Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

"Derek J. Balling" <dredd@megacity.org> Wed, 02 December 2015 16:32 UTC

Return-Path: <dredd@megacity.org>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE8531B2BA7 for <shutup@ietfa.amsl.com>; Wed, 2 Dec 2015 08:32:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.3
X-Spam-Level:
X-Spam-Status: No, score=-1.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, J_CHICKENPOX_21=0.6] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id byhO-FbxVb0D for <shutup@ietfa.amsl.com>; Wed, 2 Dec 2015 08:32:38 -0800 (PST)
Received: from mail-qg0-x232.google.com (mail-qg0-x232.google.com [IPv6:2607:f8b0:400d:c04::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFE981B2BB0 for <shutup@ietf.org>; Wed, 2 Dec 2015 08:32:35 -0800 (PST)
Received: by qgeb1 with SMTP id b1so37555919qge.1 for <shutup@ietf.org>; Wed, 02 Dec 2015 08:32:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=megacity-org.20150623.gappssmtp.com; s=20150623; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-type; bh=ykJi0bQo6KluD1mx/Zle8BpTPGh5Fu7kltgqxTYRlzs=; b=bIPk9EE2v2u4SUewY/g7sfEs79RnUshzFi4Kxs10B6+6UK+RDMA5kyUsh3fX0ZHMke +XjFY6GAm8xaPXnTIPqaBJrEvWw5h2iDnfLOElxFcWcExMZ/E8Ak8AY02WWGAUUA0kF8 OYNqsR4rs+5YXpaj+Xu8Va2FnKDBvl1uaw5TgUwN10dHc8SQCadpoH6pP1HflN5qVY7I +rmnUdIm2I5SSwAz+go3N5lN77lMvTvnKDg6VhkZ432OQugYydYH9MRZU2PB/pDgQ957 YBA9wT3SLFVcXSZ2s8wqREwyUoHmT6RVzS0qBrF7ErZKhWv+T6Im6+lUDD3/voMZeZKR T8ug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-type; bh=ykJi0bQo6KluD1mx/Zle8BpTPGh5Fu7kltgqxTYRlzs=; b=L9NDE5txuYRIpYh4HpzzjsvhgoFQ1SvpxtES0B/HTdpsDrYcQ/M4omkbDG6GwO1/tG Nzb8pyNE3WZYKjkzXEsFTfymieYsYKsLqFAo0TZjyact9ZNbWioUk8G8artW1gZT72W5 tZmzZJmGzR6NsEqWmOpNxSgAsVKB0c+U9Jl7JK/uE4Rm7Fyo78pEj8R/9QDY4094xS07 olVawA0Z2cg2/Aw1vVUXo3zOZHk0/ekVut8PC3l5EWFzaSShvLkL2P+rJZpNYrl24bBT GkXsrbwUvPAVCVc2hPOYNkwTysbc5UKx5RrOCCeb0QR1uxgTRxL5vWWksY7ZnMEr0/3s h9JQ==
X-Gm-Message-State: ALoCoQnp4l5nlcM7nT06gwETorbFY/JqB213nZEbJ/StUlgvYdq3GsUm2+ehqgZsZnkXFfFiKyJ5
X-Received: by 10.140.17.102 with SMTP id 93mr5231019qgc.32.1449073954927; Wed, 02 Dec 2015 08:32:34 -0800 (PST)
Received: from Akebono.local (cpe-67-243-53-192.hvc.res.rr.com. [67.243.53.192]) by smtp.googlemail.com with ESMTPSA id a5sm1501809qga.19.2015.12.02.08.32.32 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 02 Dec 2015 08:32:33 -0800 (PST)
To: ietf-smtp@ietf.org
References: <20151130042819.10658.qmail@ary.lan> <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com> <01PTPUIP3IUK01729W@mauve.mrochek.com> <11d014e5-9a6a-4b78-92a1-8e0a1e0a905d@gulbrandsen.priv.no> <lGTaHvC8ygXWFAuu@highwayman.com> <565EBD82.2030600@pscs.co.uk> <1449065151122-b9505bf5-be5f0e83-f9cdd79b@fugue.com> <565EFD93.2060507@pscs.co.uk> <1449070095816-c64690a8-829c0c47-fd944ab9@fugue.com> <565F162F.7010109@dcrocker.net>
From: "Derek J. Balling" <dredd@megacity.org>
X-Enigmail-Draft-Status: N1110
Message-ID: <565F1D1F.6080307@megacity.org>
Date: Wed, 2 Dec 2015 11:32:31 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <565F162F.7010109@dcrocker.net>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="hVi681si3ka088PiaEnRRwnmXXQ0mDtiP"
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/Uzk3quGXeo_j9amtTklQ1CfRqPA>
Cc: shutup@ietf.org
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2015 16:32:40 -0000

I've been uncharacteristically (for me) quiet up 'til now, so let me --
perhaps naively -- say what, to me, seems like a simple thing.

1.) It's axiomatic that Received headers disclosure some level of
private data
2.) It's a matter of debate how valuable that data is to those who would
abuse it
3.) It's a matter of debate as to what impact redaction/removal of that
data from message headers would cause

Why isn't this as simple as chartering the WG to go off and:

1.) Document the answers to questions 2 and 3 above, with data
2.) If they so choose after doing #1, propose remedies or changes to the
existing methodologies consistent with the data they found above

At that point, everyone can observe the data, attempt to replicate it
(almost like a peer-review process, one would think) and then the
discussion can be about whether or not any proposal that came out of the
WG meets the larger goals of the net at-large.

It seems that it shouldn't be this hard to charter them to go off and
"crunch data" and "come up with a proposed solution consistent with that
data".

Nobody's "committed" to anything by letting folks go off and work on
this. so why is there such vociferous debate over letting them go do
that? What am I missing? (it's possible I have missed something, because
this debate is the most traffic we've seen in years on this list).

D


-- 
I prefer to use encrypted mail. My public key fingerprint is
FD6A 6990 F035 DE9E 3713 B4F1 661B 3AD6 D82A BBD0.

You can download it at http://www.megacity.org/gpg_dballing.txt

Learn how to encrypt your email with the E-Mail Self Defense
Guide: https://emailselfdefense.fsf.org/en/