Technical Summary
Pervasive Monitoring (PM) attacks on the privacy of Internet users is
of serious concern to both the user and the operator communities.
RFC7258 discussed the critical need to protect users' privacy when
developing IETF specifications and also recognized making networks
unmanageable to mitigate PM is not an acceptable outcome, an
appropriate balance is needed. This document discusses current
security and network operations and management practices that may be
impacted by the shift to increased use of encryption to help guide
protocol development in support of manageable, secure networks.
Working Group Summary
This is an AD-sponsored document. It was discussed in SAAG, both on
the mailing list and in at least one face-to-face meeting (IETF 97 and
before). First IETF LC completed 2017-03-13, and it was on the
2017-04-13 telechat. There was significant discussion and revision to
address the comments/concerns raised during IESG eval, and so a second
IETF LC was held, and additional feedback / review solicited and incorporated.
Document Quality
This Informational document is a fairly extensive collection of security
and network management functions that will likely be impacted by the
increased use of encryption. Note that this document is a list of issues;
there is no attempt to ameliorate the problems in the list. It is meant to
help those who are attempting to create solutions to the problem by
giving a taxonomy of problems and ab list of useful references. It has
been significantly reworked since the first ballot to address the
comments received, and also to change the tone.
Personnel
Paul Hoffman is the document shepherd. Stephen Farrell was the
responsible AD, Warren Kumari has taken the baton since.