On 03/06/15 22:03, Tony Hain wrote: > Stephen Farrell wrote: > >> I would assert that the existence of the dprive WG is good evidence >> that the IETF does not consider data-integrity as the only real >> concern for public data. > > And I would assert that it shows a group-think knee-jerk overreaction > to threats that hypothetically could be applied in broader contexts > than history documents. We are both free to express our own > assertions. > Disagreeing is of course fine but does not require that those with whom one disagrees are stuck in a group-think knee-jerk mixed metaphor;-) Looking at the actual text of the statement though [1] I could agree that the 3rd paragraph is maybe more justified on security grounds, so maybe s/privacy/security&privacy/ would be better there. That said, there is a real threat to privacy (cf. tempora) when it is credible to assume that any of our traffic that transits undersea cables is recorded, and traffic to the IETF is a part of that even if it's quite unlikely, by itself, to be privacy sensitive. (Someone else already pointed out that it'd be worth noting that HTTPS isn't perfect in the face of traffic analysis, so adding text on that would also make sense just so's we're clear that we're not claiming that there's a panacea hereabouts, and is worth a mention here too.) S. [1] https://trac.tools.ietf.org/group/iesg/trac/wiki/HttpsEverywhere