IETF Logo Mail Archive

Re: [Slim] Stephen Farrell's Block on charter-ietf-slim-00-06: (with BLOCK)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 04 October 2015 21:22 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: slim@ietfa.amsl.com
Delivered-To: slim@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51E401A86DF; Sun, 4 Oct 2015 14:22:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GrHxxAH-B94q; Sun, 4 Oct 2015 14:22:41 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F17401A86E8; Sun, 4 Oct 2015 14:22:40 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id BD928BEE5; Sun, 4 Oct 2015 22:22:39 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VZid3O55h8_C; Sun, 4 Oct 2015 22:22:38 +0100 (IST)
Received: from [10.87.48.73] (unknown [86.46.22.228]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id D0365BEE3; Sun, 4 Oct 2015 22:22:37 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1443993758; bh=oFOjMncRCOyvme+mpmtEYp60u5JQpMKvjlj0cMxHZU4=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=OPDMZaRwsIipHdav9Z17gIAP3X8pS64xArFDVCvI+PVT7+Y8zBYK/BtvWdagGsAIu w06SMbee4Zi1qNS6tBabw4bIREBhNg7Dc+Sn2wmOeNRRALJV/S+cX0lPeJtNLtqilk 5XAeR1GnQqvmlJS0LciC5TddhW68M3ZOHNqBGAKc=
To: Barry Leiba <barryleiba@computer.org>
References: <CAOW+2dvfY-gPbSOUZu9RZbcLkypWkLO3zR5Tgud9+g1nBTg5eg@mail.gmail.com> <560988C3.6080402@omnitor.se> <5609BBA6.9080101@cs.tcd.ie> <ECA94B5B-E2B1-498C-A6F8-3F037C0120E3@brianrosen.net> <560AAFB2.4060805@cs.tcd.ie> <E82ABBAA-E5A0-458B-85BD-B11116684CA4@brianrosen.net> <CAC4RtVAetrWxchMA5TDRgF=oJ34EphjB=WE1c=HSAAvtF_wPYA@mail.gmail.com> <560AFD5A.5060101@cs.tcd.ie> <CAOW+2dtWQDPKbWc9ncTxGx+fbgwHo0y9karCn-NjS8iAYwhvRw@mail.gmail.com> <560B8CC1.2060405@cs.tcd.ie> <CAOW+2dvMW75ST-X+FsLxJOjJt33jxVaqNzM0gM05VcX9UWOLDg@mail.gmail.com> <560C0716.8050404@alum.mit.edu> <476BCA21-7802-4E39-A22A-835BE66E15E8@brianrosen.net> <560C1019.80509@alum.mit.edu> <560C1436.6080200@omnitor.se> <CAC4RtVD_LZEdavqBE22OFG9VaLu0tnKTfRx-SbwU0YYQRvN6rA@mail.gmail.com> <560E4460.4030407@cs.tcd.ie> <CALaySJKCG1gYBNJ-7Ts5mzm1oO64nQdzAFDvCUugJz6s8yz3JQ@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <5611989D.9040504@cs.tcd.ie>
Date: Sun, 04 Oct 2015 22:22:37 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <CALaySJKCG1gYBNJ-7Ts5mzm1oO64nQdzAFDvCUugJz6s8yz3JQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/slim/Mw4FBefL1urDUWbCylrx9yQ4DQQ>
Cc: slim@ietf.org, IESG <iesg@ietf.org>
Subject: Re: [Slim] Stephen Farrell's Block on charter-ietf-slim-00-06: (with BLOCK)
X-BeenThere: slim@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Selection of Language for Internet Media <slim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/slim>, <mailto:slim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/slim/>
List-Post: <mailto:slim@ietf.org>
List-Help: <mailto:slim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/slim>, <mailto:slim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Oct 2015 21:22:44 -0000


On 04/10/15 22:19, Barry Leiba wrote:
>> I'm asking that the analysis be somewhat broader than only
>> considering language. (On the basis that if we define how to
>> add language then other personal attributes are likely to
>> be similarly handled in the relevant protocols, UAs and servers.)
>> If one did agree with that then I do think it ought be included
>> in the charter.
> ...
>> Right, I get that the gating thing is iccky, and Bernard rightly
>> points out that even when we try do all that well, the end results
>> might not be so great, which is a totally fair point.
> 
> OK... given all that, I, at least, can support asking the working
> group to do that kind of analysis, and including it in the charter.
> I'm just one voice, so I'd like to hear from the people who will
> actually do the work.  In any case, I'm certain that we will need
> people from the Security Area to work on this in the working group, if
> it's going to be of any real value, and I have to ask the Security ADs
> to make sure we have that -- more than one person, I think, and people
> who will take an active role.
> 
>> How about something like this:
>>
>> "It is not unlikely that once there is a method for using language
>> as planned here, some implementations may similarly handle other
>> personal attributes. The wg will analyse the security and privacy
>> issues arising from having UAs emit language or other similar
>> attributes and then handle language attributes accordingly."
> 
> How does this work, appended to the charter (at the end)?:
> 
> "Adding language information to the control streams will have security
> and privacy implications that must be understood and documented, as
> any protocol would have to do.  Beyond that, this may open the door to
> inclusion of other information that could be more security- or
> privacy-sensitive than language preferences, and it could be important
> to have a close look at that early on.  Therefore, this working group
> will include in its work a broader analysis of security and privacy
> implications of including such information in this manner.  That
> analysis may be written as a separate document, or may be included in
> the working group's primary document(s).  The Security Area will
> provide necessary ongoing participation for that analysis, and this
> requirement will not block progress on the working group's main work
> if such participation is not available."
> 
> Maybe wordier than it needs to be, but I'd like to be clear.

Yep, but I could go with that anyway. And I'll try get folks who'll
help. And I accept that there's a chance we won't succeed in getting
a useful or any analysis done.

Cheers,
S.


> 
> Barry
>

v2.23.0 | Report a Bug | By Email