On Thu, Dec 5, 2013 at 1:59 PM, Wesley Eddy <wes@xxxxxxxxxxxxxxx> wrote: > "The target of pervasive monitoring attacks on the Internet is > not the Internet protocols themselves, but it is the users of > the protocols and the general utility of the Internet itself as > a medium of communications for specific applications that are > monitored. In the case of surveillance, the general utility of the Internet for specific applications is not the target, it's an indirect target in order to get at the ultimate users. I think your first statement was correct, without the "and". > The protocol mitigations that are useful need to > be applied in ways that benefit the user-oriented applications, > and not necessarily other protocols in the network such as those > that may be used for network management, measurements, services > not linked to specific users and groups, control plane functions, > or some machine-to-machine or sensor communications, for instance. Yes but protocol designs at all layers do need to pay more attention to modern privacy attacks and may need mitigations in support of making privacy possible. (Whether protocol implementations do depends on their context.) Scott