On 21/09/2013, at 11:33 AM, Masataka Ohta <mohta@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote: > Cost for monitoring should be large? > > Then, protocols not have any authoritative specification and > should never be standardized and there should be no central > authority to manage different versions of the protocols. >From a PRISM viewpoint, the cost of parsing different formats, understanding different wire protocols, etc. is trivial. The real cost is negotiating with / bullying each provider into giving access. Especially if it's not hosted or doing business in a country you control. >> I should be able to choose my own data sync server, whether >> it's one I run, or one run by my paranoid friend, or by a >> local company, or a US company that's in bed with the NSA. > > The only secure way is to run your own. That's a very simplistic definition of "secure." -- Mark Nottingham http://www.mnot.net/