Re: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an Attack) to Best Current Practice

["Eliot Lear (elear)" <elear@xxxxxxxxx>]

Tim, 

This paragraph seems ridiculous to me.

Then you've not the history to have seen reasonable protocols be held up- or worse mangled- to satisfy unreasonable decisions by ADs based on their interpretation of their authority.   We have been down this road before. And again, I'm not concerned about the current ADs, mind you. We've a good lot. 

 The perpass-attack draft says that pervasive monitoring has the characteristics of an attack, and that the protocols we design SHOULD include appropriate mitigation measures.

Well it doesn't say that (at least in -03) and let's not suppose it did. 

There are very few (any?) absolutes in any of the protocols we build, just a wealth of often-conflicting design criteria, which force us to trade off and make judgment calls.  draft-perpass-attack says that mitigation of pervasive surveillance should be seen as one of the design criteria, and it’s not OK to ignore it.

In fact I've argued all if this myself.  It presumes we understand the threat well enough.  One concern at the moment is that a group will take an action in response that actually ENABLES more pervasive surveillance.  That may be unavoidable as there will be trade offs. 

A reasonable take is that a specification could be held up if there are plausible arguments that this criterion has not been given appropriate consideration, and I see nothing wrong with that.

Sure. But now you've actually rung in another problem with the draft. Most participants in the IETF don't know how to address the threat and those who think they do probably won't agree on either it's nature or the remediation.  

We're simply not there yet.

The IETF should take this threat seriously and do what we can when we know what to do.

Eliot