Re: [saag] [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt

Frode Kileng <frodek@tele.no> Wed, 06 November 2019 09:13 UTC

Return-Path: <frodek@tele.no>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83D66120129; Wed, 6 Nov 2019 01:13:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=tele.no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lgTpo41R54QS; Wed, 6 Nov 2019 01:13:17 -0800 (PST)
Received: from gorgon.tele.no (gorgon.tele.no [IPv6:2001:700:800::70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F6AC120125; Wed, 6 Nov 2019 01:13:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tele.no; s=20180731; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version :Date:Message-ID:From:References:Cc:To:Subject:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Agu656NfNDbGIrPOcDaxZS/52ER+N23/icqhznLOASA=; b=kFkcSbMyrVJUVtwog+1bBFCaxR gTYTGgYAwFTflsPBMCwADn1FemGa4RLyfzr1dWc2EW1lteNH7UWAq4DLNFqrji3AQJvdsc/YgSl0u c++YpeZHig7NrFPCRhTjr/SyNEOtPeVTYEnk6iABrx7Lpw4W8/uXkZwX5fsXN8kPstJtEbalQyvZw BIFyW62GYK0Eby9L2nBsWlTL3Ag6DvRGxtn3KmdhFoahUbRQ6zXj0gX6WZAf42C+1mO53ASFzXpJb rl7YzLQzkwvPZZ7gnDRWH00cVdRO+Jo0GCDU6EUqf1kBiAbZevBsfNjjZsUXbh0719znAS5PIoCPl 72RJN/Eg==;
Received: from pilt1.tele.no ([2001:700:800::20] helo=[IPv6:::1]) by gorgon.tele.no with esmtp (Exim 4.92) (envelope-from <frodek@tele.no>) id 1iSHNK-0000zc-81; Wed, 06 Nov 2019 10:13:14 +0100
To: Martin Thomson <mt@lowentropy.net>
Cc: tsvwg IETF list <tsvwg@ietf.org>, "saag@ietf.org" <saag@ietf.org>
References: <67CE4313-A4C2-4CC7-972E-CB465D47B7FE@ericsson.com> <998B7C3E-54D8-40AC-BF91-901390CF70C5@strayalpha.com> <CAPDSy+5rvaXgEGZ7_V4pRdmBss7Hf1XmaGbiXGZceQu9hjjRTQ@mail.gmail.com> <118e630a-3f04-4aa9-8c1f-8083194865e4@www.fastmail.com>
From: Frode Kileng <frodek@tele.no>
Message-ID: <443cd271-cfae-37ff-7e33-d85d108e17f4@tele.no>
Date: Wed, 06 Nov 2019 10:13:14 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <118e630a-3f04-4aa9-8c1f-8083194865e4@www.fastmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/W5tDBCS0KDGNuZFhsNXvNY0eXmE>
Subject: Re: [saag] [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2019 09:13:20 -0000

Being involved in discussions in operator communities wrt. "implications 
of encryption" for  years, the following statement from Martin 
summarizes why I also do not support publication of this draft:

On 06/11/2019 05:09, Martin Thomson wrote:
> There is an assumption throughout that the listed practices are privileged and therefore deserving of protection.  No attempt is made to acknowledge that some of these practices are can be harmful in various ways.  No recognition is given to the possibility that involving endpoints might offer alternative methods toward the same ends.

To this list I wold also add a lack of qualification of a perceived 
usefulness and some quantification of how common the practices are.

frodek