Re: [Add] Browser Administrative Authority
"Livingood, Jason" <Jason_Livingood@comcast.com> Wed, 29 May 2019 15:13 UTC
Return-Path: <Jason_Livingood@comcast.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C61D1201D3 for <add@ietfa.amsl.com>; Wed, 29 May 2019 08:13:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LkIVJRYts5rN for <add@ietfa.amsl.com>; Wed, 29 May 2019 08:13:25 -0700 (PDT)
Received: from copdcmhout02.cable.comcast.com (copdcmhout02.cable.comcast.com [96.114.158.212]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 974631201C7 for <add@ietf.org>; Wed, 29 May 2019 08:13:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=comcast.com; s=20190412; c=relaxed/simple; q=dns/txt; i=@comcast.com; t=1559142804; x=2423056404; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=iw+vMEkTrRxa3V/+619WvEaAjU+UJyo5TJZZ8dWor8M=; b=aKdb10O8eXH9mZH6aFzTZw9yP2vTzZZhJ95m5iosK2w8kLnx00J6eULcZCRSMYgp d246UiUs3dMLNsMqRLHNRjvuEWpEtJc+J40aEq46VGpIh7TEmN9TQ2kSzOz7Jcm+ I4kDuAiMGp4/HjQbkVh+6TSPYKcG4PUb/HhifsZ8nJ3WuUjWPdVbQZdTI3GhJDkB ifeqs2OrQsdc6LVO7l46T7zwB9mxWlvkFDnI42CnFZ/GvPvUdVu4KyRWpWvh2L1H qWW/ZcF6FfGKvynxXeO+FuQfQGQcdQB2csb8uJiyMAvnY2nsdtIB7BxNJaR8CM9E 9nAVoCkfLhsPqTzWEz2OJA==;
X-AuditID: 60729ed4-f1dff7000000add3-59-5ceea1942c73
Received: from copdcexc33.cable.comcast.com (copdcmhoutvip.cable.comcast.com [96.114.156.147]) (using TLS with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client did not present a certificate) by copdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id 1B.6E.44499.491AEEC5; Wed, 29 May 2019 09:13:24 -0600 (MDT)
Received: from COPDCEXC37.cable.comcast.com (147.191.125.136) by copdcexc33.cable.comcast.com (147.191.125.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Wed, 29 May 2019 11:13:23 -0400
Received: from COPDCEXC37.cable.comcast.com ([fe80::3aea:a7ff:fe36:8a94]) by COPDCEXC37.cable.comcast.com ([fe80::3aea:a7ff:fe36:8a94%15]) with mapi id 15.01.1713.004; Wed, 29 May 2019 11:13:23 -0400
From: "Livingood, Jason" <Jason_Livingood@comcast.com>
To: Vittorio Bertola <vittorio.bertola@open-xchange.com>, Tom Ritter <tom@ritter.vg>
CC: "add@ietf.org" <add@ietf.org>
Thread-Topic: [Add] Browser Administrative Authority
Thread-Index: AQHVEj/KCszQjrP3dE6V1AF0CU4zcaZ6sWaAgAAQiwCAAAtqgIAAHYmAgAQPzACAA0LtgA==
Date: Wed, 29 May 2019 15:13:23 +0000
Message-ID: <02980E2E-2144-4DED-9DCA-F648D61727A7@cable.comcast.com>
References: <182C9119-59F9-43FA-B116-4D45649B74B5@nbcuni.com> <07A89E54-2DFC-4B5A-9784-610BBE7D2BB2@nostrum.com> <125917581.1152.1558717017241@appsuite-gw4.open-xchange.com> <MN2PR21MB1213868D0BC3575C2589B670FA020@MN2PR21MB1213.namprd21.prod.outlook.com> <CA+cU71mw77uS-BROWrFsGg9OSPEfAVk71UnzgL_5wWdM_znHnw@mail.gmail.com> <1087980125.22084.1558949104261@appsuite-gw1.open-xchange.com>
In-Reply-To: <1087980125.22084.1558949104261@appsuite-gw1.open-xchange.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.19.0.190512
x-originating-ip: [96.115.73.252]
Content-Type: text/plain; charset="utf-8"
Content-ID: <FBA6C6B8A431D0449256DDC3590A8D4C@comcast.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrEKsWRmVeSWpSXmKPExsWSUDRnsu6Uhe9iDC5MMrL4f3odm8W6Y8cZ LV6d3MnuwOyxZMlPJo9Zjyeye7x82cIWwBzVwGhTklGUmljikpqWmlecaselgAFsklLT8otS XROLciqDUnNSE7ErA6lMSc3JLEst0sdqjD5WcxK6mDJ6JtoWbFComPvsHVsD4xH5LkZODgkB E4mZT76ydTFycQgJHGGSOH16LzuE08IkcennXlYI5zSjxKOtC9lBWtgEzCTuLrzCDGKLCIRJ 7Fz1ig3EZhZQlHg55QdYjbCAsUTr4hlsEDUmEh3LbrHD1F8+9pgRxGYRUJV4OnMx2BxeAReJ zQ+Wg9UICfQwS/xeagpicwp4S/xongpWwyggJvH91BomiF3iEreezGeCeEFAYsme88wQtqjE y8f/WEFsUQF9iR/bb7JBxBUl/s1ez9LFyAHUqymxfpc+xBgrifVP3jDDnD+l+yE7xDmCEidn PmGBaBWXOHxkB+sERslZSDbPQpg0C8mkWUgmzUIyaQEj6ypGPkszPUNDEz1DUws9I0OjTYzg lDTvyg7Gy9M9DjEKcDAq8fCKdbyLEWJNLCuuzD3EKMHBrCTCazvlTYwQb0piZVVqUX58UWlO avEhRmkOFiVxXqd5z2KEBNITS1KzU1MLUotgskwcnFINjJMV208YbHok3lrJtqHoubxifL1X f8hlgfOLz/abvFp51/Va5moui8a5yy6/NJhr7Zu0stxs0Uy10tsBt+deOr688GzMmcIio+K2 y+tlTq3iuVuUe/CtML/2xhI2ua36bEopJktf7Lq09v+lBFXv7zUGqllPJ1QEn3fXDkzcNytQ lvvQgpiAb0osxRmJhlrMRcWJAKDrVbJFAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/_Z_m5vyFqgZK-C5jV5OWn3LQgKQ>
Subject: Re: [Add] Browser Administrative Authority
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2019 15:13:29 -0000
Adding to what Vittorio said, some research I have seen suggests that people's movements are much less variable that you may think - we are creatures of habit. Most people may only be on their home network, their work network, their 4G/5G network, and maybe 1 other WiFi network (e.g. coffee shop) on the average day. In situations like the coffee shop - or a random airport WiFi - they would know trust is lower and can optionally use a VPN -- or at least feel safe in the knowledge that their web transaction is likely encrypted (which is >90% of user time on the web these days IIRC). JL On 5/27/19, 5:25 AM, "Add on behalf of Vittorio Bertola" <add-bounces@ietf.org on behalf of vittorio.bertola=40open-xchange.com@dmarc.ietf.org> wrote: > Il 24 maggio 2019 21:23 Tom Ritter <tom@ritter.vg> ha scritto: > > The network should be considered hostile until configured otherwise > because... the network usually is hostile. Or at least it's untrusted. > Every cellular connection; every coffee shop, every store's free wifi, > every friend's network you connect to, every AirBnB wireless, every > hotel... Percentage-wise, the number of untrusted networks the average > user connects to dwarfs the number of trusted networks (even if the > percentage of time spent on untrusted networks is dwarfed by the > percentage spent on trusted networks.) There definitely is a security/privacy issue for people and devices that roam a lot and it's fine to address it, but IMHO this is the view you get from a specific viewpoint and does not represent the full picture or even the best part of it. There are tons of people/devices that do not move and only use the Internet from a single trusted network, usually a home/corporate one, and rely on it for security. As a subset of this, there also is an increasing number of cases in which the user controls the network much more than the device: think of all the IoT stuff that you buy and deploy at home, but which is really a black box to you - unless you can use your local network administrator power to exert at least some control on their traffic. Perhaps this should lead to different control hierarchies and policies for roaming devices (e.g. mobile phones) than those for the rest of the world. More generally, this is what makes the ADD issues hard: different use cases have conflicting requirements. Perhaps, part of the work could be documenting the appropriate control hierarchies in different situations, as Glenn did, and then see if there are ways to reconcile the conflicts - and I suspect these are going to be by policy and user interaction, rather than by technical instruments. Ciao, -- Vittorio Bertola | Head of Policy & Innovation, Open-Xchange vittorio.bertola@open-xchange.com Office @ Via Treviso 12, 10144 Torino, Italy -- Add mailing list Add@ietf.org https://www.ietf.org/mailman/listinfo/add
- Re: [Add] Browser Administrative Authority Tom Ritter
- [Add] Browser Administrative Authority Deen, Glenn (NBCUniversal)
- Re: [Add] Browser Administrative Authority Adam Roach
- Re: [Add] Browser Administrative Authority Cook, Neil
- Re: [Add] Browser Administrative Authority Tommy Jensen
- Re: [Add] Browser Administrative Authority Tom Ritter
- Re: [Add] Browser Administrative Authority Tommy Jensen
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] Browser Administrative Authority Melinda Shore
- Re: [Add] Browser Administrative Authority Cook, Neil
- Re: [Add] Browser Administrative Authority Stephen Farrell
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Stephen Farrell
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Melinda Shore
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Ebersman
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Erik Kline
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Stephen Farrell
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Wouters
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Wouters
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Christian Huitema
- Re: [Add] Browser Administrative Authority Vittorio Bertola
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Vittorio Bertola
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… tirumal reddy
- [Add] publication of DoH Resolver policies Jim Reid
- Re: [Add] publication of DoH Resolver policies tirumal reddy
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Wouters
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Neil Cook
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… tirumal reddy
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Wouters
- Re: [Add] publication of DoH Resolver policies Livingood, Jason
- Re: [Add] publication of DoH Resolver policies Winfield, Alister
- Re: [Add] publication of DoH Resolver policies Petr Špaček
- Re: [Add] publication of DoH Resolver policies tirumal reddy
- Re: [Add] publication of DoH Resolver policies tirumal reddy
- Re: [Add] [EXTERNAL] Re: publication of DoH Resol… Winfield, Alister
- Re: [Add] [EXTERNAL] Re: publication of DoH Resol… tirumal reddy
- Re: [Add] Browser Administrative Authority Livingood, Jason
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Livingood, Jason
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Livingood, Jason
- Re: [Add] [EXTERNAL] Re: publication of DoH Resol… tirumal reddy