The assumption that simply posting a notice constitutes sufficient
permission to disclose data is one more example of the challenges
we face in producing reasonable policies and following them.
i think you had better have a cite for where a message was posted and
ietf network data were
On 7/14/2010 11:02 PM, Randy Bush wrote:
The assumption that simply posting a notice constitutes sufficient
permission to disclose data is one more example of the challenges
we face in producing reasonable policies and following them.
i think you had better have a cite for where a message
Since your goal in an exchange like this is to keep things unproductive, to
distract from the original goal
you have no concept of what my goal is and have no prerogative to say
so. it is mostly to try and cut through the bs, hyperbole, innuendo
about network experiments which have never
On 7/15/2010 12:51 AM, Randy Bush wrote:
what my goal is ... mostly to try and cut through the bs, hyperbole, innuendo
...
you go back in my procmailrc. bummer that i will miss your
well known wide-ranging contributions to the internet.
If that's what it take to get you to refrain
Hi Bob,
Thanks for your comments. Responses inline.
On Jul 8, 2010, at 11:05 PM, Bob Hinden wrote:
Alissa,
No hats on, these are my personal views.
I have now read the draft. My overall comment is that I am not
convinced if this is needed and am sympathetic to the views
expressed on
--On Wednesday, July 14, 2010 15:55 -0700 Dave CROCKER
dcroc...@bbiw.net wrote:
...
If no one had suggested either that someone might be capturing
private data or tracking the contents of IETF network traffic
for either evil purposes or unauthorized/ undocumented
research on human subjects,
--On Thursday, July 15, 2010 16:37 +0100 Alissa Cooper
acoo...@cdt.org wrote:
...
I tend to think that privacy risk isn't so much about the
percentage of sensitive data collected as about the
sensitivity of any data collected. The IETF interacts with
credit card numbers, passport numbers,
On 7/15/2010 9:42 AM, John C Klensin wrote:
In principle, I'm in favor of having a published privacy policy.
...
extended repetition of based goals elided
...
...
IMO, those are the types of issues we should be discussing and
that several people on the list have been discussing.
Has the IETF been authorizing people to conduct human subjects
research without the informed consent of the subjects?
yes, we drag them into black helicopter and mess with their genitals.
you can be the first in maastricht.
Thanks for demonstrating the type of knowledge and professionalism
On 7/14/2010 2:10 AM, Randy Bush wrote:
as to the network, how many people and times need to tell you that the
ops team is unaware of anyone doing anything untoward with people's
packets or other data?
How is that relevant?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
On 7/14/2010 2:53 PM, John C Klensin wrote:
--On Wednesday, 14 July, 2010 05:39 -0700 Dave CROCKER
d...@dcrocker.net wrote:
On 7/14/2010 2:10 AM, Randy Bush wrote:
as to the network, how many people and times need to tell you
that the ops team is unaware of anyone doing anything
untoward
On 7/11/10 11:24 AM, Dave CROCKER wrote:
Has the IETF been authorizing people to conduct human subjects
research without the informed consent of the subjects?
I'm going to insert the root trust anchor into our recursive nameservers
for this meeting. For obvious reasons this will be the first
That started when Jeff Schiller was security AD. Though I can't
remember who actually did the code.
Though at the time the issue was no so much the carelessness of the
users as the fact that the IETF password protocols were broken.
On Fri, Jul 9, 2010 at 4:39 PM, Randy Bush ra...@psg.com
On 7/12/2010 7:53 AM, Joel Jaeggli wrote:
On 7/11/10 11:24 AM, Dave CROCKER wrote:
Has the IETF been authorizing people to conduct human subjects research
without the informed consent of the subjects?
I'm going to insert the root trust anchor into our recursive nameservers for
this meeting.
Has the IETF been authorizing people to conduct human subjects
research without the informed consent of the subjects?
yes, we drag them into black helicopter and mess with their genitals.
you can be the first in maastricht.
sheesh!
___
Ietf mailing
On 7/12/2010 9:18 AM, Randy Bush wrote:
Has the IETF been authorizing people to conduct human subjects
research without the informed consent of the subjects?
yes, we drag them into black helicopter and mess with their genitals.
you can be the first in maastricht.
sheesh!
Thanks for
I would suggest you discuss it the with IAOC. That said, assuming it doesn't
create problems, I can't imagine them having an issue with it.
On Jul 12, 2010, at 7:53 AM, Joel Jaeggli wrote:
On 7/11/10 11:24 AM, Dave CROCKER wrote:
Has the IETF been authorizing people to conduct human subjects
Dave CROCKER wrote:
On 7/9/2010 4:32 AM, Hannes Tschofenig wrote:
The Fair Information Practices are a set of principles most of us are quite
likely to believe in, such as (copied from the Alissa's draft):
Likely, yes. But do any of us know how to translate those principles into
On 7/12/2010 1:37 PM, Martin Rex wrote:
Dave CROCKER wrote:
On 7/9/2010 4:32 AM, Hannes Tschofenig wrote:
The Fair Information Practices are a set of principles most of us are quite
likely to believe in, such as (copied from the Alissa's draft):
Likely, yes. But do any of us know how to
todd glassey wrote:
Martin Rex wrote:
As I previously mentioned, acceptable means different things to
different people.
Some people seem to hope that creation of a privacy policy is going
to improve things. Personally, I don't think so.
You mean that you think change that will
On 7/12/10 2:34 PM, Martin Rex wrote:
todd glassey wrote:
Martin Rex wrote:
Some people seem to hope that creation of a privacy policy is going
to improve things. Personally, I don't think so.
You mean that you think change that will protect the disclosure of
identities and proper notice as
On 7/12/2010 2:52 PM, Joel Jaeggli wrote:
On 7/12/10 2:34 PM, Martin Rex wrote:
todd glassey wrote:
Martin Rex wrote:
Some people seem to hope that creation of a privacy policy is going
to improve things. Personally, I don't think so.
You mean that you think change that will protect the
That started when Jeff Schiller was security AD. Though I can't
remember who actually did the code.
Though at the time the issue was no so much the carelessness of the
users as the fact that the IETF password protocols were broken.
i am not confident of either of those statements
randy
Hannes,
On 7/9/2010 4:32 AM, Hannes Tschofenig wrote:
The Fair Information Practices are a set of principles most of us are quite
likely to believe in, such as (copied from the Alissa's draft):
Likely, yes. But do any of us know how to translate those principles into
particular behaviors?
The sniffed passwords were sometimes displayed in real time on a
monitor facing the audience from the front of the room. This activity
was never called research that I can recall. I think the majority
reaction was that this was a fine thing to motivate improvements in
security practice. Only one
Hi Bob,
just a very quick reaction to your mail:
~snip~
I have issues with the Introduction. The first sentence says:
In keeping with the goals and objectives of this standards body, the
IETF is committed to the highest degree of respect for the privacy of
IETF participants
[ fwiw, i am not bothered if some folk well-versed in such things
develop and put forth a policy about how the ietf treats data
about members, attendees, network, ... ]
And yes we have researchers looking into the traffic, people storing
all sorts of data, etc.
we do? about our traffic on
Hi Randy,
[ fwiw, i am not bothered if some folk well-versed in such things
develop and put forth a policy about how the ietf treats data
about members, attendees, network, ... ]
And yes we have researchers looking into the traffic, people storing
all sorts of data, etc.
we do?
And yes we have researchers looking into the traffic, people storing
all sorts of data, etc.
we do? about our traffic on the ietf meeting network? stuff other than
the _ephemeral_ data the noc ops use to manage the network?
Yes, the IETF meeting network.
cites, please.
o there is
On 7/9/2010 5:15 AM, Hannes Tschenig wrote:
WHAT specifically does Openness and Transparency mean - not in
nebulous namby pamby terms but specific sets of use rules and their
oversight - what exactly does this mean?
as far as i know
o data collection has been done very rarely. and when
On 7/9/2010 4:32 AM, Hannes Tschofenig wrote:
Hi Bob,
just a very quick reaction to your mail:
~snip~
I have issues with the Introduction. The first sentence says:
In keeping with the goals and objectives of this standards body, the
IETF is committed to the highest degree of
: Comments on draft-cooper-privacy-policy-01.txt
And yes we have researchers looking into the traffic, people storing
all sorts of data, etc.
we do? about our traffic on the ietf meeting network? stuff other
than
the _ephemeral_ data the noc ops use to manage the network?
Yes
this privacy policy effort is not a means to put someone in the
spotlight because a mistake has been made.
what an amazing turn of argument. there are communists in the state
department, i have their names on this sheet of paper which i will not
reveal. -- joe mcarthy
as a researcher, a net
Original-Nachricht
Datum: Fri, 09 Jul 2010 07:36:36 -0700
Von: todd glassey tglas...@earthlink.net
An: ietf@ietf.org
Betreff: Re: Comments on draft-cooper-privacy-policy-01.txt
On 7/9/2010 5:15 AM, Hannes Tschenig wrote:
WHAT specifically does Openness and Transparency mean
Original-Nachricht
Datum: Fri, 9 Jul 2010 08:16:36 -0700
Von: Joel Jaeggli joe...@bogus.com
An: Hannes Tschofenig hannes.tschofe...@gmx.net
CC: ietf@ietf.org ietf@ietf.org
Betreff: Re: Comments on draft-cooper-privacy-policy-01.txt
With all due respect the geopriv held experiment at ietf71
Randy, we have had at least one researcher sniffing passwords in plenary WiFi
traffic and posting them, to embarrass people into using more secure
technology. I believe he was an Ops AD at the time :-)
Agreed that personal net hygiene is the solution there.
On Jul 9, 2010, at 5:04 AM, Randy
Randy, we have had at least one researcher sniffing passwords in
plenary WiFi traffic and posting them, to embarrass people into using
more secure technology. I believe he was an Ops AD at the time :-)
o but i am sure there are wifi spies snooping and playing. and i
suspect that they
Alissa,
No hats on, these are my personal views.
I have now read the draft. My overall comment is that I am not convinced if
this is needed and am sympathetic to the views expressed on the mailing list
that this is solving a problem the IETF doesn't have.
Comments below.
Bob
General
38 matches
Mail list logo