Re: Hum theatre

"Fred Baker (fred)" <fred@cisco.com> Thu, 07 November 2013 08:50 UTC

Return-Path: <fred@cisco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D70621E8160 for <ietf@ietfa.amsl.com>; Thu, 7 Nov 2013 00:50:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.391
X-Spam-Level:
X-Spam-Status: No, score=-110.391 tagged_above=-999 required=5 tests=[AWL=0.207, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YCFKrjsPNDg0 for <ietf@ietfa.amsl.com>; Thu, 7 Nov 2013 00:50:54 -0800 (PST)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id DC2A221E813B for <ietf@ietf.org>; Thu, 7 Nov 2013 00:50:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3844; q=dns/txt; s=iport; t=1383814253; x=1385023853; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=ksD1QTX2Y35JR7l/2NzsncxL4Oja9p4FZPFvY9ZC1us=; b=GFvlza4kMZbzMh4awy2x6CnQOxA12BfPugUQdEeql3xADE4vL7O3s3nI YmeU4Pdim09Eg9uqVx3r5DJkn070y7CLrKw4lxrrGvGfcQ9p1bnkG68Oc 2XZJ+Ag8GZmTTIjUh1fptmEvrYBKQjrE15I5sDglB7PgA1Wqs6LpjlISD g=;
X-Files: signature.asc : 195
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgUFAB9Te1KtJXHA/2dsb2JhbABZgweBC78NgSQWdIIlAQEBAwF5BQsCAQgEQiERJQIEDgUODYdUAwkGs2kNiWuMZ4JyB4MggRADkC6BMIRDgWuMUoU4gyaCKg
X-IronPort-AV: E=Sophos; i="4.93,650,1378857600"; d="asc'?scan'208,217"; a="281823782"
Received: from rcdn-core2-5.cisco.com ([173.37.113.192]) by rcdn-iport-5.cisco.com with ESMTP; 07 Nov 2013 08:50:53 +0000
Received: from xhc-aln-x12.cisco.com (xhc-aln-x12.cisco.com [173.36.12.86]) by rcdn-core2-5.cisco.com (8.14.5/8.14.5) with ESMTP id rA78orM0008216 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 7 Nov 2013 08:50:53 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.122]) by xhc-aln-x12.cisco.com ([173.36.12.86]) with mapi id 14.03.0123.003; Thu, 7 Nov 2013 02:50:53 -0600
From: "Fred Baker (fred)" <fred@cisco.com>
To: Abdussalam Baryun <abdussalambaryun@gmail.com>
Subject: Re: Hum theatre
Thread-Topic: Hum theatre
Thread-Index: AQHO22Bm278AERXjx0WkVd8HlPN725oZhOmAgAAmRQCAAC+RAA==
Date: Thu, 7 Nov 2013 08:50:52 +0000
Message-ID: <9E6F8E49-8A45-43C7-BF83-AE9B25C50076@cisco.com>
References: <527AF986.4090504@dcrocker.net> <A4E8A2D6-6F01-48DF-84D9-84CD53FCE76A@cisco.com> <CADnDZ8-YzFaY1hi82CPTrAPZ=T+YOjeSOFts+Li5nK1qLwt4Xg@mail.gmail.com>
In-Reply-To: <CADnDZ8-YzFaY1hi82CPTrAPZ=T+YOjeSOFts+Li5nK1qLwt4Xg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.75.25]
Content-Type: multipart/signed; boundary="Apple-Mail=_51622794-0F90-403B-8F58-E486BF2D29EE"; protocol="application/pgp-signature"; micalg=pgp-sha1
MIME-Version: 1.0
Cc: "<dcrocker@bbiw.net>" <dcrocker@bbiw.net>, IETF Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 08:50:59 -0000

On Nov 6, 2013, at 10:00 PM, Abdussalam Baryun <abdussalambaryun@gmail.com>
 wrote:

> Why privacy threats were not addressed before users noticed the attacks and that the designers failed?

There are two fundamental reasons. One is that we didn't recognize the issues at the time. The other, in the words of an RFC author who looked me (as IETF Chair) in the eye while I was demanding a reasonable security considerations discussion in his draft, is "my customers will not pay for the extra enhancements and effort that go into a secure solution."