Archive

Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

"Rolf E. Sonneveld" <R.E.Sonneveld@sonnection.nl> Mon, 30 November 2015 09:35 UTC

To: Christian Huitema <huitema@huitema.net>, 'Jim Fenton' <fenton@bluepopcorn.net>, ietf-smtp@ietf.org, shutup@ietf.org
References: <alpine.OSX.2.11.1511282155180.1479@ary.lan> <565A7234.7010000@alameth.org> <Eoqbyz/axxwfm7I0m8X7QOm53qcBtCJIuS/eiVFyCig=.sha-256@antelope.email> <072F93223CD351A88ECCDB69@JcK-HP5.jck.com> <etPan.565b31fa.335268bd.11ea@dhcp-whq-twvpn-1-vpnpool-10-159-139-85.vpn.oracle.com> <565B81F4.8090401@bluepopcorn.net> <015801d12b0a$dc8731d0$95959570$@huitema.net>
From: "Rolf E. Sonneveld" <R.E.Sonneveld@sonnection.nl>
Message-ID: <565C183B.4030109@sonnection.nl>
Date: Mon, 30 Nov 2015 10:34:51 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <015801d12b0a$dc8731d0$95959570$@huitema.net>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/bxFwHvpVH-_06tIu3wOY6q4Ne9k>
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
Precedence: list

On 30-11-15 02:02, Christian Huitema wrote:
> On Sunday, November 29, 2015 12:54 PM, Jim Fenton wrote:
>> There are users for whom their privacy is critically important, such
>> as press informants in totalitarian societies. There are many other
>> ways to determine their location (network monitoring coupled with
>> a STARTTLS downgrade attack, for one), and it would be harmful
>> (potentially life-threatening) if anyone thought that this would truly
>> protect them. They should be using something like SecureDrop and
>> not using email at all.
> Uh, No. This is the classic "the other side of the boat is leaking too"
> argument, coupled with a dollop of "no security is better than imperfect
> security." Yes, there are many ways for metadata to leak. But that does not
> mean that we should not plugs the leaks that we do know about.
>
> The discussion so far shows that one hand many people believe that we are
> disclosing too much metadata in mail headers, while many more believe that
> the metadata disclosure is actually useful to fight various forms of abuse,
> some of which may well compromise users' privacy.
>
> We also heard that some of the big providers have already unilaterally
> decided to suppress some of the metadata, like the first hop address.

Can anyone share some information about which providers made which decision?

> So we
> have at least one data point showing that not all metadata needs to be
> preserved.

I fail to see the causality with the first sentence here: do you mean: 
the worlds e-mail ecosystem did not collapse, so this proves that not 
all metadata needs to be preserved?

>
> The "submission" hop may be a special case, but as Jim points out, mailing
> lists may well another special case, for which some guidance would be
> useful.
>
> The concern about topology disclosure may or may not justify pruning some of
> the metadata.
>
> In short, it appears that there is enough concern and enough uncertainty to
> justify working at least on an analysis document, and depending on the
> outcome on a best practice document. Let's have this debate, and let's make
> some progress on email privacy.

There has been done some work on this, which might be useful input to 
the discussion: see the report "Investigating the leakage of sensitive 
personal and organisational information in email headers" [1].

/rolf

[1] https://www.cs.ox.ac.uk/publications/publication9347-abstract.html.

[Shutup] Proposed Charter for the "SMTP Headers U… Alexey Melnikov
Re: [Shutup] Proposed Charter for the "SMTP Heade… John R Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Alexey Melnikov
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Stephen Farrell
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Jim Fenton
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Christian Huitema
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ned Freed
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Rolf E. Sonneveld
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Newman
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Steve Atkins
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Richard Clayton
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ned Freed
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ned Freed
Re: [Shutup] chained authorizationm, was Proposed… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] chained authorizationm, was Proposed… Dave Crocker
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Al Iverson
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Steve Atkins
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Randall Gellens
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Martijn Grooten
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ned Freed
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Tony Finch
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Kurt Andersen (b)
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Martijn Grooten
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Christian Huitema
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Stephen Farrell
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Stephen Farrell
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Hector Santos
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Martijn Grooten
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Stephen Farrell
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] real life privacy tradeo… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] real life privacy tradeo… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] real life privacy tradeo… John Levine
Re: [Shutup] [ietf-smtp] real life privacy tradeo… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Derek J. Balling
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Stephen Farrell
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Derek J. Balling
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Simon Josefsson
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Derek J. Balling
Re: [Shutup] [ietf-smtp] Proposed Charter for the… John Levine
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Richard Clayton
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Christian Huitema
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Steve Atkins
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Al Iverson
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Kurt Andersen
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Robert A. Rosenberg
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Al Iverson
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] real life privacy tradeo… Derek J. Balling
Re: [Shutup] [ietf-smtp] Proposed Charter for the… MH Michael Hammer (5304)
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] real life privacy tradeo… Christian Huitema
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Robert A. Rosenberg
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Robert A. Rosenberg
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Dave Crocker
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Chris Lewis
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Ted Lemon
Re: [Shutup] [ietf-smtp] Proposed Charter for the… Hector Santos
[Shutup] Proposed Charter for the "SMTP Headers U… SM
Re: [Shutup] Proposed Charter for the "SMTP Heade… Chris Lewis
Re: [Shutup] Proposed Charter for the "SMTP Heade… Chris Lewis
Re: [Shutup] Proposed Charter for the "SMTP Heade… Ned Freed
Re: [Shutup] Proposed Charter for the "SMTP Heade… SM
Re: [Shutup] Proposed Charter for the "SMTP Heade… Chris Lewis
Re: [Shutup] Proposed Charter for the "SMTP Heade… Christian Huitema
Re: [Shutup] Proposed Charter for the "SMTP Heade… SM
Re: [Shutup] Proposed Charter for the "SMTP Heade… Chris Lewis
Re: [Shutup] Proposed Charter for the "SMTP Heade… Martijn Grooten
Re: [Shutup] Proposed Charter for the "SMTP Heade… Chris Lewis
Re: [Shutup] Proposed Charter for something John Levine
Re: [Shutup] Proposed Charter for the "SMTP Heade… Robert A. Rosenberg
Re: [Shutup] Proposed Charter for something Ted Lemon
Re: [Shutup] Proposed Charter for something Dave Crocker
Re: [Shutup] Proposed Charter for something Martijn Grooten
Re: [Shutup] [ietf-smtp] Proposed Charter for som… John C Klensin
Re: [Shutup] Proposed Charter for something Stephen Farrell
Re: [Shutup] Proposed Charter for the "SMTP Heade… Ned Freed
Re: [Shutup] Proposed Charter for the "SMTP Heade… Stephen Farrell
Re: [Shutup] Proposed Charter for the "SMTP Heade… Christian Huitema
Re: [Shutup] [ietf-smtp] Proposed Charter for som… Chris Lewis
Re: [Shutup] Proposed Charter for something Hector Santos