> I got my arm slightly twisted to produce the attached: a simple > concatenation of some of the actionable suggestions made in the > discussion of PRISM and Bruce Schneier's call for action.
Brian, This is a useful summary, but I would like to see a few additions: 1) Encourage protocol designs that rely on peer-to-peer transmission, rather than intermediate relays, because relays are natural targets for interception services. 2) Encourage distributed services over centralized services. For example, social networking services today are heavily centralized. A distributed architecture would allow distribution of data at multiple location, managed by different commercial companies and covered by different legal authorities. 3) Require security sections of new RFC to include "mass surveillance" in their threat model and consider mitigations. -- Christian Huitema