Mark Nottingham wrote: >> Then, protocols not have any authoritative specification and >> should never be standardized and there should be no central >> authority to manage different versions of the protocols. > > From a PRISM viewpoint, the cost of parsing different formats, > understanding different wire protocols, etc. is trivial. That is a reasoning to deny the point of you: : I draw the opposite conclusion, actually. With good standards, ; we can encourage a larger number of services to exist, : raising the cost of monitoring them all. So, denying the point, you agree with me. Note that "the number of services" != "the number of service providers". > The real cost is negotiating with / bullying each provider into > giving access. Especially if it's not hosted or doing business > in a country you control. If only the number of cloud providers were large. However, as there is some scale merit, there is a tendency that the number of the providers will be small and all of the providers naturally have considerable amount of hardware at the central part of the Internet, that is, in US, which means the providers are subject to USG control. And, USG is not the only government we should be protected from. >>> I should be able to choose my own data sync server, whether >>> it's one I run, or one run by my paranoid friend, or by a >>> local company, or a US company that's in bed with the NSA. >> >> The only secure way is to run your own. > > That's a very simplistic definition of "secure." See above how simplistic your view is against so complex nature of PRISM etc, against which, only the simplest protection is effective. Masataka Ohta