[saag] "Privacy in IETF Protocols" at IETF83

Henry Story <henry.story@bblfish.net> Fri, 30 March 2012 03:24 UTC

Return-Path: <henry.story@bblfish.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 2E36E21E8032 for <saag@ietfa.amsl.com>; Thu, 29 Mar 2012 20:24:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.949
X-Spam-Status: No, score=-6.949 tagged_above=-999 required=5 tests=[AWL=-3.350, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id UxGE2WnBZbbB for <saag@ietfa.amsl.com>; Thu, 29 Mar 2012 20:24:53 -0700 (PDT)
Received: from mail-wg0-f44.google.com (mail-wg0-f44.google.com []) by ietfa.amsl.com (Postfix) with ESMTP id 1FB5321F85D3 for <saag@ietf.org>; Thu, 29 Mar 2012 20:24:52 -0700 (PDT)
Received: by wgbdr13 with SMTP id dr13so112138wgb.13 for <saag@ietf.org>; Thu, 29 Mar 2012 20:24:52 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:subject:date:message-id:to:mime-version:x-mailer :x-gm-message-state:content-type:content-transfer-encoding; bh=aCewfbxbphOSRgTFR6rfWHcNSVwXDdNY4bEG1tNFPss=; b=j06gTsiozOE2fnoPi+bDhEEV0tyTxDl4ipX0OgTx7+cpZq4A7/b/XR/qDNFaLzOfzM ye8zxhbNpdZEZa5V+CNpTskpXKXgh6AQf5m2MQ4ez26tIiCD5B7UKXMCvOdZiKoLskJF monPjNg2tXtnznyGsIcJPeIBCDcUyXk6IeiZI9WsgpWZgfeTH/a9qkCRHyQ/KhzuhBBH AIDzDQX6sUKl2NgfyzuwtttjOBgzvBjnzLNOHJTNOSBFNsrYN37wkaiv1hpeq7MDrZVf VRRejnJcgfJ12J9n+mnz3luvGCJ7MmCSgWjJta9wtXp65aamb7/Fc4LbG3Uxdw1UMVFu 3YOg==
Received: by with SMTP id cf5mr1875254wib.2.1333077892220; Thu, 29 Mar 2012 20:24:52 -0700 (PDT)
Received: from [] (ATuileries-153-1-47-148.w83-202.abo.wanadoo.fr. []) by mx.google.com with ESMTPS id n8sm4178139wix.10.2012. (version=TLSv1/SSLv3 cipher=OTHER); Thu, 29 Mar 2012 20:24:51 -0700 (PDT)
From: Henry Story <henry.story@bblfish.net>
Date: Fri, 30 Mar 2012 05:24:49 +0200
Message-Id: <45274861-99FA-470F-94F7-8CF765F8C4DE@bblfish.net>
To: saag@ietf.org
Mime-Version: 1.0 (Apple Message framework v1257)
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQlgwOrYNOoRheaWoW8NLxJU5T7w+8jbIw2vv+gb/eMQSrNmCmqHebshKQTUerL25XPz6crM
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Subject: [saag] "Privacy in IETF Protocols" at IETF83
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 03:24:54 -0000

I very much appreciated Ian Walden's talk today at IETF83 meeting in 
Paris [1] He mentioned that the EU directives made it a legal requirement 
to make the use of cookies transparent to the users. In the questions 
and answers session I mentioned work by Mozilla that gave a very good UI
demonstration of how this could be done. You can find the blog post by 
Azza Raskin where he developed this here:


He was working on a more cookie oriented approach, but this would also work very
well for TLS, and there is an issue open for this on Google Chrome for example


It is good to see that the legislation is now providing an extra incentive to
for browser vendors to provide good clean transparent user interfaces.


[1] picture of Ian Walden http://instagr.am/p/IwxJJQvhf6/

Social Web Architect