Re: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an Attack) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 16/12/2013 20:39, Stephen Farrell wrote:
Replying to a bunch of things at once:

On 12/16/2013 06:48 PM, Andrew Sullivan wrote:
Adding the sentence, "In addition, to qualify as pervasive monitoring,
the activity should be either unknown to or unwelcome by the target of
the monitor," would make the difference explicit.
I disagree. Even if X% of people agreed or approved or authorized
the attack, it would still be an attack. While one might have an
argument if X approximated 100, that's just not the case.
An example of 100% would be an employer doing anti-malware
filtering, monitoring for spyware or trapping the export of intellectual
property, where consent for traffic monitoring is a condition of
employment.

And user
consent is a huge rathole that's not meaningful for most protocol
design activities, so I also disagree with including variants of
Andrew's suggestion, as well as disagreeing with the statement.
The issue is where a protocol needs to be designed to operate
in two modes - PM=OK and PM=NotOK. Unless antiPM is
conditional the protocol would not be of use in an  environment
requiring PM.

- Stewart






[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]