IETF Logo Mail Archive

Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA

Pete Resnick <presnick@qti.qualcomm.com> Fri, 06 September 2013 15:41 UTC

Return-Path: <presnick@qti.qualcomm.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62DCB11E81B2 for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 08:41:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.571
X-Spam-Level:
X-Spam-Status: No, score=-106.571 tagged_above=-999 required=5 tests=[AWL=0.028, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7NFXpBLu-jGI for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 08:41:22 -0700 (PDT)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) by ietfa.amsl.com (Postfix) with ESMTP id CDD8311E81B0 for <ietf@ietf.org>; Fri, 6 Sep 2013 08:41:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qcdkim; t=1378482082; x=1410018082; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=0wBLnKCyCIiLRn+Hn5g7bY/QaWtUHS47tv9/dZy6wNE=; b=eYvCAR76Hc7jCAwNI9RSUKaN5sXtgsQ0gwM9o+WWByCILiGis22nnNNl b/g6ux9Ue9kCMCP4sAYVmYuPU3NL/5atVf6hbpsDVdb+D6rTKKE1b0tAo /lf1dyVwYTh2JqdYNxX0dlCTkOIpIo6o67IqcI8B2S5LaiyCTJJ/0tl9x c=;
X-IronPort-AV: E=McAfee;i="5400,1158,7189"; a="72818663"
Received: from ironmsg04-l.qualcomm.com ([172.30.48.19]) by wolverine01.qualcomm.com with ESMTP; 06 Sep 2013 08:41:22 -0700
X-IronPort-AV: E=McAfee;i="5400,1158,7189"; a="507428290"
Received: from nasanexhc07.na.qualcomm.com ([172.30.39.190]) by Ironmsg04-L.qualcomm.com with ESMTP/TLS/RC4-SHA; 06 Sep 2013 08:41:22 -0700
Received: from presnick-mac.local (172.30.39.5) by qcmail1.qualcomm.com (172.30.39.190) with Microsoft SMTP Server (TLS) id 14.3.146.2; Fri, 6 Sep 2013 08:41:21 -0700
Message-ID: <5229F79D.9090404@qti.qualcomm.com>
Date: Fri, 06 Sep 2013 08:41:17 -0700
From: Pete Resnick <presnick@qti.qualcomm.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.7; en-US; rv:1.9.1.9) Gecko/20100630 Eudora/3.0.4
MIME-Version: 1.0
To: John C Klensin <john-ietf@jck.com>
Subject: Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA
References: <5F053C0B-4678-4680-A8BF-62FF282ADDCE@softarmor.com> <alpine.BSF.2.00.1309051743130.47262@hiroshima.bogus.com> <52293197.1060809@gmail.com> <CAMm+LwjdN478yyU=J7=GTpQxqtdgP8wtdEtna50X+WtA-bV3hg@mail.gmail.com> <52294BDC.4060707@gmail.com> <20130906033254.GH62204@mx1.yitter.info> <CAMm+Lwg9kJymBWaEXwZfQ=P5Uo-UmYoNvvzewnXjUu+mhg+QTQ@mail.gmail.com> <006001ceaad6$61f39640$4001a8c0@gateway.2wire.net> <5229D6B0.1040709@qti.qualcomm.com> <59C958339C8533E20B11F2C3@JcK-HP8200.jck.com> <5229E8C8.6060801@qti.qualcomm.com> <E9B7805C4692FDF7646D5580@JcK-HP8200.jck.com>
In-Reply-To: <E9B7805C4692FDF7646D5580@JcK-HP8200.jck.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [172.30.39.5]
Cc: IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Sep 2013 15:41:33 -0000

On 9/6/13 8:23 AM, John C Klensin wrote:

> I think that one of the more important things we
> can do is to rethink UIs to give casual users more information
> about what it going on and to enable them to take intelligent
> action on decisions that should be under their control.  There
> are good reasons why the IETF has generally stayed out of the UI
> area but, for the security and privacy areas discussed in this
> thread, there may be no practical way to design protocols that
> solve real problems without starting from what information a UI
> needs to inform the user and what actions the user should be
> able to take and then working backwards.
> [...]
> And the fact that those are 75% of more UI issues is probably no
> longer an excuse.
>    

Absolutely. There is clearly a good motivation: A particular UI choice 
should not *constrain* a protocol, so it is essential that we make sure 
that the protocol is not *dependent* on the UI. But that doesn't mean 
that UI issues should not *inform* protocol design. If we design a 
protocol such that it makes assumptions about what the UI will be able 
to provide without verifying those assumptions are realistic, we're in 
serious trouble. I think we've done that quite a bit in the 
security/application protocol space.

> one of my personal peeves is the range of unsatisfactory
> conditions --from an older version of certificate format or
> minor error to a verified revoked certificate -- that can
> produce a message that essentially says "continuing may cause
> unspeakable evil to happen to you" with an "ok" button (and only
> an "ok" button).
>    

OK, one last nostalgic anecdote about Eudora before I go back to 
finishing my spfbis Last Call writeup:

MacTCP (the TCP/IP stack for the original MacOS) required a handler 
routine for ICMP messages for some dumb reason; you couldn't just set it 
to null in your code. So Steve implemented one. Whenever an ICMP message 
came in for a current connection (e.g., Destination Unreachable), Eudora 
would put up a dialog box. It read "Eudora has received an ICMP 
Destination Unreachable message." The box had a single button. It read, 
"So What?"

Working for Steve was a hoot.

pr

-- 
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478

v2.23.0 | Report a Bug | By Email