Re: FTP Service Discontinuance Under Consideration; Input Requested

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 06/04/15 09:29, Eliot Lear wrote:
> Hi,
> 
> On 4/4/15 3:38 AM, Stephen Farrell wrote:
>> My suggestion is to forget about how 7258 might or might not
>> relate to the subject line here, and deal more with the subject
>> line itself. Let's save our energy for arguing about privacy
>> when accessing public information for discussing situations
>> where it matters much more and where users know less, both of
>> which are more typical and more important.
>>
> 
> It seems that we're conflating two issues: privacy and protection
> against pervasive surveillance.  

That was not my point. Mine was that we're conflating the
question asked (about FTP) with privacy issues in a really
non-productive manner. Debate about how and whether and why
to encrypt IETF materials would be far better done considering
all materials, and not a corner case like FTP.

Start a separate discussion for that if you think it's timely,
but one cannot base any sensible general conclusions on the FTP
question. Personally I don't think it's likely to be so useful
to have that debate now, since we had most of it during the last
call for 7258 and afaics most points and positions are just being
repeated here again. OTOH, maybe we'd come up with some good
ideas that'd help so it could be worth trying again, but if so,
please let's do that in a general way.

S.

PS: One idea; mirror all IETF public stuff in clear below some
other domain name (notprivate.ietf.org say;-) and migrate all our
other services to encrypted as we go.


> What we have discussed in the past, and
> in fact it was part of what Bruce presented in Vancouver, was that in
> order to mitigate a pervasive surveillance attack, *all *information –
> not just that which we might consider sensitive – should be encrypted. 
> This is especially the case when multiple services run on the same
> infrastructure.
> 
> Going further, the IAB has said that communications should be
> encrypted.[1]  If we as a community wish others to encrypt their
> traffic, we should of course do what we can to encrypt our own.  In the
> alternative, let's have a deeper exploration of encryption and
> confidentiality and the tradeoffs so that more specific advice can be
> given to the broader community that we ourselves can follow.
> 
> Eliot
> [1]
> https://www.iab.org/2014/11/14/iab-statement-on-internet-confidentiality/
>

Attachment: signature.asc
Description: OpenPGP digital signature

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]