IETF Logo Mail Archive

Re: [Fwd: I-D Action: draft-carpenter-prismatic-reflections-00.txt]

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 20 September 2013 11:28 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DD9F21F8F3C for <ietf@ietfa.amsl.com>; Fri, 20 Sep 2013 04:28:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.599
X-Spam-Level:
X-Spam-Status: No, score=-104.599 tagged_above=-999 required=5 tests=[AWL=-2.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nP-6A91A0u9l for <ietf@ietfa.amsl.com>; Fri, 20 Sep 2013 04:28:33 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id AD42321F92B8 for <ietf@ietf.org>; Fri, 20 Sep 2013 04:28:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 7382BBE68; Fri, 20 Sep 2013 12:28:31 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R0sVA5JpwVL9; Fri, 20 Sep 2013 12:28:31 +0100 (IST)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 50714BE25; Fri, 20 Sep 2013 12:28:31 +0100 (IST)
Message-ID: <523C315F.9020407@cs.tcd.ie>
Date: Fri, 20 Sep 2013 12:28:31 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: Josh Howlett <Josh.Howlett@ja.net>
Subject: Re: [Fwd: I-D Action: draft-carpenter-prismatic-reflections-00.txt]
References: <CE61D529.11007%Josh.Howlett@Ja.net>
In-Reply-To: <CE61D529.11007%Josh.Howlett@Ja.net>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: IETF discussion list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2013 11:28:39 -0000

On 09/20/2013 10:59 AM, Josh Howlett wrote:
> I confess that I am confused by much of this discussion. As I understand
> it, PRISM is not a signals intelligence activity; it only addresses that
> data at rest within those organisations who have partnered with the NSA.
> As such, improving protocol security will achieve nothing against PRISM;
> it is a socio-political issue that is outside of the scope of a technical
> standards organisation.
> 
> As such the only practical way for a typical user to protect themselves
> against PRISM is to switch to other providers based in jurisdictions that
> provide the appropriate protections, or agitate to change the applicable
> laws within their own jurisdiction, where appropriate.
> 
> This is not, of course, an argument not to improve the security of our
> protocols for other reasons, but let's please motivate this work
> correctly. It will yield a greater probability of success.

Brian I think nicely summarised the discussion that happened.

The way I think of it is that PRISM is just one label that's
being used to reflect the whole set of recent disclosures and
ensuing discussions. Phill has also talked about PRISMproofing
which seemed to resonate with some people. I've started using
the term Snowdonia for all this stuff, but we really shouldn't
get hung up on the labels since that's all they are.

As you say, what we need to do in the IETF is figure out what
we should be doing about it all, and then go do that. That is
a work in progress and will undoubtedly be for a while to
come, but folks are working at it, which is good.

S.


> 
> Josh.
> 
> On 20/09/2013 05:54, "Brian E Carpenter" <brian.e.carpenter@gmail.com>
> wrote:
> 
>> I got my arm slightly twisted to produce the attached: a simple
>> concatenation of some of the actionable suggestions made in the
>> discussion of PRISM and Bruce Schneier's call for action.
>>
>>   Brian
> 
> 
> Janet(UK) is a trading name of Jisc Collections and Janet Limited, a 
> not-for-profit company which is registered in England under No. 2881024 
> and whose Registered Office is at Lumen House, Library Avenue,
> Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
> 
>

v2.23.0 | Report a Bug | By Email