[AusNOG] Consensus from the IETF 88 Technical Plenary - Internet hardening

[Karl Auer]

On Fri, 2013-11-08 at 07:56 +0000, Dobbins, Roland wrote:
> That isn't my argument at all.  My argument is that a) encrypting
> things by default when there's no need to do so can be harmful

My argument is that there is never "no need to". Not any more. Not even
inside networks.

But I'm also interested in how encrypting things by default can be
harmful (performance aside).

> b) thinking that the IETF is going to accomplish anything which will
> prevent pervasive governmental surveillance is naive.

Does anyone think that? I don't believe so. They are just saying that
people should have tools that are appropriate to the times, and the
times are sadly times of increasingly omnipresent government
surveillance.

> Economies of scale.

Indeed. If the protocols themselves are hardened, then those economies
become much harder to get. The "low hanging fruit" all disappears (or
rather, much of the lowest-hanging fruit is a great deal further off the
ground).

> I'm unconcerned with what nations other than my own do in regards to their own polities.

And right there is pretty much the definitive statement about what is
wrong with the world. We care only for what happens in or to our own
tribe. I'm rather grateful that the IETF "polity" is the world.

> It's the second half of that statement that worries me.  'Required' in
> terms of capability, I'm all for that.  'Required' in terms of
> always-on is necessary for deployment, I'm against that.

That's fair enough. As long as the default is ON.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017