Re: [arch-d] Time to reboot RFC1984 and RFC2804?

John C Klensin <john-ietf@jck.com> Sun, 11 October 2020 21:20 UTC

Return-Path: <john-ietf@jck.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 117243A07AE for <architecture-discuss@ietfa.amsl.com>; Sun, 11 Oct 2020 14:20:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0cAF50oUFRCy for <architecture-discuss@ietfa.amsl.com>; Sun, 11 Oct 2020 14:20:18 -0700 (PDT)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 489793A07A0 for <architecture-discuss@ietf.org>; Sun, 11 Oct 2020 14:20:18 -0700 (PDT)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1kRilH-0002hd-61; Sun, 11 Oct 2020 17:20:11 -0400
Date: Sun, 11 Oct 2020 17:20:04 -0400
From: John C Klensin <john-ietf@jck.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
cc: architecture-discuss@ietf.org
Message-ID: <975E28FE326C22E8CD32DCC8@PSB>
In-Reply-To: <8fa06d77-e73b-aa15-683d-937e8841566f@gmail.com>
References: <8fa06d77-e73b-aa15-683d-937e8841566f@gmail.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/AFYWnkVNSE6n5Yw0Hg_3-oK768U>
Subject: Re: [arch-d] Time to reboot RFC1984 and RFC2804?
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Oct 2020 21:20:20 -0000


--On Monday, October 12, 2020 08:27 +1300 Brian E Carpenter
<brian.e.carpenter@gmail.com> wrote:

> Not to mention RFC 7258.
> 
> Orders from the Top: The EU's Timetable for Dismantling
> End-to-End Encryption:
> https://www.eff.org/deeplinks/2020/10/orders-top-eus-timetable
> -dismantling-end-end-encryption
> 
> Five Eyes and Japan call for Facebook backdoor to monitor crime
> https://asia.nikkei.com/Business/Technology/Five-Eyes-and-Japa
> n-call-for-Facebook-backdoor-to-monitor-crime  

Brian,

This, plus another variation on the theme [1], is what has been
concerning me for some time.  It has caused an occasional rant
but I'm mostly stayed silent because the IETF consensus (at
least when 7258 was published) seemed clear.

It seems to me that we (very broadly defined) may be headed into
a period in which:

(1) We are forced into a choice between encryption and other
technical privacy protections against attacks (borrowing the
7258 language) by individuals and attacks by governments
(including law enforcement), especially governments who have
jurisdiction over the sender, receiver, or other.  The default
if we don't choose and make the distinction clear to others may
be "neither".

and/or 

(2) We are forced into a choice between an open and global
Internet and one that is very fragmented with security and
privacy protective only within mutually-isolated more local
networks.  We would have either no communication among those
local networks or content filtering, application-level, gateways
at politically selected boundaries.  Refusing to chose might
result in both bad outcomes.

I want to stress that I do not advocate or welcome being forced
into those choices or any of the outcomes they might imply.  But
I think it may be where we are headed, with the two pieces you
cite above, increased pressure for "law enforcement access" in a
variety of places, etc., possibly just being road signs on that
path.

Sadly,
    john

[1] The other concern that goes with this involves assorted
enterprises deciding they need to protect themselves from
assorted bad stuff by examination of content crossing their
boundaries. For a subset of them (and their firewall, etc.)
providers, the shift to "encryption everywhere" creates a
challenge that they see no way to deal with other by eliminating
client desktop to server (or other end to end) encryption and
replacing it with client to middlebox/ middlebox to server
mechanisms, preserving encryption across the public Internet at
the cost of a single point of failure with access to cleartext
at their boundary middleboxes.