Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Ted Lemon <mellon@fugue.com> Tue, 01 December 2015 23:59 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98A671B2B02; Tue, 1 Dec 2015 15:59:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.912
X-Spam-Level:
X-Spam-Status: No, score=-1.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AzGVN5eZt5vQ; Tue, 1 Dec 2015 15:59:57 -0800 (PST)
Received: from fugue.com (mail-2.fugue.com [IPv6:2a01:7e01::f03c:91ff:fee4:ad68]) by ietfa.amsl.com (Postfix) with ESMTP id 4BBCF1B2AB6; Tue, 1 Dec 2015 15:59:55 -0800 (PST)
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="----sinikael-?=_1-14490143938550.4831642177887261"
From: Ted Lemon <mellon@fugue.com>
To: shutup@ietf.org
In-Reply-To: <57B818513A0069189BA3CF41@JcK-HP8200.jck.com>
References: <20151130042819.10658.qmail@ary.lan> <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com> <01PTPUIP3IUK01729W@mauve.mrochek.com> <11d014e5-9a6a-4b78-92a1-8e0a1e0a905d@gulbrandsen.priv.no> <lGTaHvC8ygXWFAuu@highwayman.com> <57B818513A0069189BA3CF41@JcK-HP8200.jck.com>
Date: Tue, 01 Dec 2015 23:59:53 +0000
Message-Id: <1449014394167-7d2dec58-2c6a9ae8-33fc8e7a@fugue.com>
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/fawCPu0eWESdEJ85bYnZsg7ATWA>
Cc: ietf-smtp@ietf.org
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2015 23:59:58 -0000

Tuesday, Dec 1, 2015 6:52 PM John C Klensin wrote:
> Suppose that,
> instead, the question was closer to: "if a user had a serious
> desire to protect her location, especially against pervasive
> surveillance by state actors and too-curious message recipients,
> how would she do that with existing systems?"

John, I think that I already explained why this isn't a good question to ask.   We don't want privacy just for people who think in advance, "hm, email in general isn't private, and I know that I am going to need privacy, so I will use this other service in order to gain privacy."   We want the email to already have been private when the need for it to be private arises, without the user who needs this privacy having a mental model that would allow the aforementioned questions to be asked, to say nothing of being answered.

Regarding my personal mail server, one instance is in Dallas and the other in Frankfurt.   Regardless of where I happen to be on any given day, any geolocation done on the headers will reveal that I am in a data center in one of those two cities.   Since I am not in either of those data centers, I am protected from any revelations about my actual location through header fields in my email.   Of course, you can tell that the mail came from me, but that's what I want, so it's okay.


--
Sent from Whiteout Mail - https://whiteout.io

My PGP key: https://keys.whiteout.io/mellon@fugue.com