Re: [arch-d] IAB statement on "Avoiding Unintended Harm to Internet Infrastructure"

Andrew Campling <> Wed, 13 November 2019 06:54 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 56EF012085B for <>; Tue, 12 Nov 2019 22:54:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id NImy1nWY4F8M for <>; Tue, 12 Nov 2019 22:53:59 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 32DF01200CD for <>; Tue, 12 Nov 2019 22:53:59 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901;; cv=none; b=ElZUyZbruxosXRdcPGeDzyAcA9nZFNxpr9mCYhgni4zvbMmTvY+hFgdBT3IstcDVrDt8oMo2JMFYbZWGd1dPrtSSCf4B6ty5mGhVKT5hY9zpF51fSTjR0P7SCIRikxVPtkmn6+WILs59pov2xwevdp87P3/0eMYlet2MvlLFzn88opDswl+/uVM9nUgYr0JpJyS9Eh3vLqew1fRxQlX9cEcsM/OeUnhEjl9JgILwLOapMD63NorwHJIwAmjNIu2yo5Wc/JiTfZphfTPgm1Tl75i/qp0P9uzHt1Fqe/8qNKWmF45oxg2qtOSrA8OmR969SqA+TAiYqWuFa1i7Mcg3TQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=igSCvG5IVuePi3oBdgnnxclfcK9iaOt8acwDPHSbrQE=; b=k1EupRGnzSoqeoACVBTxPY8ga1eD+KJI+L+31YMJPPIS0SgIqCFFcogsDj9f2OTk/zAhkozAcGpCTVKTS7NHIwB8brnlR9kQGfpTxQ/L/llk4Gxv0Q9hmdZ1LzKZ9KON+mJX6glu7n/YSHZTEXb0vWv9sj8EtGZ//cA/ip9zPTvHoBOKdpmW4wM0oHwAY8DFpROe2lyxJOvLItqB9K5M0M2aqoO1nfvAXDhI2klPSc4T3TNNK2m80xMEGhvLMKLGTGCWkDaQoZ2bbzYEQS04M215gmt/wrk/nP33EToS+09KZFcvgFg1PvvK8n1u0YfHAwr/sbOe8b4YRbXTvO983w==
ARC-Authentication-Results: i=1; 1; spf=pass; dmarc=pass action=none; dkim=pass; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1-NETORGFT5189650-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=igSCvG5IVuePi3oBdgnnxclfcK9iaOt8acwDPHSbrQE=; b=CpzlxjQrWSvtzMhoUMekZlIHSl1y2Nve2AwncSG6ZaXqHgEV3Yde7P5Zx5AUD/6SKfLa51NOjqlHfDM3JVDrJiuSpGatg/i1e6OIJC/Df14JsDKbOmqD1HW3AteefHAT07SjLIP86CjYppJXJVyJH+/X6NGAI+B+qJrKA+QqgLo=
Received: from LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM ( by LO2P265MB0542.GBRP265.PROD.OUTLOOK.COM ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2430.23; Wed, 13 Nov 2019 06:53:56 +0000
Received: from LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM ([fe80::11f9:b3d3:221d:6712]) by LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM ([fe80::11f9:b3d3:221d:6712%7]) with mapi id 15.20.2430.028; Wed, 13 Nov 2019 06:53:56 +0000
From: Andrew Campling <>
To: "" <>
Thread-Topic: [arch-d] IAB statement on "Avoiding Unintended Harm to Internet Infrastructure"
Thread-Index: AdWZ7xzz/1YK89C5RdqDpoO8+b/71w==
Date: Wed, 13 Nov 2019 06:53:55 +0000
Message-ID: <LO2P265MB0573C0D8F8D9D7ECF4E472AFC2760@LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6f8206e6-6776-46d0-2588-08d7680640b6
x-ms-traffictypediagnostic: LO2P265MB0542:
x-microsoft-antispam-prvs: <LO2P265MB05424FED2843958B33BFFF4FC2760@LO2P265MB0542.GBRP265.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0220D4B98D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(366004)(346002)(39830400003)(136003)(396003)(189003)(199004)(71200400001)(508600001)(6916009)(256004)(86362001)(316002)(966005)(6436002)(6116002)(102836004)(3846002)(14444005)(99286004)(25786009)(74316002)(305945005)(486006)(26005)(71190400001)(81166006)(81156014)(6246003)(8936002)(14454004)(7736002)(8676002)(44832011)(2906002)(30864003)(66574012)(33656002)(52536014)(2501003)(6306002)(5640700003)(66946007)(7696005)(5660300002)(229853002)(476003)(66066001)(6506007)(186003)(66556008)(66476007)(2351001)(76116006)(66446008)(9686003)(64756008)(55016002)(46492004); DIR:OUT; SFP:1101; SCL:1; SRVR:LO2P265MB0542; H:LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 0MqmN0ydOqz3SlTm3sCiZ2p8AogGVxtpZ+kiz8eAzw2omnOChpCXqJwmHZvyHGvXk3c1bJEWRSPiveMlcE35muZQFqZW3Zzkxl2DU0RQaRZVquBvRmsCiwqL+QOPpHljLsyxqWN5XiGJRhcFm4gVqNbsW0MvP0D9BzLs3QrfwZpOTaLdaGjwhO5+6NBUNhWo9V+1gBcmi415o1KuEotHEfXZoe4EfFU9cWiW0Z7awuTh1/iUB0VJBSgTpbA7HrLQXnEQ2Suon32om2egppbtuybkkzD8uaZ5DDAwipyvAcdz/nWmqGqiCyyTmYlkDM0avL66V2RxRSbq6e2vN2TpBmxSSlNs/4/ih+TBoGlyJlYeIjqO8JytDXuNdsfhkNjm+QPq91QikBYJANqFW2QGpDls2g9/3+mXScu4vpZwqHGORlvjV33ZFwc7gVdsspGh
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_LO2P265MB0573C0D8F8D9D7ECF4E472AFC2760LO2P265MB0573GBRP_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 6f8206e6-6776-46d0-2588-08d7680640b6
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Nov 2019 06:53:55.8857 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9c2ced3e-7522-4755-87dc-f983abc66ec3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: O78o89wg61jcBWP2Jmw9Mx2bf6xlEwvBR2bke06bVC6FGcXsUBI9rNneWpiEN/6KpIHgr2DI2NXBar15Uujh29XLwm/Zpfsu1fl9OTXuVDk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P265MB0542
Archived-At: <>
Subject: Re: [arch-d] IAB statement on "Avoiding Unintended Harm to Internet Infrastructure"
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 13 Nov 2019 06:54:04 -0000

Vittorio Bertola <<>> wrote on Mon, 09 September 2019 15:26

      In the DNS section, it is disheartening to read the IAB stating that "[a DNS resolver] returning the wrong (or no) address breaks the trust that users have in this infrastructure", after having spent months on the ADD list and elsewhere to explain that there are indeed lots of use cases in which users expect, or even actively request, that their resolver applies filters to the responses. In some cases it is actually the opposite - if I acquire a DNS-based service to prevent any accidental connection to malware-infected websites and then I get malware, that's when I lose trust in my DNS resolver; same for parental controls.

I believe that the broad assertion that "all DNS filtering is wrong" suggests a lack of understanding in the way that many users and entities use DNS as a control surface in a variety of contexts.  There are large classes of users that would disagree with the insistence that a DNS resolver must return the correct address in every case.

      More generally, the entire document sounds like a claim that the Internet's infrastructure and those who run it need to be exempt from cooperation with law enforcement activities, and totally unregulated.

In my view it is unrealistic to expect that governments and regulators will be content to allow the Internet's infrastructure and those who run to be exempt from cooperation with law enforcement activities, and totally unregulated.  Indeed the many privacy, antitrust and other issues that have surfaced relating to the tech sector over the last several years have led to an environment where an increase in oversight is both pretty much guaranteed and necessary.

      in the recommendations, it then mentions "endpoint-focused interventions" only to suggest that those who are subject to them should be listed explicitly in the regulation (which, by the way, is not how a law can work).

I agree that, in most if not all cases, it would neither be practical nor desirable to explicitly list all of the organisations that are subject to a specific intervention.  At best it might be possible to list categories of organisations in some cases, however even then the evolution of markets and technology may bring different categories within scope over time.

      Similarly, the section titled "Impact on Internet evolution" seems to argue against regulation of the Internet, but in the final section there is no recommendation against regulation, just a request to involve all stakeholders when discussing it.

As above, in my view it is unrealistic to expect that governments and regulators will be content to exempt the internet from regulation.  As also stated above, the many privacy, antitrust and other issues that have surfaced relating to the tech sector over the last several years have led to an environment where an increase in regulation is both pretty much guaranteed and necessary.

      It would be nice if we could understand better what is the objective that the IAB wants to achieve with this statement and what does it actually recommend, before commenting further.

I agree that it would be useful to see some clarification regarding both the objective behind the statement and the recommendation itself.