Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Martijn Grooten <martijn@lapsedordinary.net> Mon, 30 November 2015 19:28 UTC

Return-Path: <martijn@lapsedordinary.net>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B91BC1B2B92; Mon, 30 Nov 2015 11:28:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.079
X-Spam-Level:
X-Spam-Status: No, score=-1.079 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_NET=0.611, HOST_MISMATCH_COM=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UDrQyitQOGpe; Mon, 30 Nov 2015 11:28:42 -0800 (PST)
Received: from mail.lapsedordinary.net (thinksmall.vps.bitfolk.com [85.119.83.85]) by ietfa.amsl.com (Postfix) with ESMTP id 7C5041B2B90; Mon, 30 Nov 2015 11:28:42 -0800 (PST)
Received: by mail.lapsedordinary.net (Postfix, from userid 1000) id A84F5343FE; Mon, 30 Nov 2015 19:28:41 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lapsedordinary.net; s=mail; t=1448911721; bh=e6429LKfYfRcNEUfB7t0chYwPVhEyrYySAa988+4NS0=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:In-Reply-To; b=YZ+Hr4/TN21kwhz8zv2AWNGL+j35zgkysNUkBweMnmam2lMiAJEGIgD24+Q79NQao JuxiM6kwCCY8o7RrwQM7e7smT4b8AMvCOxwnsmX18kyYFTHjt+mGj9dEywdFk0/w5Y 2Dhfx4dEz3kK/1I+S5bg87CLGmBtFsCyQoBLy0g4=
Date: Mon, 30 Nov 2015 19:28:41 +0000
From: Martijn Grooten <martijn@lapsedordinary.net>
To: ietf-smtp@ietf.org
Message-ID: <20151130192841.GA4625@lapsedordinary.net>
References: <565B351B.7090104@dcrocker.net> <20151129181346.9221.qmail@ary.lan>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20151129181346.9221.qmail@ary.lan>
User-Agent: Mutt/1.5.20 (2009-06-14)
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/IQDwowzJN_zPUtwO2itpnWBWt9M>
Cc: shutup@ietf.org
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2015 19:28:43 -0000

On Sun, Nov 29, 2015 at 06:13:46PM -0000, John Levine wrote:
> It's not even privacy vs. ops support, it's privacy issues via some
> hints of sender's location vs. privacy issues via the recipient
> getting spammed, phished, and malware'd.

We're actually pretty good at fighting various kinds of malicious email
and while I know headers like Received do play a role there, I'm not yet
convinced that their role is so fundamental that removing them, or
removing essential parts of them, would see these (proactive and
reactive) defenses collapse.

And I do actually think there is a privacy issue here and that we
shouldn't dismiss that right away.

However, I agree with others that the proposed charter seems a little
premature and that, to quote Dave Crocker, we ought to have "public
discussion about the technical aspects of this policy tradeoff" first.

Martijn.