On 1/6/2014 10:02 PM, Eliot Lear wrote:
Why do we state that confidentiality is important to pursue in our protocols? That is a political decision made by the community. We then layer on top of that decision technical requirements. IMHO it's a very important and good political decision. We struggle with such decisions all the time. That there is a single root is both a technical AND a political decision.
Almost any group decision can legitimately be characterized as "political". The decision will favor some and work to the detriment of others. Hence the decision has a component that can be classed as exercising "power".
But the reference to politics is distinctly unhelpful for the IETF. Whatever the knowledge and experience of our participants individually, as a group we lack meaningful, coherent language or practice with it.
What we do have is experience being guided by design criteria stated in terms of engineering politics, not social politics. We tends towards greater efficiency, robustness, etc. This include permitting use of various security-related mechanisms for authentication, confidentiality, etc. Political language might cast that as saying that the IETF "favors protection of participant data".
But really we are simply taking directives from those who consume our work and we are trying to design solutions that satisfy the directives.
There is a community desire to create better participant protections from pervasive monitoring. To be honest, there is also some community desire to /permit/ pervasive monitoring. We choose to listen to our "customers" -- that is, those who buy and use what we produce -- rather than third-party actors who might favor ensuring that pervasive monitoring be made easy.
That choice can be classed as political, but really, we're just listening to our market...
d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net