Clarifying Russ's hums

Scott Brim <> Wed, 06 November 2013 21:03 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 232D011E8101 for <>; Wed, 6 Nov 2013 13:03:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.587
X-Spam-Status: No, score=-102.587 tagged_above=-999 required=5 tests=[AWL=0.012, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TmEoNaF0+qZs for <>; Wed, 6 Nov 2013 13:03:39 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4003:c01::232]) by (Postfix) with ESMTP id 969BF11E80E2 for <>; Wed, 6 Nov 2013 13:03:39 -0800 (PST)
Received: by with SMTP id va2so71784obc.23 for <>; Wed, 06 Nov 2013 13:03:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=PUsI7IfhWyzZxWN2THgVjneNQoAcHIFAy3E7ZnKQA9A=; b=G5iGql9i09KZbKb9dJP+Gpmjey2flU/dWFeO0lKVDPtt+aYEcD98KK4wxTMyeMnYIV lXFLsYgrKY94NqVI8i3BKFd2axz1uH9gkSpbqRBUD5ciYttPOlFh7gjCtu5ni9KcC5Ut Trxz+1Y3KJck2XcDQ2/4gycWVKSvLjHdYOqCDq8eyy1oYK4R4uecydY6EZPzIxDB3OEv ha5ZR0JNl72WitgDZ6C1tiUqh4O0hUL99eWyvO9lalnlpJc0gwVqV/cUZqWpxeswXTfx rNqnbw/V6aoC11RD7gWvAdQHe7KhHafnGQc/6IL1SOTogVeFpLccnDIke3KYTaIVE/bi fsjw==
MIME-Version: 1.0
X-Received: by with SMTP id cs3mr4243161oeb.12.1383771819169; Wed, 06 Nov 2013 13:03:39 -0800 (PST)
Received: by with HTTP; Wed, 6 Nov 2013 13:03:39 -0800 (PST)
Date: Wed, 06 Nov 2013 13:03:39 -0800
Message-ID: <>
Subject: Clarifying Russ's hums
From: Scott Brim <>
To: IETF discussion list <>
Content-Type: multipart/alternative; boundary="047d7b33d176bb5ee704ea887b67"
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 06 Nov 2013 21:03:40 -0000

In Russ's hums this morning, some had words that were not well defined.
 Here are three that were not clear to me, and what I hummed about:

"Is the IETF willing to respond to pervasive surveillance as an attack?" ->
"respond" is not clear.  Certainly we have to do something in response to
what we now know. Sam is right, whatever we can imagine is probably already
going on. However, what the response is is not agreed on.

"IETF should include encryption even outside of authentication where
practical" -> "where practical" is not defined. I think each WG will know
what to do with this as long as no one tries to claim that the IETF decided
that we MUST have encryption in all cases.

"The IETF should strive for e2e encryption even when there are middleboxes
in the path" -> "middleboxes" is a full spectrum of devices and functions.
Some of them are quite useful. Until it's clear what the scope is, I hummed