At least one of the questions (and probably two of 'em) for which we hummed was unclear enough that I couldn't interpret it as a policy statement.
In particular: "The IETF should strive for e2e encryption even when there are middleboxes in the path":
- encryption with/without privacy?
- encryption with/without authentication?
- do authorized/explicit middleboxes count?
This is too ambiguous for me to interpret in any meaningful way :/
-=R
On Wed, Nov 6, 2013 at 1:55 PM, Scott Brim <scott.brim@xxxxxxxxx> wrote:
On Wednesday, November 6, 2013, Brian E Carpenter wrote:It seems to me that all three are perfecly clear as aspirational goals,
and that they all include some room for interpretation. It's also true that
some of them may be in immediate conflict with other goals (for example,
a web proxy that is blind to the content might be rather bad at content
filtering). But all that will come out in the detailed analysis of each
issue. Guiding principles really have to skate over many details.Yes but as presented these could be taken as clear policy statements, not just guiding principles. I thought embarking on clarifying them asap would be a good idea.