Re: [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG

SM <sm@resistor.net> Sun, 06 December 2015 18:45 UTC

Return-Path: <sm@resistor.net>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7109D1B2A57 for <shutup@ietfa.amsl.com>; Sun, 6 Dec 2015 10:45:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.198
X-Spam-Level:
X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_03_06=1.592, DKIM_SIGNED=0.1, T_DKIM_INVALID=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kYBc3kl73HBc for <shutup@ietfa.amsl.com>; Sun, 6 Dec 2015 10:45:31 -0800 (PST)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 569B71B2A55 for <shutup@ietf.org>; Sun, 6 Dec 2015 10:45:31 -0800 (PST)
Received: from SUBMAN.resistor.net (IDENT:sm@localhost [127.0.0.1]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id tB6IjMai026933 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 6 Dec 2015 10:45:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1449427529; x=1449513929; bh=d5aSxel434l+NKw6H0F31+IRZ6PZz4zTpapUcbX91+4=; h=Date:To:From:Subject:In-Reply-To:References; b=hkbH8iEDz+ablEXm7ov97RyQOvouF6IuOIONsXSkiW/RUvUUDiwC1vQXWl+ZFegYn 3MwPqmIUwRv0xK4qMCVOmrk0dsFtovy2jnUlTX/i/wQwq+04D2N6/15PC7wA3AtmgZ qDlLsuL/vF1Su1Dhp6QgupN1DQbRo2MyjgYIDjB8=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1449427529; x=1449513929; i=@resistor.net; bh=d5aSxel434l+NKw6H0F31+IRZ6PZz4zTpapUcbX91+4=; h=Date:To:From:Subject:In-Reply-To:References; b=qzutzPZyKa3U4RVe+IIrfxmwKulcN01jmDSsfCB3UYywBBK/SivAjxQUePvsvUADF YOeiyRZVouAJd7tQ1PV5mF+ibqiybdX9WDYI5kHjHNcTaKDdavwZyLNHZzbt7SuNQy rfpA+1Kxx0adcYgj79jslFDLJSzJT/m+Kapfdvck=
Message-Id: <6.2.5.6.2.20151206041035.0cc116a8@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Sun, 06 Dec 2015 05:23:48 -0800
To: Chris Lewis <ietf@mustelids.ca>, shutup@ietf.org
From: SM <sm@resistor.net>
In-Reply-To: <5663F149.7060207@mustelids.ca>
References: <6.2.5.6.2.20151205205343.0c75fed0@elandnews.com> <5663D70D.30707@mustelids.ca> <6.2.5.6.2.20151205230057.06a26038@resistor.net> <5663F149.7060207@mustelids.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/9gfkiGcOTl_vg4UO8LLXJZEnhVw>
Subject: Re: [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Dec 2015 18:45:32 -0000

Hello,
At 00:26 06-12-2015, Chris Lewis wrote:
>I don't see how that matters.
>
>Also, as others have remarked, legal/regulatory log access is 
>out-of-scope for the IETF (a legal/regulatory issue not a technical 
>one), so how could RFC7258 mention it?  Out of scope is out of 
>scope, whether the provider wants to include it or not.

The topic of pervasive surveillance did not gather much interest 
prior to a few months before RFC 7258 was published.

>I'll also note that the second page of RFC7258 specifically states:
>
>"The motivation for PM can range from non-targeted nation-state
>surveillance, to legal but privacy-unfriendly purposes by commercial
>enterprises, to illegal actions by criminals."

Ok.

>IOW: if this is about pervasive monitoring (perpass), you can't 
>leave out 2/3rds of the actors (and far more than 2/3rds of the 
>demonstrated risk) and expect to have any useful validity.
>
>By limiting us to the actors who don't care about headers, knowing 
>you can't include log access in whether you want to or not, this WG 
>is completely without a purpose.  Or was that your point? ;-)

The proposed charter does not mention mail logs.  I mentioned 
pervasive monitoring as there were news articles about email metadata 
being captured.  Looking at this in terms of the text in the proposed 
charter, it is about what is in the mail headers being transmitted 
during a SMTP session.  The comment [1] which I sent was about 
that.  I am was not limiting that to one or more entities who might 
be able to collect that information on an international scale or an 
entity which could collect that on a national scale.

I was not trying to make a point about the proposed working group 
being completely without purpose if log access was out of 
scope.  There were three questions in my initial email to this 
mailing list.  Ned provided some input about the Received header 
field question [2].  I read his comments about the draft which is 
mentioned in the proposed charter; the comments were informative.

Regards,
-sm

1. http://www.ietf.org/mail-archive/web/shutup/current/msg00146.html
2. http://www.ietf.org/mail-archive/web/shutup/current/msg00149.html