Re: [arch-d] IAB Statement on Encryption and Mandatory Client-side Scanning of Content
Phillip Hallam-Baker <phill@hallambaker.com> Mon, 18 December 2023 19:12 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AD25C14F6AF for <architecture-discuss@ietfa.amsl.com>; Mon, 18 Dec 2023 11:12:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.406
X-Spam-Level:
X-Spam-Status: No, score=-6.406 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id or5OeRgwnjMq for <architecture-discuss@ietfa.amsl.com>; Mon, 18 Dec 2023 11:12:56 -0800 (PST)
Received: from mail-oo1-f44.google.com (mail-oo1-f44.google.com [209.85.161.44]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9282C14F682 for <architecture-discuss@ietf.org>; Mon, 18 Dec 2023 11:12:56 -0800 (PST)
Received: by mail-oo1-f44.google.com with SMTP id 006d021491bc7-591341db3a1so2340611eaf.3 for <architecture-discuss@ietf.org>; Mon, 18 Dec 2023 11:12:56 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702926775; x=1703531575; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=VlI5jAJBRC9+kKRv1YwjkcR2ZJHbrMTRN2JnIEpVGrQ=; b=Efp8ontU3rohtzftqg+7ttrbU/1oPHaC9J6gKS12ee+F3yjW1/sEhaASO3GfenPBpX wCVQkX9sGFzsMagpu/W56UXV7a80bGGUHa/ViBEEq4ghHEX2ciCySZPs32duwAS8BBe6 lDcspEAda6E09K09PbbUgBs5jwVvJ8XSsTDDSsT+Gt0Luvt8jqrXiBU+B42Ge8IinLhK sCHGNjW00sCee9Pr9RhaZqCO9f4p/Pv0u4CfkHghf+xAMxk0IojwaR/lYt7kDftSlALE J+YDm+YUyp3lLiY6T+n/Zd5DR1MUPVGcV6F3VpwKLof46QmVhQ0htw5eD4kbAtkvxWs3 MhiA==
X-Gm-Message-State: AOJu0YyXi9S7a+hGk2vwQbUbGJQ0VCorqj7RxKVOK5Mw0gcz5wNRp3ZS wTkfOchhr6tbCPV5rtca3rAuALVr42daHQbigyXFmZO9F4w=
X-Google-Smtp-Source: AGHT+IHUSA3uecD0yiiOAG6Rm9hEP8Ka4ALLoYI91FR3nLaz7rGuhHQUz5kCnco0zhjlEi8Al1dzRwTPr3NNn8hI7p8=
X-Received: by 2002:a05:6820:2224:b0:58d:9942:b49 with SMTP id cj36-20020a056820222400b0058d99420b49mr14739774oob.9.1702926775426; Mon, 18 Dec 2023 11:12:55 -0800 (PST)
MIME-Version: 1.0
References: <170266952162.33107.14325064798861197261@ietfa.amsl.com> <6.2.5.6.2.20231216110256.18d0acd0@elandnews.com> <CWXP265MB5153610FBB98A7B06AF81040C290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <CAKr6gn2Hf4N+DgKHKyO+i3T3OJyYRBJhH1AdQf-uXZ0xKmJ4Eg@mail.gmail.com> <CWXP265MB515381523714FF99524410CFC290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <0ce2f14c-0247-4aec-a6ce-8e6607ef8f32@cdt.org> <6.2.5.6.2.20231218064540.0a3e7ce0@elandnews.com> <CAGVFjMK17Crp4=mKfn_Csvf_RhQEwRJa98DKB6=w7Ove-N+8vg@mail.gmail.com>
In-Reply-To: <CAGVFjMK17Crp4=mKfn_Csvf_RhQEwRJa98DKB6=w7Ove-N+8vg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Mon, 18 Dec 2023 14:12:41 -0500
Message-ID: <CAMm+LwirZLKaExXeeDOOuM_qRSHirpv71ZsbNumn_xhGdBAdww@mail.gmail.com>
To: architecture-discuss@ietf.org
Content-Type: multipart/alternative; boundary="0000000000008723c9060ccd8991"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/M4OzR-BzQE28pnOmAZKXvKq7EQY>
Subject: Re: [arch-d] IAB Statement on Encryption and Mandatory Client-side Scanning of Content
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Dec 2023 19:12:57 -0000
This is an important discussion. But I get the feeling that a core problem both here and among the policy makers is the notion that opponents of regulating use of cryptography don't understand the uses made of strong encryption by terrorist groups to evade intercept capability. When I was 18, I woke to the news that the Provisional IRA had attempted to assassinate my cousin along with other members of the British cabinet. Some years late, I learned that my MP, Peter Morrison had been arrested on more than one occasion for offenses committed in a children's home. Instead of prosecuting him, he was made party vice chairman so they could 'keep an eye on him'. Meanwhile in the US, well known politicians of both parties eagerly sought the endorsement of Gerry Adams, the leader of the PIRA and attended numerous fundraisers to buy bullets and bombs knowing full well that they were building their political careers on the murder of civilians. I have been a consistent advocate for effective measures to oppose the use of violence to effect political ends. Stopping the terrorists getting access to guns, bullets and the means to make bombs has a proven record of being effective. I have absolutely no sympathy for the position that means of communication must be regulated while access to instruments of death must be entirely unfettered. When I met Tim Berners-Lee in 1992 and he showed me the Web, I joined the project because I saw it as a continuation of the work done across Eastern Europe during the cold war. The Soviet Union had just collapsed because the weight of free expression was too much for the corrupt dictatorship to bear. Several people have made the argument that governments aren't interested in these issues. Which comes as a surprise to those of us who know what 'HM Cabinet Office' means on a name badge. If certain people found a certain presentation in Singapore incomprehensible, it was because they weren't the intended audience. I was telling certain people that I was fed up of certain criminal parties being allowed to act with impunity so that our own illegals don't end up having a hard time. If the actions of certain parties are so flagrant and obvious that someone like myself who does not have a clearance can see what they are up to, something is up. One of those individuals has since been arrested and served time, the other has not but the FBI officer who I understand to have been heading the counter-intel desk in charge of that case has just received four years for taking bribes from a foreign operative. So in case it's not obvious, I am doing the same here. HMG doesn't have the travel budget post-Brexit but they can afford to subscribe to a mailing list or five hundred. So let me make the case with CLARITY. To be effective, the IAB case must stick closely to its established field of expertise. There is an established form for such submissions. 1) Statement of authority: Who is speaking and why do they have it. 2) Describe the argument being disputed 3) Introduce evidence 4) Demonstrate that the disputed argument is flawed It has been asserted by the proponents of client side scanning that this technology can be deployed in an effective form without impact on the right of freedom of expression. It is not the IAB that has brought up human rights, the technology proponents did when they attempted their prebuttal. The point I would begin with is that the Internet is an international infrastructure that by design lacks a central point of control. To be viable, any technical proposal must work for every user of the Internet regardless of which country they are a citizen of, which country they reside in or which country they currently happen to be visiting. If an intercept capability were to be deployed for use by Western governments, the same capabilities would have to be shared with foreign governments and those intercept capabilities could not be limited to intercepting communications by their own citizens, residents or even communications originating or passing through their territory. The problem of abusing intercept capabilities is not limited to the likes of corrupt FBI officers such as McGonigal. The PRC uses the term 'Information Terrorism' to refer to what we in the West call 'freedom of expression'. Client side scanning is a form of constrained intercept. To be effective, the scanning application must disclose metadata and results of analyzing content data to an external party. If HMG is successful in forcing deployment of client-side scanning to deter content it finds objectionable, dictatorships will demand scanning to deter content they find objectionable. Resisting such demands from convenient dictatorships is likely to prove even more challenging. To be effective against the targeted groups, any form of intercept, including client-side scanning must be pervasive or the targeted groups will simply switch to an infrastructure that is not subject to the requirements. Thus a proposal limited to the largest platform providers must inevitably be expanded to apply to every provider or the entire point is lost. My own end-to-end secure messaging technology allows anyone to become a service provider and for users to choose their service provider and to change that choice at any time. It is thus straightforward for a UK citizen to make use of a service provider in Argentina, they can even be their own service provider if they choose. As with many naive security mechanisms, client side scanning is a technology that requires the constant addition of epicycles to save the appearances. Like Brexit it only sounds like a great idea when condensed to a slogan to fit on the side of bus.
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… George Michaelson
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Vittorio Bertola
- Re: [arch-d] IAB Statement on Encryption and Mand… Christian Huitema
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Andrew Campling
- Re: [arch-d] IAB Statement on Encryption and Mand… Andrew Campling
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Wes Hardaker
- Re: [arch-d] IAB Statement on Encryption and Mand… Hesham ElBakoury
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Eliot Lear
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- [arch-d] Off topic [was: IAB Statement on Encrypt… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Arnaud Taddei
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] [EXTERNAL] Re: IAB Statement on Encr… Tommy Jensen
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Adrian Farrel
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Hesham ElBakoury
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Vittorio Bertola
- Re: [arch-d] IAB Statement on Encryption and Mand… John Levine
- Re: [arch-d] IAB Statement on Encryption and Mand… Mirja Kuehlewind (IETF)
- Re: [arch-d] [IAB] IAB Statement on Encryption an… Mirja Kuehlewind (IETF)