> I got my arm slightly twisted to produce the attached: a simple
> concatenation of some of the actionable suggestions made in the
> discussion of PRISM and Bruce Schneier's call for action.

Brian,

This is a useful summary, but I would like to see a few additions:

1) Encourage protocol designs that rely on peer-to-peer transmission, rather 
than intermediate relays, because relays are natural targets for interception 
services.

2) Encourage distributed services over centralized services. For example, 
social networking services today are heavily centralized. A distributed 
architecture would allow distribution of data at multiple location, managed by 
different commercial companies and covered by different legal authorities.

3) Require security sections of new RFC to include "mass surveillance" in their 
threat model and consider mitigations.

-- Christian Huitema

Reply via email to