Re: From Declan DO READ OK-- who is saying what. Either Declan is mis-reporting or Tony is wrong or both are partilaly right or wrong.

[David Farber <dave () farber net>]

Begin forwarded message:

From: Jacob Appelbaum <jacob () appelbaum net>
Date: September 13, 2008 1:42:32 AM EDT
To: Tony Rutkowski <trutkowski () verisign com>
Cc: Edward Vielmetti <edward.vielmetti () gmail com>, David Farber <dave () farber net 
>, Steven Bellovin <smb () cs columbia edu>, Declan McCullagh <declan.mccullagh () CNET COM 
>
Subject: Re: [IP] From Declan DO READ OK-- who is saying what. Either   
Declan is mis-reporting or Tony is wrong or both are partilaly right   
or wrong.

Tony Rutkowski wrote:
> Hi Ed,
>
> > Here is the page on the ITU site re Declan's disputed document, as
> > listed on the meeting notes from
> >
> > http://www.itu.int/md/T05-SG17-080407-TD/en
> >
> > Someone (Tony?) with proper TIES access can verify this document  
> > text.
>
> There are many documents in that directory and they
> were all checked.
>
> As I indicated in my email, there is no such document.
> A team of people searched everything imaginable.

For what exactly? What were you checking for?

> The basis for work remains an array of documents that
> are all directed at effecting source authentication
> for an array of essential needs such as mitigating
> DOS attacks and SPAM, effecting settlements, adding
> consumer protection features, NSEP, and meeting legal
> and regulatory requirements.

That sounds interesting. I'd love to be able to read all of the
documents involved with this work.

> Ironically, the most significant effort in this area
> in the ITU-T is actually Larry Roberts' specifications
> for authenticated IP streams.

[...]

> The infamous text was finally discovered to be the musings
> of someone in a private email - someone who is actually
> an American consultant.  He is expected to provide an
> explanation on Monday.


Didn't you just say that there is no such document? What document were
you referring to that wasn't found? If you're not discussing the email
that you've found, what were you looking for?

Unless I misunderstand what you're saying; thank you for confirming that
the leaked document in question is legitimate. It's not just Steven
Bellovin or Declan McCullagh making that claim. It's confirmed by
Verisign now.

Can you explain what relation this consultant has to Verisign, the ITU
or any of the other involved parties? Perhaps the consultant would like
to disclose his name so that we can include him in this discussion?

I'm very curious to hear his explanation for the requirements he listed.

Just to reiterate, the leaked document[0] said the following (in
addition to other things):

'1.5 Proxy "Safe harbor" A political opponent to a government
publishes articles putting the government in an unfavorable light.
The government, having a law against any opposition, tries to
identify the source of the negative articles but the articles having
been published via a proxy server, is unable to do so protecting
the anonymity of the author.'

Are you saying that this isn't a requirement? Or that the requirement
wasn't adopted? I don't have TIES access and so I cannot read all of the
documents in question. It seems rather odd to keep people in the dark
about such an important issue. Or is the idea that we should wait until
2009?

> As a former journalist, I regard the behavior here as
> highly irresponsible journalism, and I'll not further
> communicate with those who behave so egregiously, nor
> authorize quotes from my emails.

What do you specifically take issue with? Didn't you just confirm the
leaked document? Hadn't it already been confirmed by a reputable source?

Regards,
Jacob Appelbaum

[0]
http://politechbot.com/docs/itu.traceback.use.cases.requirements.091108.txt




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com