Re: [perpass] perens-perpass-appropriate-response-01

[S Moonesamy <sm+ietf@elandsys.com>]

Hi Martin, Bruce, Stephane,
At 02:07 04-12-2013, Martin Millnert wrote:
>For the other, mostly technical, arguments put forth by you:
>
>   p3. A sovereign entity may outlaw technical protocol X:
>   It wouldn't be a sovereign entity if it couldn't.  It could outlaw Pi
>= 3.1459... for all I care.  Point is we should not let a single
>Sovereign Entity outlaw the correct definition of Pi, for the rest of
>us. It is precisely within IETF's jurisdiction to define our global
>common Internet communication protocols.  If a single backwards
>Sovereign Entity held veto power over this we would be much poorer
>today. Instead the backwards sovereign entities will have to live
>without these protocols, which is what they in their sovereignty decided
>anyway, so everybody would be happy...

Someone mentioned in a non-IETF discussion that there was a precedent 
about a technical question which might fit the above (3.146) 
argument.  It was recently mentioned in a news article that there is 
a public misconception about the Internet.  In my opinion it would be 
politically inappropriate for the IETF to state that some country 
would have to live without a protocol.

On page 1 of the document, it is mentioned that it is a:

   "deliberate attempt to defeat the correct technical operation of 
the Internet.
    In this case, the feature of communications privacy"

I would use "confidentiality" instead of "communications privacy" 
[1].  I agree that, as it is argued in the document, "attack" has a 
different meaning.

It is difficult to ignore the context.  I posted a draft (see 
http://tools.ietf.org/html/draft-moonesamy-traffic-peeking-00 
).  I'll be candid; the objective of a spying organization is to 
spy.  An in-depth discussion of that will alienate some IETF 
participants.  Not saying anything about [I don't know what word to 
choose] is an alternative.  Another alternative is to look at how the 
political problem affects the technical one.

The document argues that there is "no technical solution to this 
conundrum".  I agree to that.  An interesting point (in the document) 
is that "universal encryption of HTTP connections proposed on the 
working group mailing lists would hinder the technical operation of 
the internet".  I'd say yes.  In my opinion there are reasons why a 
person would consider having encrypted access to "static 
content".  For example, the "in the clear" access might disclose 
information which the user might be uncomfortable about.  One 
alternative is to provide the user and the other parties involved in 
the communication session with choices.  As Martin Millnert pointed 
out, providing those choices is not straight-forward.

I'll adapt a comment from Stephane Bortzmeyer:

   Is it okay to ask Mr Smith to decide based on the information 
[being provided]?

Or to put it differently, should a technical specification provide 
some guidance about that.

Regards,
S. Moonesamy

1. Credits to the Stephen Farrell and I'll take the blame if it is 
incorrect. :-)