+1 also
Monique
-Original Message-
From: ietf-boun...@ietf.org on behalf of Fred Baker (fred)
Sent: Thu 7/8/2010 12:07 PM
To: IETF-Discussion list
Subject: Re: IETF privacy policy - update
+1 for a privacy policy. As to the question of this particular one, I'm going
to profess some le
Richard Shockey wrote:
RS> You cannot authoritatively determine a binding between a phone number
and a consumer (domain) without access to the databases.
The point of ViPR is that the authoritative mapping as you've defined it
just isn't necessary; a forward routability check is all that is
The IESG writes:
> The IESG has received a request from the Kitten (GSS-API Next Generation)
> WG (kitten) to consider the following document:
>
> - 'GSS-API Naming Extensions '
> as a Proposed Standard
>
> The IESG plans to make a decision in the next few weeks, and solicits
> final comment
> Randy, we have had at least one "researcher" sniffing passwords in
> plenary WiFi traffic and posting them, to embarrass people into using
> more secure technology. I believe he was an Ops AD at the time :-)
>> o but i am sure there are wifi spies snooping and playing. and i
>>suspect that
At 10:21 AM -0700 7/9/10, The IESG wrote:
>The IESG has received a request from the Transport Layer Security WG
>(tls) to consider the following document:
>
>- 'Transport Layer Security (TLS) Extensions: Extension Definitions '
>as a Proposed Standard
>
>The purpose of this Second IETF Last Cal
-Original Message-
From: ietf-announce-boun...@ietf.org [mailto:ietf-announce-boun...@ietf.org] On
Behalf Of NomCom Chair
Sent: Friday, July 09, 2010 10:31 AM
To: IETF Announcement list
Subject: Nomcom 2010-2011: Final List of Volunteers
As specified in my earlier announcements, solic
Randy, we have had at least one "researcher" sniffing passwords in plenary WiFi
traffic and posting them, to embarrass people into using more secure
technology. I believe he was an Ops AD at the time :-)
Agreed that personal net hygiene is the solution there.
On Jul 9, 2010, at 5:04 AM, Randy B
On 7/9/2010 7:21 AM, Phillip Hallam-Baker wrote:
> A lot of people have difficulty connecting the human level privacy
> requirement with the technology level.
PH-B,
Look, the IETF is a public entity and yet there are formal disclosure
requirements for privacy controls. That is a dichotomy which c
I understand that you don't like process. Who does?
The good thing is that there is very little process (or even no process) for
you. The additional effort is for those who run the experiment and maybe they
come to the conclusion that there is no risk for others.
Ciao
Hannes
Origina
Very good question, Todd.
Nowadays everyone claims to be open and transparent.
As an example, here is what the Madrid Resolution
http://www.gov.im/lib/docs/odps//madridresolutionnov09.pdf
has to say about the "openness principle":
1. Every responsible person shall have transparent
policies wi
With all due respect the geopriv held experiment at ietf71 could have been done
anywhere, and had no impact on participants who were not involved in them.
I have zero interest in building process that might impede the activity of
people conducting protocol experiments that occur effectively in i
Laura Liess wrote:
Is it so easy to instruct a proxy to
inspect the body and eventually throw away a part of it? And should
one do that?
While a proxy may inspect a body (if its not encrypted),
by definition a proxy may not modify or remove a body.
Thanks,
Paul
_
A lot of people have difficulty connecting the human level privacy
requirement with the technology level.
While the linkable/unlikable identifiers technology is important,
there is more to privacy than merely concealing identities. For
example, consider the firestorm that followed Marty Rimm's inf
Quick comment.
In section 4.2.2, in the first sentence, replace Session-Sender by
Session-Reflector. The first sentence should read as follows: When Symmetrical
Size mode is selected, the Session-Reflector packet formats for unauthenticated
and authenticated/encrypted modes are identical to the
> this privacy policy effort is not a means to put someone in the
> spotlight because a mistake has been made.
what an amazing turn of argument. there are communists in the state
department, i have their names on this sheet of paper which i will not
reveal. -- joe mcarthy
as a researcher, a net
Randy,
this privacy policy effort is not a means to put someone in the spotlight
because a mistake has been made.
I think it is good that we do all sorts of experiments with the IETF network
and use it for research purposes.
Still, if someone wants to do their tests then they should do it i
Cullen,
> This example is excellent - thank you for providing it. I think it is pretty
> representative of other examples I have seen and I am in favor of having
> solutions to use cases such as this - I'm just not seeing why this charter is
> the appropriate way to do it.
>
> Given we are talk
On 7/9/2010 4:32 AM, Hannes Tschofenig wrote:
> Hi Bob,
>
> just a very quick reaction to your mail:
>
> ~snip~
>> I have issues with the Introduction. The first sentence says:
>>
>>In keeping with the goals and objectives of this standards body, the
>>IETF is committed to the highest
On 7/9/2010 5:15 AM, Hannes Tschenig wrote:
WHAT specifically does "Openness and Transparency" mean - not in
nebulous namby pamby terms but specific sets of "use rules and their
oversight" - what exactly does this mean?
>
>> as far as i know
>>
>> o data collection has been done very rarely.
A few more privacy policies for comparison:
ISO -- http://www.iso.org/iso/support/privacy_policy.htm
IEEE -- http://www.ieee.org/security_privacy.html?WT.mc_id=hpf_priv
Note that IEEE uses a "layered" notice to some extent, which is fairly
popular among privacy policy authors these days -- a l
>>> And "yes" we have researchers looking into the traffic, people storing
>>> all sorts of data, etc.
>>
>> we do? about our traffic on the ietf meeting network? stuff other than
>> the _ephemeral_ data the noc ops use to manage the network?
>
> Yes, the IETF meeting network.
cites, please.
Hi Randy,
> [ fwiw, i am not bothered if some folk well-versed in such things
> develop and put forth a policy about how the ietf treats data
> about members, attendees, network, ... ]
>
> > And "yes" we have researchers looking into the traffic, people storing
> > all sorts of data, etc.
>
[ fwiw, i am not bothered if some folk well-versed in such things
develop and put forth a policy about how the ietf treats data
about members, attendees, network, ... ]
> And "yes" we have researchers looking into the traffic, people storing
> all sorts of data, etc.
we do? about our traffic
Hi all,
I mentioned the position paper for the "W3C Workshop on Privacy for Advanced
Web APIs" already in my last mail. Within the IAB we had planned a series of
activities related to privacy and here is another one: Terminology
When you look through various IETF documents you will notice that
Hi all,
thanks to Alissa everyone is now focused on privacy.
I thought it would be a good opportunity to share a short writeup with you; it
has the title "The Role of the Internet Engineering Task Force (IETF) in
Improving Privacy on the Internet". The article can be downloaded from
http://w
On Fri, Jul 9, 2010 at 6:45 PM, Fred Baker wrote:
> To bring matters back to the topic, the discussion was on Alissa's draft, and
> I was
>looking for comparable privacy statements to compare. My question was "is this
>a
>reasonable statement? Are there things it could have said more simply? A
Hi Bob,
just a very quick reaction to your mail:
~snip~
>
> I have issues with the Introduction. The first sentence says:
>
>In keeping with the goals and objectives of this standards body, the
>IETF is committed to the highest degree of respect for the privacy of
>IETF partici
On Jul 8, 2010, at 11:06 PM, Henk Uijterwaal wrote:
> RIPE is an open group of people interested in IP based networks in Europe
> and surrounding areas. There is no formal membership, work is done by
> volunteers, anybody who is interested can join the mailing lists and
> participate, anybody w
Hi,
a quick status update. We now have received over 100 donated home gateways,
plus a DSLAM. The students are on their summer break, after which we'll start
running a significantly expanded set of tests over this much larger population
of devices.
Many of yo have donated boxes and suggested m
On 9 jul 2010, at 08.06, Henk Uijterwaal wrote:
> On 08/07/2010 22:24, Fred Baker wrote:
>>
>> On Jul 8, 2010, at 1:18 PM, Melinda Shore wrote:
>>
>>> On Jul 8, 2010, at 12:08 PM, Fred Baker wrote:
Boy, would they dispute that. ITU has claimed that the IETF is not an
open organization
30 matches
Mail list logo
