Hi all, Some time ago we had a standardisation committee in Sweden, running a project defining the terminology in Swedish for the information security area. They came up with Janus-attack rather than man in the middle-attack (the latter sounds weird in Swedish). Janus was a two faced God from ancient Roman religion/myth. He was the God of beginnings, gates, transitions, time, duality, doorways, passages, and ending. https://en.wikipedia.org/wiki/Janus It didn't take off unfortunately, I consider it quite clever. That said, I can't really see how the term "Man-in-the-middle" can be offensive. Kind regards, Anne-Marie Eklund Löwinder Chief Information Security Officer IIS (The Internet Infrastructure Foundation) Phone: +46 734 315 310 https://www.iis.se Visitors: Hammarby Kaj 10D Mail: Box 92073, 120 07 Stockholm > -----Ursprungligt meddelande----- > Från: ietf <ietf-bounces@xxxxxxxx> För Dave Cridland > Skickat: den 20 september 2018 13:51 > Till: lists@xxxxxxxxxxxxxxxxxxxxx > Kopia: ietf@xxxxxxxx Discussion <ietf@xxxxxxxx> > Ämne: Re: Diversity and offensive terminology in RFCs > > Back when I was even more clueless than I am today, and actually ran DNS > servers, we used the terms "primary" and "secondary" as a matter of course. > Secondaries copied the data from primaries. > > So far, so good. > > Then we added a third nameserver, and of course that must be the tertiary, > used only when *both* the primary and secondary had failed. > > When I realised my stupidity, I avoided the terms "primary" and "secondary" > in the workplace, and instead used the terms "master" and "slave", which > were less easily confused - or rather, made me less easily confused by them. > The fact that "master/slave" was well understood within engineering helped > enormously. > > But it's possible to remove the word "slave" easily - indeed, when discussing > distributed systems such as clustering, the literature tends to refer to a > "master", but not so much to "slaves". > > "Blacklist" and "whitelist" are well-known terms, but they can be avoided > with small effort to provide synonyms which are more easily understood - > "Blocklist" and "Permitlist" are trivial examples here. But if someone says > "There is a whitelist", then I also know the default is to deny. So we'll need to > be a bit more explicit about the default state, perhaps. In other words, I > worry about changing these terms, but the possibility for confusion is low if > we do. > > "Man-in-the-middle" I'm clearly too stupid to understand why this might be > offensive, but equally I have no idea what term of art would suffice instead. > > I have no objection to thinking twice before using a term that could offend, > but I have huge objections to replacing existing terms with new ones that > could confuse instead. > > But still, I'm a white male living in a country that hasn't had slaves within its > own borders, at least, for over a thousand years, so I freely admit I may not > understand the gravity of the situation. > > So I'd like to hear from actual people who are actually made to feel > uncomfortable about these terms, rather than people saying that other > people have heard of some people who might be offended. > > Dave. > > On Thu, 20 Sep 2018 at 10:26, Niels ten Oever <lists@xxxxxxxxxxxxxxxxxxxxx > <mailto:lists@xxxxxxxxxxxxxxxxxxxxx> > wrote: > > > Hi all, > > On the hrpc-list [0] there has been an intense conversation > which was > spurred by the news that the Python community removed > Master/Slave > terminology from its programming language [1]. > > In the discussion that followed it was remarked that in RFCs > terms like > Master/Slave, blacklist/whitelist, man-in-middle, and other > terminology > that is offensive to some people and groups is quite common. > > This is not a discussion that can be resolved in hrpc, but rather > should > be dealt with in the IETF community (because hrpc doesn't > make policy > for terminology in the IETF), which is why I am posting this > here. > > If people find the discussion worthwhile, we might also be just > in time > to request a BoF on this topic. > > Looking forward to discuss. > > Best, > > Niels > > > [0] https://mailarchive.ietf.org/arch/browse/hrpc/ > [1] > https://motherboard.vice.com/en_us/article/8x7akv/mastersl > ave-terminology-was-removed-from-python-programming-language > > > -- > Niels ten Oever > Researcher and PhD Candidate > Datactive Research Group > University of Amsterdam > > PGP fingerprint 2458 0B70 5C4A FD8A 9488 > 643A 0ED8 3F3A 468A C8B3 > >
