Re: [perpass] perens-perpass-appropriate-response-01

Hannes Tschofenig <hannes.tschofenig@gmx.net> Wed, 04 December 2013 11:50 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E50C11AE249 for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 03:50:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.851
X-Spam-Level:
X-Spam-Status: No, score=-0.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_12_24=1.049, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bY2499NxlKUh for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 03:50:42 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) by ietfa.amsl.com (Postfix) with ESMTP id 926081AE210 for <perpass@ietf.org>; Wed, 4 Dec 2013 03:50:42 -0800 (PST)
Received: from [192.168.10.128] ([62.49.66.12]) by mail.gmx.com (mrgmx103) with ESMTPSA (Nemesis) id 0LuwiT-1VfLGn3ABd-0106Ao for <perpass@ietf.org>; Wed, 04 Dec 2013 12:50:38 +0100
Message-ID: <529E5653.5000005@gmx.net>
Date: Tue, 03 Dec 2013 22:08:19 +0000
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>, Bruce Perens <bruce@perens.com>
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <EF9BD1E4-6EF3-4035-AC4E-1A2D3CADE615@mnot.net> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr>
In-Reply-To: <20131204111309.GB11727@nic.fr>
Content-Type: multipart/alternative; boundary="------------090404070909030905060202"
X-Provags-ID: V03:K0:w97Ka8hOWr9xf1M27zYwVDLbYpLATFX4YPJ9BME4O0IrIvsqGo0 k/L9oxj0OYEytlpvaVJCkQHTmN/dY2KiM00Rgy/CFaVBQpFUNgt2DlxsgL6wfKbqi5U2uED WXT0pbftfroA+pSM93/kGub3Gt4VD19bCvrgdFExjRPizOmEzdBPl7oumlkxlU7Jqzi7yZF vT8PzytTguxL0+3PEgZuw==
Cc: perpass@ietf.org
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Dec 2013 11:50:45 -0000

On 12/04/2013 11:13 AM, Stephane Bortzmeyer wrote:
> problem is *political* and should
> receive a *political* response

I am not sure what "political" means.

The attacks we have seen are exploiting vulnerabilities others had
exploited before. Fixing security vulnerabilities in protocol
specifications, in implementations, and in deployments is something we
have done before.

Do you guys expect that someone (pick your favourite person) would say
"This is not good. You must not exploit security vulnerabilities in the
future anymore." Then, the Internet would be more secure.

I fail to see the story.

Ciao
Hannes

PS: To me it sounds like pushing responsibilities around without a clear
idea what that could mean.