[Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG

SM <sm@resistor.net> Sun, 06 December 2015 05:31 UTC

Return-Path: <sm@resistor.net>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id AC3C41A8960 for <shutup@ietfa.amsl.com>; Sat, 5 Dec 2015 21:31:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 4-c4eMhwLjwR for <shutup@ietfa.amsl.com>; Sat, 5 Dec 2015 21:31:09 -0800 (PST)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 53F161A8945 for <shutup@ietf.org>; Sat, 5 Dec 2015 21:31:09 -0800 (PST)
Received: from SUBMAN.resistor.net (IDENT:sm@localhost []) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id tB65V0Ac024298 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <shutup@ietf.org>; Sat, 5 Dec 2015 21:31:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1449379867; x=1449466267; bh=iYjIt+ubOrqh5UodMozGfc7src7yk0azDm41K/9/9Dk=; h=Date:To:From:Subject; b=spqF6g9sV1mNQN4XA3sR7kblKCf2H+SQBm2Mq/wcggDw2vUUBkieZg2U9Okqv5bF4 aITv7/+SPqoK+rbu4kF7LoUbWW9+Ap5u7YkEQtyczG73BJ8Sr7cMV5o2XMfH6xh1my n0xwfIxmVlG8zxWtmRHDDNj7k3I1/mDdFUpqUltE=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1449379867; x=1449466267; i=@resistor.net; bh=iYjIt+ubOrqh5UodMozGfc7src7yk0azDm41K/9/9Dk=; h=Date:To:From:Subject; b=2Q5Has9evAv3lLskFvIFCHJ0Zjbb58kET6gn1lzeqblU/h4cwovIb758UHL4aEZyz BMxhQSjxmjLdbmD7tJ/nv4InRvmoG+L9lsn70xsKp94xJCxdIP/bDwQvkg1ov0Nf2N biB7TgzAenjOh+oEqBk2qCIxyw3cm/ii7BYbKnIQ=
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version
Date: Sat, 05 Dec 2015 21:24:50 -0800
To: shutup@ietf.org
From: SM <sm@resistor.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/8cL3lqkWhBP_Ik38_C1cga9NVbw>
Subject: [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Dec 2015 05:31:10 -0000


I took a look at the proposed charter [1].  The proposed work looks 
like a Received header field shutup.  Is that based on RFC 7624?  The 
discussion in that RFC, specifically Section 3.3.4, focuses on IP 
addresses.  The proposed charter mentions leaking address and timing 
information.  Is that IP addresses?

   "Header fields in Email messages can reveal private information to an
   observer that might be used for attacking an organization or an"

An attack on organization is a security issue; it isn't a privacy 
issue.  The privacy issue is about mail-related metadata which can be 
collected by state surveillance agencies.  Will the proposed working 
group attempt to fix that?


1. http://www.ietf.org/mail-archive/web/shutup/current/msg00001.html