Re: [perpass] perens-perpass-appropriate-response-01

Bruce Perens <bruce@perens.com> Fri, 06 December 2013 19:19 UTC

Return-Path: <bruce@perens.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DBC71AE152 for <perpass@ietfa.amsl.com>; Fri, 6 Dec 2013 11:19:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.177
X-Spam-Level:
X-Spam-Status: No, score=-1.177 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.723, RP_MATCHES_RCVD=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TI3w3xY8-lrG for <perpass@ietfa.amsl.com>; Fri, 6 Dec 2013 11:19:51 -0800 (PST)
Received: from alchemy.perens.com (alchemy.perens.com [206.221.219.26]) by ietfa.amsl.com (Postfix) with ESMTP id 777631AE146 for <perpass@ietf.org>; Fri, 6 Dec 2013 11:19:51 -0800 (PST)
Received: from [192.168.10.146] (c-50-168-114-183.hsd1.ca.comcast.net [50.168.114.183]) by alchemy.perens.com (Postfix) with ESMTPSA id D7C4250008A for <perpass@ietf.org>; Fri, 6 Dec 2013 11:19:47 -0800 (PST)
Message-ID: <52A2235A.2030801@perens.com>
Date: Fri, 06 Dec 2013 11:19:54 -0800
From: Bruce Perens <bruce@perens.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131103 Icedove/17.0.10
MIME-Version: 1.0
To: perpass@ietf.org
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <EF9BD1E4-6EF3-4035-AC4E-1A2D3CADE615@mnot.net> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr> <529F61D8.6030105@perens.com> <20131204171207.GC19914@thunk.org> <529F63C0.3040804@perens.com> <529F88AC.3090904@appelbaum.net> <529F90A0.8000706@perens.com> <529F9205.30906@appelbaum.net> <529F98C0.9090808@perens.com> <529F9F14.8050805@appelbaum.net> <529FB61A.7090604@perens.com> <529FBEF9.7030205@appelbaum.net> <529FC347.3080806@perens.com> <52A15835.2070901@cis-india.org> <52A21B80.8070005@mykolab.com> <52A21D1C.8020000@perens.com> <BC888A6F-F048-4BA6-92F4-8812753F8534@icsi.berkeley.edu>
In-Reply-To: <BC888A6F-F048-4BA6-92F4-8812753F8534@icsi.berkeley.edu>
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Dec 2013 19:19:52 -0000

On 12/06/2013 10:58 AM, Nicholas Weaver wrote:
Include a checkbox in the browser saying "Fuck it all, show my data to the world" which broadcasts the session key in the clear.
I know you intended this to be sarcastic, but opting out of the concealment society does not mean that the user doesn't have the sense to conceal things when it is actually necessary, vs. when it is in their honest opinion an off-the-scale response to the problem.

Punishing them by revealing their credit card numbers is not an appropriate response to their wanting to load static images, javascripts, and CSS in the clear.

    Thanks

    Bruce