Re: [Trans] Call for adoption: draft-strad-trans-redaction-00

Tarah Wheeler <Tarah_Wheeler@symantec.com> Thu, 17 November 2016 00:45 UTC

Return-Path: <Tarah_Wheeler@symantec.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3A0F12951B for <trans@ietfa.amsl.com>; Wed, 16 Nov 2016 16:45:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.417
X-Spam-Level:
X-Spam-Status: No, score=-3.417 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symc.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DFQHkPiGCtnk for <trans@ietfa.amsl.com>; Wed, 16 Nov 2016 16:45:19 -0800 (PST)
Received: from tussmtoutape02.symantec.com (tussmtoutape02.symantec.com [155.64.38.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDCD71294FD for <trans@ietf.org>; Wed, 16 Nov 2016 16:45:18 -0800 (PST)
Received: from tussmtmtaapi02.symc.symantec.com (tus3-f5-symc-ext-prd-snat5.net.symantec.com [10.44.130.5]) by tussmtoutape02.symantec.com (Symantec Messaging Gateway) with SMTP id F4.82.43065.E9DFC285; Thu, 17 Nov 2016 00:45:18 +0000 (GMT)
X-AuditID: 0a2c7e32-2e5639a00000a839-9a-582cfd9eccc5
Received: from TUSXCHMBXWPI01.SYMC.SYMANTEC.COM (tus3-f5-symc-ext-prd-snat4.net.symantec.com [10.44.130.4]) by tussmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id 2B.9F.21197.C9DFC285; Thu, 17 Nov 2016 00:45:18 +0000 (GMT)
Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) by TUSXCHMBXWPI01.SYMC.SYMANTEC.COM (10.44.91.33) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Wed, 16 Nov 2016 16:45:15 -0800
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (10.44.128.2) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Frontend Transport; Wed, 16 Nov 2016 16:45:15 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symc.onmicrosoft.com; s=selector1-symantec-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=9DUK/XFlvfmLBzxfN8yRKZ/jIpfMDHtSqnq/h7ezXww=; b=Jp0njWItlUz23K50GN1vY+EVi8v190Nx45KpwlP4vTbcRlu2I98VOj++2xgRiSPpQjKsiy/848wNxcTbk5gKSMBO0AlVQNwY802AWhO7nGOkvPkrkblxjbqTAkfcqmLRWxJFWn7Qk3hK6ooPHP6CUC/AHaXRYZ7/CE8Z2UZ7cn8=
Received: from BN3PR16MB0899.namprd16.prod.outlook.com (10.165.81.153) by BN3PR16MB0898.namprd16.prod.outlook.com (10.165.81.152) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.721.10; Thu, 17 Nov 2016 00:45:12 +0000
Received: from BN3PR16MB0899.namprd16.prod.outlook.com ([10.165.81.153]) by BN3PR16MB0899.namprd16.prod.outlook.com ([10.165.81.153]) with mapi id 15.01.0721.015; Thu, 17 Nov 2016 00:45:11 +0000
From: Tarah Wheeler <Tarah_Wheeler@symantec.com>
To: Eran Messeri <eranm@google.com>
Thread-Topic: [Trans] Call for adoption: draft-strad-trans-redaction-00
Thread-Index: AQHSFAtO9b8G7W896UCn2f4/+t5ECqCEQECAgALsJICAMrdUgIAEOEMXgB0a+QCAAPKKgA==
Date: Thu, 17 Nov 2016 00:45:11 +0000
Message-ID: <D452271D.1DE4%tarah_wheeler@symantec.com>
References: <b7a2d798-0201-4341-0b3b-c5efff34b126@gmail.com> <5b357047-d412-70de-4aa6-9499fa8837b5@comodo.com> <CABrd9SRpg2kMdQahfVUVpvy5e6tnLMKcv-Ka56vB4_QqgLoCWA@mail.gmail.com> <ccb1675a-6215-305c-9ca5-ff12edbc2b60@gmail.com> <D40801F0.1533%tarah_wheeler@symantec.com> <c8a14597-e2f9-7270-33f3-861dc8d1ada5@gmail.com> <D40AEC5D.1746%tarah_wheeler@symantec.com> <5290c544-97b1-7530-eb0c-e9b62d8ebc71@comodo.com> <2775E6CC-A288-4681-A14F-19A775EDFF15@symantec.com> <CALzYgEfCtpa9EysxMLZ6O5L72osUUE9ifnyDowuRvHEXN-eCNQ@mail.gmail.com>
In-Reply-To: <CALzYgEfCtpa9EysxMLZ6O5L72osUUE9ifnyDowuRvHEXN-eCNQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.4.160422
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Tarah_Wheeler@symantec.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [155.64.38.28]
x-microsoft-exchange-diagnostics: 1; BN3PR16MB0898; 7:humOQD8C4jfgg/HGXx+dqildSENqoVhbrTvbqYlK+wmwZGz2xdW5r+8fltKVPyZfv0kuxH3HxGlulSoGkoxBVGHwt7y6bCu5xpzPaDEoVqq+4LnTo+7yYR0pksgfTeBvXyWsTdA1Ni8QXfAHO7euArTcVc5f9o6jk0/rvTXy328W//qjI0omFeUm84Zqd5nxOSkzQDVgBJZSFfM+Mduz2B53874Tg6hG5DCaRqHn3A7VLC9Z/I33KMGwj3JOhDu3xmCZ9or58uSHfhZZX+UiTmIwFK07oLKsP+NS2lvyVu095KAj3xUt8ZEoDhBeEsxoQLy8QHkf//EcSCvQ+9DYtj8nT38jxlVUB8HBTPjwMbs=
x-ms-office365-filtering-correlation-id: 5ba74004-54c5-46c7-cb41-08d40e82fd01
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:BN3PR16MB0898;
x-microsoft-antispam-prvs: <BN3PR16MB089877B5D2869CE9A82DAA35FAB10@BN3PR16MB0898.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705)(211936372134217);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6060326)(6040281)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6061324)(6041223)(6043046); SRVR:BN3PR16MB0898; BCL:0; PCL:0; RULEID:; SRVR:BN3PR16MB0898;
x-forefront-prvs: 01294F875B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916002)(189002)(149574003)(377454003)(199003)(83506001)(87936001)(7846002)(5660300001)(105586002)(102836003)(81166006)(6116002)(66066001)(229853002)(36756003)(6916009)(122556002)(3846002)(2950100002)(81156014)(93886004)(230783001)(3660700001)(92566002)(8936002)(6506003)(86362001)(606004)(6512003)(7736002)(77096005)(3280700002)(4326007)(189998001)(2900100001)(4001350100001)(8676002)(97736004)(10290500002)(68736007)(2906002)(80792005)(50986999)(99286002)(106356001)(76176999)(54356999)(110136003)(101416001)(106116001); DIR:OUT; SFP:1101; SCL:1; SRVR:BN3PR16MB0898; H:BN3PR16MB0899.namprd16.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: symantec.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_D452271D1DE4tarahwheelersymanteccom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Nov 2016 00:45:11.7221 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR16MB0898
X-OriginatorOrg: symantec.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02SbUhTYRTHe3bvndfV4mlqHhTKVlLUnCaVfoiSiDIwyA+VTCOX3lKcL2xT VEhMCUswtZaWmmmuGaU1Nd8ykFb5mokapWGGTMsp03TC1Jq27U7wy8PvnP//POc5D4cmBD2U Bx2boGTkCVKZkMsjeaIsyqfcIgrz+9WJA03mZm7gkxtVVGCtfoAMIoIH1aUouKI+OVitXuac IyS8o9GMLDaFkfsei+TFDHWVUUnGoNSJyZdkJtIE5CJnGvAh+JLfgXIRjxbgBQTqrFdO64Kl t8mJFcwIBnO/OlwfEOj/tnLYYArBirGOawtIfJuAxTuPHLYiDuhN1Vw26EBwrybbqtA0F/vB /LDE1sQV74YfOa2EjQkcCuZmg51d8Clo+J1DsZ7ToFoxErZSV3wBpt/vtKVJ7A2FdUXIxnx8 BFSVZRTb6hkJ1Vq1XXC23tnxdIC0McLbwdxTw2F7ucP3icccdlAM6rf9BMtuYNCv2vu6YTEs jpUjtvYSdLfVI9Yjgr5vEw72Am3nXftXAK4goK9hissKZ0G/9BOt83JpLcVyHPzTvHNwCIzP TXMKkG/JhjexHA6Nt7pQiX24bdD9cIJk82IYvq/isnwANJUzBMs+8GBV5/AEw5vPL9BGTwWi nyMvZbJCEa9MTFZKkxg/f7EiLT7Kdkit+xUljkqMr0f2Dcvwb0EL2hAdwjQSbuG7GERhAkqa YnXqENCE0JV/Zcma4kdL09IZeeJlebKMUeiQJ00K3fnZi5vCBPiaVMnEMUwSI19XObSzRyba 08oXhY+GysfKLCPGP047VIVDnvkBN/e57SWLRWeMvqGNqaT6xPFO6lPX1KhmJAZrJ+d3BbSb zBFXr5/c2pYXAR9n1sIF6aZCf0mmSvd6ZvPw0lpb/1xdpCTPkFG9kjBLtx++2JQfVDDbe6us Za4ioc1CVelkw+cjR8a9izlCUhEjPbifkCuk/wHwbr3MXQMAAA==
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrFKsWRmVeSWpSXmKPExsXCpdPEojvvr06EQd98FovP37ezWSxqXMxq sfbxRRYHZo9LS2YzeizYVOqxZMlPpgDmKC6blNSczLLUIn27BK6MyyfmsBa8dah48nQdSwPj MvMuRk4OCQETib+nt7F3MXJxCAl8Z5S41HWNEcI5wijx+PdOJgjnBaPEr7cb2UAcFoFOZokv fXOhyqYxSTz+vJwNwjnGKDF5TTNQhoODTcBA4uONKJAlIgLKEnfbdzKD2MwCgRLft78Es4UF 3CQ2P29nhahxl5jy6y0zSKuIQJjEq8PyIGEWAVWJiRunMYLYvAJmElMWzmGFWLWCRWL5hiVg CU6gmceWXmQBsRkFxCS+n1rDBLFLXOLWk/lMEI8KSCzZc54ZwhaVePn4H9heUQE9iS/35jFC 9MZKnNy9iRGiRkfi7PUnULaCxIbjk8BBISGwgFni7OYXbBAJX4nHP+4zwtg/Z69lhbCzJf4s Owhl+0g8fP8KqvkOo8STtfuhLpKR2PnyKuMERp1ZSI6FsKMltnacYJwF9rWgxMmZT1gg4noS N6ZOYYOwtSWWLXzNDGHrSsz4dwiqxkNi17nVjMhqFjByrGJUKCktLs4tyS1JTCzINDDSK67M TQYRicD0layXnJ+7iRGcwpwldzAe+uNziFGAg1GJh7egRCdCiDWxDKjyEKMEB7OSCG/SD6AQ b0piZVVqUX58UWlOavEhRmkOFiVx3g8b/ocLCaQnlqRmp6YWpBbBZJk4OKUaGHX57VVqHklW vM/cnnvK5utid2dB53+e0cFhVbMbmMQs19qWXo9yWsz5OviglP+FjV/3PA2fMVFsn/JqobYf Ov9LZXjE/s9hfbu9sqv2THt2afeF18+Lgt47Zu+yNy+5ttVqc46XYnVJSsA245eijk6fUppz yi0avh2x+ub8+7Gcu8jElWYySizFGYmGWsxFxYkAs2zf0F0DAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/CgSlKlfaGJji6f3-RhBBQEn23jc>
Cc: Rob Stradling <rob.stradling@comodo.com>, "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Call for adoption: draft-strad-trans-redaction-00
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Nov 2016 00:45:21 -0000

I'm glad to hear it, and looking forward to it.

I'd like to ask about the two things that seem really necessary to me; sometimes a technical RFC lacks within it the rationale for why we do things. I've been creating essentially a white paper at the same time as writing comments and some prescriptive thoughts on privacy.

There's a fundamental disagreement here over why we would want privacy and transparency on a variable slider, and ultimately, it comes down to the motivations of the entities involved. Some of us want to sell a product that provides privacy, and some of us want to sell a product that is only possible with transparency. Let's not pretend that we're not all faced with differing incentives.

I've been on this list for a while, and very quiet because in general, it seems like a fool's game to try to argue people out of acting in their best interests. It wasn't until now that I had a solid idea of what would be useful to this process.

There are some very smart people in information security. There are those with strong inclinations towards advocating privacy at multiple levels of organizational size from a individual to a YUUUUUUGE company (sorry, couldn't resist, and we all need to laugh a bit now and then). There are those who see full transparency as a virtue and I can certainly understand why, both on an ideological and a financial level.

I've watched this situation be cautiously talked around for months now, and I'd be interested to hear people's thoughts on asking some unassailably corporate-neutral experts on both sides of this debate to provide guidance. Whose opinion are you interested in hearing on whether or not permitting certificate privacy and accepting it as a browser standard is a good idea? I'm putting myself and Symantec out there in a vulnerable way; I and we might not always hear what we want to hear, but every one of us wants to make the internet better in the way we believe will work best.

Respectfully,

Tarah Wheeler
Principal Security Advocate
Senior Director of Engineering, Website Security
Symantec
tarah@symantec.com<mailto:tarah@symantec.com>

From: Eran Messeri <eranm@google.com<mailto:eranm@google.com>>
Date: Tuesday, November 15, 2016 at 6:17 PM
To: Tarah Wheeler <tarah_wheeler@symantec.com<mailto:tarah_wheeler@symantec.com>>
Cc: Rob Stradling <rob.stradling@comodo.com<mailto:rob.stradling@comodo.com>>, "trans@ietf.org<mailto:trans@ietf.org>" <trans@ietf.org<mailto:trans@ietf.org>>
Subject: Re: [Trans] Call for adoption: draft-strad-trans-redaction-00

AIUI