability of success.

Josh.

On 20/09/2013 05:54, "Brian E Carpenter" <brian.e.carpenter@gmail.com>
wrote:

>I got my arm slightly twisted to produce the attached: a simple
>concatenation of some of the actionable suggestions made in the
>discussion of PRISM and Bruce Schneier's call for action.
>
>   Brian


Janet(UK) is a trading name of Jisc Collections and Janet Limited, a 
not-for-profit company which is registered in England under No. 2881024 
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238

v2.23.0 | Report a Bug | By Email