Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Chris Lewis <ietf@mustelids.ca> Wed, 02 December 2015 01:43 UTC

Return-Path: <ietf@mustelids.ca>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 533A81B3097; Tue, 1 Dec 2015 17:43:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 3.043
X-Spam-Level: ***
X-Spam-Status: No, score=3.043 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FH_RELAY_NODNS=1.451, RDNS_NONE=0.793, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KlxyyMBNU9W9; Tue, 1 Dec 2015 17:43:47 -0800 (PST)
Received: from stoat.mustelids.ca (unknown [174.35.246.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6326F1B3087; Tue, 1 Dec 2015 17:43:47 -0800 (PST)
Received: from [192.168.0.6] (badger.mustelids.ca [192.168.0.6]) (authenticated bits=0) by stoat.mustelids.ca (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id tB21hh7t001819 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 1 Dec 2015 20:43:45 -0500
To: shutup@ietf.org
References: <20151130042819.10658.qmail@ary.lan> <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com> <01PTPUIP3IUK01729W@mauve.mrochek.com> <11d014e5-9a6a-4b78-92a1-8e0a1e0a905d@gulbrandsen.priv.no> <lGTaHvC8ygXWFAuu@highwayman.com> <57B818513A0069189BA3CF41@JcK-HP8200.jck.com> <1449014394167-7d2dec58-2c6a9ae8-33fc8e7a@fugue.com>
From: Chris Lewis <ietf@mustelids.ca>
X-Enigmail-Draft-Status: N1110
Message-ID: <565E4CCF.3080901@mustelids.ca>
Date: Tue, 1 Dec 2015 20:43:43 -0500
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.23) Gecko/20090812 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
In-Reply-To: <1449014394167-7d2dec58-2c6a9ae8-33fc8e7a@fugue.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/SKg_gHen6axnVn7nwI-Ri-lR2m4>
Cc: ietf-smtp@ietf.org
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2015 01:43:48 -0000

On 12/01/2015 06:59 PM, Ted Lemon wrote:
> Tuesday, Dec 1, 2015 6:52 PM John C Klensin wrote:
>> Suppose that,
>> instead, the question was closer to: "if a user had a serious
>> desire to protect her location, especially against pervasive
>> surveillance by state actors and too-curious message recipients,
>> how would she do that with existing systems?"
>
> John, I think that I already explained why this isn't a good question to ask.   We don't want privacy just for people who think in advance, "hm, email in general isn't private, and I know that I am going to need privacy, so I will use this other service in order to gain privacy."   We want the email to already have been private when the need for it to be private arises, without the user who needs this privacy having a mental model that would allow the aforementioned questions to be asked, to say nothing of being answered.

The reality is that if the user wasn't already conscious of their 
privacy and striving to preserve it through continuous vigilance, 
they've already completely outed themselves.

For example, if you're expecting to use a nicknamed gmail account, that 
email conversation with Amazon with your credit card info or Facebook 
with your real name last year, has outed that gmail account forever - 
gmail hides received lines remember?

It's far better to train them in the reality of what they need to do to 
preserve their own privacy, than the impossibility of trying to 
privacy-protect everything (and still have something anybody wants to use).