Re: [Spud] Whats missing in SPUD
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 10 August 2015 23:18 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 5DE201A1A33
for <spud@ietfa.amsl.com>; Mon, 10 Aug 2015 16:18:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5
tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id xGJ6zjpSqF45 for <spud@ietfa.amsl.com>;
Mon, 10 Aug 2015 16:18:27 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108])
by ietfa.amsl.com (Postfix) with ESMTP id BE8071A1A4D
for <spud@ietf.org>; Mon, 10 Aug 2015 16:18:27 -0700 (PDT)
Received: from fifthhorseman.net (unknown [38.109.115.130])
by che.mayfirst.org (Postfix) with ESMTPSA id 9304FF984;
Mon, 10 Aug 2015 19:18:25 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000)
id 5453F2020F; Tue, 11 Aug 2015 01:18:15 +0200 (CEST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Toerless Eckert <eckert@cisco.com>
In-Reply-To: <20150810210618.GB1667@cisco.com>
References: <20150810184444.GB16123@cisco.com>
<87lhdirije.fsf@alice.fifthhorseman.net> <20150810210618.GB1667@cisco.com>
User-Agent: Notmuch/0.20.2 (http://notmuchmail.org) Emacs/24.5.1
(x86_64-pc-linux-gnu)
Date: Mon, 10 Aug 2015 19:18:15 -0400
Message-ID: <87h9o6ravc.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/iK_XOOSnewB7JAqRR81c-2unaQw>
Cc: Christian Huitema <huitema@microsoft.com>, spud@ietf.org
Subject: Re: [Spud] Whats missing in SPUD
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>,
<mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>,
<mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2015 23:18:29 -0000
On Mon 2015-08-10 17:06:18 -0400, Toerless Eckert wrote:
> Well, biostats/signature/photo constitute elements to establish
> ownership of the ID card. And there may be county/city police
> regulations to keep track of full ID scans. And if not police then
> insurance or on advice of the bars lawyer in case of
> lawsuits/challenges. Aka: IMHO much more likely caused by third party
> directives then lets say the customer data collection done by eg:
> web/social-networking sites.
Sure. So should we design a protocol that facilitates the publication
and collection of arbitrary data that might be of interest to any
regulator/lawyer/advertiser/insurer (or criminal/spy/competitor/troll)
able to influence any device along the path?
I share your concern about the customer data collection done by
web/social-networking sites, which today are indistinguishable from "the
network" for many users. But the remedy for this is not to help make
the lower layers of the network (i.e. IETF purview) as bad for user
privacy as the worst of the centralized services are.
> But lets agree that the ID card in its current form is not ideal to
> exemplify "know what attributes you need to show for the desired benefits
> and then only show those attributes".
That's why we're having this discussion -- because we do not want to
produce a network transport protocol with sufficient flexibility and
power to implement the "show your full identity to an arbitrary
intermediary order to be able to socialize" antipattern, even though i'm
sure some arbitrary intermediaries would love such a thing.
> So the right example would have been some form of ID card with keypad,
> i type in what attributes i want to send, it creates a new short lived
> cert and NFC's those attributes to the gatekeeper. Whether its Photo +
> (Age > 17) or anything else.
We're not designing a beer-delivery protocol layer (though that does
sound like more fun), we're designing a network transport layer. It
should be designed for transporting data through the network, not for
facilitation of arbitrary interference by any network operator.
Can you reframe your proposal in the network transport layer context in
a way that seems feasible to implement, is comprehensible to the user,
doesn't encourage the false-tradeoff antipattern, and is actually
effective at improving user experience on the network (as compared to,
say, spending the same amount of engineering effort on a faster link
layer)?
All the best,
--dkg
- [Spud] Whats missing in SPUD (was: Re: Multipath/… Toerless Eckert
- [Spud] Whats missing in SPUD (was: Re: Multipath/… Toerless Eckert
- Re: [Spud] Whats missing in SPUD (was: Re: Multip… Ted Hardie
- Re: [Spud] Whats missing in SPUD (was: Re: Multip… Toerless Eckert
- Re: [Spud] Whats missing in SPUD (was: Re: Multip… Ted Hardie
- Re: [Spud] Whats missing in SPUD (was: Re: Multip… Toerless Eckert
- Re: [Spud] Whats missing in SPUD (was: Re: Multip… Christian Huitema
- Re: [Spud] Whats missing in SPUD (was: Re: Multip… Daniel Kahn Gillmor
- Re: [Spud] Whats missing in SPUD (was: Re: Multip… Toerless Eckert
- Re: [Spud] Whats missing in SPUD Daniel Kahn Gillmor
- Re: [Spud] Whats missing in SPUD Toerless Eckert