Re: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an Attack) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Looking at this paragraph and the comments on it, maybe
the thing to do is to make the text talk more about
functions and try avoid tricky terminology.

So how'd a change along these lines be:

OLD:

   More limited-scope monitoring to assist with network management that
   is required in order to operate the network or an application is not
   considered pervasive monitoring.  There is though a clear potential
   for such limited monitoring mechanisms to be abused as part of
   pervasive monitoring, so this tension needs careful consideration in
   protocol design.  Making networks unmanageable in order to mitigate
   pervasive monitoring would not be an acceptable outcome.  But
   equally, ignoring pervasive monitoring in designing network
   management mechanisms would go against the consensus documented in
   this BCP.  An appropriate balance will likely emerge over time as
   real instances of this tension are considered.

NEW:

   Monitoring in itself can be a good thing and need not be part of
   a pervasive monitoring attack. For example, network management
   functions often require monitoring packets or flows, anti-spam
   mechanisms may need to see mail message content and some kinds
   of monitoring can be part of mitigating the pervasive monitoring
   attack, e.g. with Certificate Transparency logs. [RFC6962]
   There is though a clear potential
   for such monitoring mechanisms to be abused as part of
   pervasive monitoring, so this tension needs careful consideration in
   protocol design.  Making networks unmanageable in order to mitigate
   pervasive monitoring would not be an acceptable outcome.  But
   equally, ignoring pervasive monitoring
   would go against the consensus documented in
   this BCP.  An appropriate balance will likely emerge over time as
   real instances of this tension are considered.

Feedback appreciated. Probably better if that's more like "good
direction" or "bad direction" rather than immediate wordsmithing,
e.g. tweaking the examples is probably not the most important
for now.

S.




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]