Re: [arch-d] IAB Statement on Encryption and Mandatory Client-side Scanning of Content
Arnaud Taddei <arnaud.taddei@broadcom.com> Tue, 19 December 2023 09:36 UTC
Return-Path: <arnaud.taddei@broadcom.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09334C14F5EB for <architecture-discuss@ietfa.amsl.com>; Tue, 19 Dec 2023 01:36:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=broadcom.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OC6ELAYOf8_j for <architecture-discuss@ietfa.amsl.com>; Tue, 19 Dec 2023 01:36:15 -0800 (PST)
Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com [IPv6:2a00:1450:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 28D5EC14F5FF for <architecture-discuss@ietf.org>; Tue, 19 Dec 2023 01:36:14 -0800 (PST)
Received: by mail-wm1-x335.google.com with SMTP id 5b1f17b1804b1-40d05ebe642so14082485e9.0 for <architecture-discuss@ietf.org>; Tue, 19 Dec 2023 01:36:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; t=1702978572; x=1703583372; darn=ietf.org; h=mime-version:accept-language:in-reply-to:references:message-id:date :thread-index:thread-topic:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=+n0iUxYTNY/M6C5jaS8dv0XgrZfiaK1ICDVKA5gJX7k=; b=Y6piyfYI3mA/difiKWXC4OEsEjgfj64B0wFKYWWlBB20O17VIgIfWI2SH4so2uGhJV boy05UYurP7gNA6LFJxvXLxJV7mwHMFyMetlOZfazbHVjRodXDNcm6Eqxhj5Hep3CPY8 L/APa16zCrmeVfW1W7VbcgfbSBtHlvq7sy/io=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702978572; x=1703583372; h=mime-version:accept-language:in-reply-to:references:message-id:date :thread-index:thread-topic:subject:cc:to:from:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=+n0iUxYTNY/M6C5jaS8dv0XgrZfiaK1ICDVKA5gJX7k=; b=WVJx70WQit7/Sde84YhyYIHqTB/b6vykffPsOCzFFbLTRZ6GN9aywteJHi1YdD0W2c L2DiZzod9iigPH3DYKd4u0xY5AUaIPC1Gtic2hDD4R2t2pw4pFVAlacC9kvwDgo+MEwu r8IemaUHYWRX+5vf/HznTUOwVwEcdGQYoc+9nAtVqdwJJCKrY5VaMyOouTPOqNq3Hbie QVGJsZPehHh4M4Q6LpH9L9sRHXDHeY9jAxlmg2QTabauF5+nSn78sGJjX6KgP5AtYoR3 8LInkJPnUhqtlFIn5fCetn9CGd4W3pLcj/kPYAd9t8XuKAIUR5Ihot582YlExPowVO2/ 9WWQ==
X-Gm-Message-State: AOJu0Yz4QYx+CWiTIwmSb7Nv8Ib9+bFO0OnXz5KRycpcdy8eNxx1PYkN X0fUoX+upRpxuu8UX+me6RR+R+uenFIfCw3HnHg8mojs4pWKhOsAsQ0xbh1f7JVHm8ray5MGMf4 JE/TN07DGcp163E3nrByBXUG5KHMEJg==
X-Google-Smtp-Source: AGHT+IEFG2sqxNqN7HNHz532QZH1xjtZ1UY0n6ufNDpMhVx9quFl4cVQx11XpC3NA28mLTvTqcP/Qg==
X-Received: by 2002:a05:600c:46d4:b0:40b:5e26:2382 with SMTP id q20-20020a05600c46d400b0040b5e262382mr396784wmo.51.1702978572292; Tue, 19 Dec 2023 01:36:12 -0800 (PST)
Received: from CWLP123MB4435.GBRP123.PROD.OUTLOOK.COM ([2603:1026:c08:b4::5]) by smtp.gmail.com with ESMTPSA id ay10-20020a05600c1e0a00b0040d1bd0e716sm1985733wmb.9.2023.12.19.01.36.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 01:36:11 -0800 (PST)
From: Arnaud Taddei <arnaud.taddei@broadcom.com>
To: Eliot Lear <lear@lear.ch>, Eric Rescorla <ekr@rtfm.com>
CC: S Moonesamy <sm+ietf@elandsys.com>, "architecture-discuss@ietf.org" <architecture-discuss@ietf.org>, "iab@iab.org" <iab@iab.org>
Thread-Topic: [arch-d] IAB Statement on Encryption and Mandatory Client-side Scanning of Content
Thread-Index: ATE2MDc2xwLrR13JpH/u2EsEnrfqRDA4MDEy0HR0yYCAACktgIAAfkgAgACQyoCAAA91gIAAINQAgAC4ugCAAATxmw==
X-MS-Exchange-MessageSentRepresentingType: 1
Date: Tue, 19 Dec 2023 09:36:10 +0000
Message-ID: <CWLP123MB4435EE67EDAD233E93AC7CDDF797A@CWLP123MB4435.GBRP123.PROD.OUTLOOK.COM>
References: <170266952162.33107.14325064798861197261@ietfa.amsl.com> <6.2.5.6.2.20231216110256.18d0acd0@elandnews.com> <CWXP265MB5153610FBB98A7B06AF81040C290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <CAKr6gn2Hf4N+DgKHKyO+i3T3OJyYRBJhH1AdQf-uXZ0xKmJ4Eg@mail.gmail.com> <CWXP265MB515381523714FF99524410CFC290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <790032a6-24f6-60d1-fb60-4b44bd447bde@gmail.com> <fadd9250-4b31-4bf5-aa76-4f37d24fd650@cdt.org> <CABcZeBNQBw6tiW4+JSB_8J=si2ewzZfOaSxX0eU=UrMhDv+O2A@mail.gmail.com> <3e3d59f6-24c4-4449-ac08-1acfa7ebbe00@lear.ch>
In-Reply-To: <3e3d59f6-24c4-4449-ac08-1acfa7ebbe00@lear.ch>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-Exchange-Organization-SCL: -1
X-MS-TNEF-Correlator:
X-MS-Exchange-Organization-RecordReviewCfmType: 0
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000e264f0060cd998ae"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/THHUrdn3hGiw1esEycmE2Dnro3I>
Subject: Re: [arch-d] IAB Statement on Encryption and Mandatory Client-side Scanning of Content
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2023 09:36:19 -0000
I can only agree with your last clause Eliot which allows me to not make a long email why I am in the unsatisfied camp. Have all a very good festive season and jump in the new year. From: Architecture-discuss <architecture-discuss-bounces@ietf.org> on behalf of Eliot Lear <lear@lear.ch> Date: Tuesday, 19 December 2023 at 10:20 To: Eric Rescorla <ekr@rtfm.com> Cc: S Moonesamy <sm+ietf@elandsys.com>, architecture-discuss@ietf.org <architecture-discuss@ietf.org>, iab@iab.org <iab@iab.org> Subject: Re: [arch-d] IAB Statement on Encryption and Mandatory Client-side Scanning of Content Hi! On 18.12.2023 23:14, Eric Rescorla wrote: ISTM that this is an example of a setting in which we have a term of art which is used in a way somewhat different from its literal meaning. Specifically, it is very common right now to have clients of various kinds scan for material that the recipient doesn't want to receive, such as in the case of spam filtering, virus scanning, or Apple's sensitive content warning [0]. In many if not most of those cases, the operator of the device opted into or at least actively wants that kind of scanning. I think we can agree that this type of scanning works to some extent and isn't incompatible with open source or open protocols. This is, of course, scanning that happens on the client, and I believe it's what Brian is referring to. What the IAB statement is referring to is something different, which is to say scanning which is imposed upon the operator of the device whether they want it or not, and is designed to stop the operator from sending and receiving certain classes of content. As you note, it's common practice to refer to this and not the type of scanning in the previous paragraph as "client-side scanning" (in contract to "server-side scanning"), but it's really the mandatory part of it that makes it distinct from other cases in which scanning happens on the client. IAB statements are necessarily brief. When they become lengthy, they have another vehicle: RFC. With that in mind, there are clearly challenges in delineating in code the two cases you describe, as the interfaces that are used for one case could possibly be used for another; and that does strike me as intersecting the Internet Architecture. I'm also confident that you have already blogged on this in detail ;-) Also, this discussion seems to indicate that at least some people are unsatisfied with the statement. I think we should view that as an opportunity. What needs to be further teased out and what should the venue for that teasing be? Here? A separate mailing list? PEARG? HRPC? And how could the conversation best be facilitated? Eliot -- This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… George Michaelson
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Vittorio Bertola
- Re: [arch-d] IAB Statement on Encryption and Mand… Christian Huitema
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Andrew Campling
- Re: [arch-d] IAB Statement on Encryption and Mand… Andrew Campling
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Wes Hardaker
- Re: [arch-d] IAB Statement on Encryption and Mand… Hesham ElBakoury
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Eliot Lear
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- [arch-d] Off topic [was: IAB Statement on Encrypt… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Arnaud Taddei
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] [EXTERNAL] Re: IAB Statement on Encr… Tommy Jensen
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Adrian Farrel
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Hesham ElBakoury
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Vittorio Bertola
- Re: [arch-d] IAB Statement on Encryption and Mand… John Levine
- Re: [arch-d] IAB Statement on Encryption and Mand… Mirja Kuehlewind (IETF)
- Re: [arch-d] [IAB] IAB Statement on Encryption an… Mirja Kuehlewind (IETF)