The factions · Suspicion aside, and bearing in mind that in the IETF people are supposed to speak for themselves not on behalf of organizations, and also that opinions are highly fragmented, there are some roughly-identifiable opinion clusters, not organized or anything; but describing them may help people understand what’s going on. ¶
The Privacy Partisans are aggressive about doing whatever’s possible by way of counter-attack, and doing it now. This notably includes engineers from Firefox and Chrome, who say that for HTTP/2.0, they’re just gonna run authenticated and encrypted all the time, whatever anyone says.
The Cynics are unconvinced about the usefulness of the counterattack measures on the table. They think that the technology isn’t good enough, or the secret-key infrastructure is corrupt, or that Google and Facebook and so on should be seen as attackers, or developers are just too lazy and incompetent to get the deployment right.
The Enterpriseys are people who think that surveillance is necessary because there are situations where law or policy require it. Examples include prisons, businesses that want to control their employees’ Net access, and devops folks who want to monitor for malware or do load-balancing.
The Unconvinced just don’t see the need for aggressive privacy protection; they think it’s foolish to apply it to public static brochure-ware, or that it’s unethical to impose encryption on people without asking them, or that it’s insane to try to encrypt the Internet of Things: Printers and toasters and so on.
- Tim Bray, “Counter-Surveillance”
Tim does a good job in breaking down the ‘factions’ associated with the IETF and how/whether the organization will be technically addressing the NSA spying revelations. It’s hard to understate how important the IETF’s current involvement is in light of their decision – between 1999-2001 – to largely turn a blind eye to interception equipment and the spying of citizens’ communications.