[saag] "Privacy in IETF Protocols" at IETF83

Henry Story <henry.story@bblfish.net> Fri, 30 March 2012 03:24 UTC

Return-Path: <henry.story@bblfish.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E36E21E8032 for <saag@ietfa.amsl.com>; Thu, 29 Mar 2012 20:24:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.949
X-Spam-Level:
X-Spam-Status: No, score=-6.949 tagged_above=-999 required=5 tests=[AWL=-3.350, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UxGE2WnBZbbB for <saag@ietfa.amsl.com>; Thu, 29 Mar 2012 20:24:53 -0700 (PDT)
Received: from mail-wg0-f44.google.com (mail-wg0-f44.google.com [74.125.82.44]) by ietfa.amsl.com (Postfix) with ESMTP id 1FB5321F85D3 for <saag@ietf.org>; Thu, 29 Mar 2012 20:24:52 -0700 (PDT)
Received: by wgbdr13 with SMTP id dr13so112138wgb.13 for <saag@ietf.org>; Thu, 29 Mar 2012 20:24:52 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:subject:date:message-id:to:mime-version:x-mailer :x-gm-message-state:content-type:content-transfer-encoding; bh=aCewfbxbphOSRgTFR6rfWHcNSVwXDdNY4bEG1tNFPss=; b=j06gTsiozOE2fnoPi+bDhEEV0tyTxDl4ipX0OgTx7+cpZq4A7/b/XR/qDNFaLzOfzM ye8zxhbNpdZEZa5V+CNpTskpXKXgh6AQf5m2MQ4ez26tIiCD5B7UKXMCvOdZiKoLskJF monPjNg2tXtnznyGsIcJPeIBCDcUyXk6IeiZI9WsgpWZgfeTH/a9qkCRHyQ/KhzuhBBH AIDzDQX6sUKl2NgfyzuwtttjOBgzvBjnzLNOHJTNOSBFNsrYN37wkaiv1hpeq7MDrZVf VRRejnJcgfJ12J9n+mnz3luvGCJ7MmCSgWjJta9wtXp65aamb7/Fc4LbG3Uxdw1UMVFu 3YOg==
Received: by 10.180.91.165 with SMTP id cf5mr1875254wib.2.1333077892220; Thu, 29 Mar 2012 20:24:52 -0700 (PDT)
Received: from [192.168.1.180] (ATuileries-153-1-47-148.w83-202.abo.wanadoo.fr. [83.202.30.148]) by mx.google.com with ESMTPS id n8sm4178139wix.10.2012.03.29.20.24.50 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 20:24:51 -0700 (PDT)
From: Henry Story <henry.story@bblfish.net>
Date: Fri, 30 Mar 2012 05:24:49 +0200
Message-Id: <45274861-99FA-470F-94F7-8CF765F8C4DE@bblfish.net>
To: saag@ietf.org
Mime-Version: 1.0 (Apple Message framework v1257)
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQlgwOrYNOoRheaWoW8NLxJU5T7w+8jbIw2vv+gb/eMQSrNmCmqHebshKQTUerL25XPz6crM
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Subject: [saag] "Privacy in IETF Protocols" at IETF83
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 03:24:54 -0000

I very much appreciated Ian Walden's talk today at IETF83 meeting in 
Paris [1] He mentioned that the EU directives made it a legal requirement 
to make the use of cookies transparent to the users. In the questions 
and answers session I mentioned work by Mozilla that gave a very good UI
demonstration of how this could be done. You can find the blog post by 
Azza Raskin where he developed this here:

  http://www.azarask.in/blog/post/identity-in-the-browser-firefox/

He was working on a more cookie oriented approach, but this would also work very
well for TLS, and there is an issue open for this on Google Chrome for example

  http://code.google.com/p/chromium/issues/detail?id=29784

It is good to see that the legislation is now providing an extra incentive to
for browser vendors to provide good clean transparent user interfaces.

 Henry

[1] picture of Ian Walden http://instagr.am/p/IwxJJQvhf6/

Social Web Architect
http://bblfish.net/