Design Considerations for Metadata Insertion
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: The IESG <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org, email@example.com Subject: Document Action: 'Design considerations for Metadata Insertion' to Informational RFC (draft-hardie-privsec-metadata-insertion-08.txt) The IESG has approved the following document: - 'Design considerations for Metadata Insertion' (draft-hardie-privsec-metadata-insertion-08.txt) as Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Stephen Farrell. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-hardie-privsec-metadata-insertion/
Technical Summary The IAB has published RFC7624 in response to several revelations of pervasive attack on Internet communications. This document considers the implications of protocol designs which associate metadata with encrypted flows. In particular, it asserts that designs which do so by explicit actions at the host are preferable to designs in which middleboxes insert them. Working Group Summary This is an AD sponsored informational document.This was discussed at saag meetings and on the saag list where there was support to publish. There was some discussion during IETF LC and one person is known to have concerns remaining. (See )  https://www.ietf.org/mail-archive/web/ietf/current/msg101894.html Document Quality This documents an anti-pattern so hopefully we will not see implementations. The draft is short and I think clear. Personnel Stephen Farrell is the responsible AD and did the limited shepherding needed.