IETF Logo Mail Archive

Re: [arch-d] IAB Statement on Encryption and Mandatory Client-side Scanning of Content

Eric Rescorla <ekr@rtfm.com> Tue, 19 December 2023 17:47 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B81AC2395F0 for <architecture-discuss@ietfa.amsl.com>; Tue, 19 Dec 2023 09:47:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5vvrWdAJO1ss for <architecture-discuss@ietfa.amsl.com>; Tue, 19 Dec 2023 09:47:15 -0800 (PST)
Received: from mail-yb1-xb2d.google.com (mail-yb1-xb2d.google.com [IPv6:2607:f8b0:4864:20::b2d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B29CAC2395E4 for <architecture-discuss@ietf.org>; Tue, 19 Dec 2023 09:47:15 -0800 (PST)
Received: by mail-yb1-xb2d.google.com with SMTP id 3f1490d57ef6-dbcd0928530so3140942276.1 for <architecture-discuss@ietf.org>; Tue, 19 Dec 2023 09:47:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1703008035; x=1703612835; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=lMTysHPSs9w5vHGHx7WFdUYE6jRDCNalZND92NfxHuU=; b=BBK8eltiIx6n2en74F88LYU0++ejBOizhK9lKFKxlGIsAn8e/yqMDyH6cCGhXd9/Aj enYuleBmFv5D88QMiRMCZWjptCXzxiChWE31+8tN8bsbkY+gUS+7qIhCWpBXB98Bi3n+ JSNL5ovm+1CYjjqb775cL8S3c2ypE2YEJ5+NQo4jQ2JKBgaRdtzjaeBlTLcOwQh44CPY HXLuuOHY706jPGEvtSGsvU4aN+5OPg4U/3Snic1FkXO6ApodwfFHaBN4Vjf/usUnGrAV hUUwMGlBCtrpoAJQWwhJLvSC4IluHBQQcdPzU02pE3xlo+d5v/sODHFxAkbk2+5uyNfd az3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1703008035; x=1703612835; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lMTysHPSs9w5vHGHx7WFdUYE6jRDCNalZND92NfxHuU=; b=lEULzY3jrLTKaX1cMimkQjthVeUxkq8lnuuUxYkoPPgHpNGJeA4u7qyieoqb+1J85l kA5jE/aEqtVVfJ4HUH30GSHb7RBbRBo3wzgJtHvxlwjr6sagIf6ScWC5eCPuqYX9kCJD WEAhZQJHtmnssu6UiYvn3t4ggGDNXhS8aidi8FHnjffZaxE5wqpWfNCoCd5FbHMH60bc PpRuXqaAnFgnOWoVS4FOLqHnWl1F88mi+izAY3lZOFHuJXqdTmag0lT1yBdGs+eknflS UE8ApVfvAmwlT4Xg4QEBgCfsytKkVT4zzELN97BN+EwDShR43oTtaSmZOvQGL0a2EvEd xG7g==
X-Gm-Message-State: AOJu0YxAYuQa1v6O6soYcUD6SFym4ZK8Gsu3G6Uv8jc7N8MRXXu6z9pk ipZ1i/MMpQQJeDt5NJ6NtueEO3etWd2azhDIv0aDaw==
X-Google-Smtp-Source: AGHT+IHzGyDDIe3TBmqOxBNvT4wKlGa/kR4+TfMgFcDF+yQODOhI1+Pue2pOkPHQ/6hDVRVqLOZwjSUecyngYs5+iy8=
X-Received: by 2002:a05:6902:2007:b0:dbd:84a:c686 with SMTP id dh7-20020a056902200700b00dbd084ac686mr3277147ybb.15.1703008034799; Tue, 19 Dec 2023 09:47:14 -0800 (PST)
MIME-Version: 1.0
References: <170266952162.33107.14325064798861197261@ietfa.amsl.com> <6.2.5.6.2.20231216110256.18d0acd0@elandnews.com> <CWXP265MB5153610FBB98A7B06AF81040C290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <CAKr6gn2Hf4N+DgKHKyO+i3T3OJyYRBJhH1AdQf-uXZ0xKmJ4Eg@mail.gmail.com> <CWXP265MB515381523714FF99524410CFC290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <790032a6-24f6-60d1-fb60-4b44bd447bde@gmail.com> <fadd9250-4b31-4bf5-aa76-4f37d24fd650@cdt.org> <CABcZeBNQBw6tiW4+JSB_8J=si2ewzZfOaSxX0eU=UrMhDv+O2A@mail.gmail.com> <3e3d59f6-24c4-4449-ac08-1acfa7ebbe00@lear.ch>
In-Reply-To: <3e3d59f6-24c4-4449-ac08-1acfa7ebbe00@lear.ch>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 19 Dec 2023 09:46:38 -0800
Message-ID: <CABcZeBOu55d1DURc1AO3_VJkQjeQJ1eKK2KWB5F9KKOT8OofWw@mail.gmail.com>
To: Eliot Lear <lear@lear.ch>
Cc: S Moonesamy <sm+ietf@elandsys.com>, "architecture-discuss@ietf.org" <architecture-discuss@ietf.org>, "iab@iab.org" <iab@iab.org>
Content-Type: multipart/alternative; boundary="000000000000f6d4bf060ce074c3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/XlDhDXjxbs0wmaQR2nFeB8JJWQA>
Subject: Re: [arch-d] IAB Statement on Encryption and Mandatory Client-side Scanning of Content
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2023 17:47:16 -0000

On Tue, Dec 19, 2023 at 1:20 AM Eliot Lear <lear@lear.ch> wrote:

> Hi!
> On 18.12.2023 23:14, Eric Rescorla wrote:
>
>
> ISTM that this is an example of a setting in which we have a term of art
> which is used in a way somewhat different from its literal meaning.
>
> Specifically, it is very common right now to have clients of various kinds
> scan for material that the recipient doesn't want to receive, such as in
> the case of spam filtering, virus scanning, or Apple's sensitive content
> warning [0]. In many if not most of those cases, the operator of the device
> opted into or at least actively wants that kind of scanning. I think we can
> agree that this type of scanning works to some extent and isn't
> incompatible with open source or open protocols. This is, of course,
> scanning that happens on the client, and I believe it's what Brian is
> referring to.
>
> What the IAB statement is referring to is something different, which is to
> say scanning which is imposed upon the operator of the device whether they
> want it or not, and is designed to stop the operator from sending and
> receiving certain classes of content. As you note, it's common practice to
> refer to this and not the type of scanning in the previous paragraph as
> "client-side scanning" (in contract to "server-side scanning"), but it's
> really the mandatory part of it that makes it distinct from other cases in
> which scanning happens on the client.
>
>
> IAB statements are necessarily brief.  When they become lengthy, they have
> another vehicle: RFC.
>
Sure. This message was not intended to take sides on the IAB statement, but
merely to help clarify what seemed to be confusion about terminology.

-Ekr

With that in mind, there are clearly challenges in delineating in code the
> two cases you describe, as the interfaces that are used for one case could
> possibly be used for another; and that does strike me as intersecting the
> Internet Architecture.  I'm also confident that you have already blogged on
> this in detail ;-)
>
> Also, this discussion seems to indicate that at least some people are
> unsatisfied with the statement.  I think we should view that as an
> opportunity.  What needs to be further teased out and what should the venue
> for that teasing be?  Here?  A separate mailing list?  PEARG?  HRPC?  And
> how could the conversation best be facilitated?
>
> Eliot
>

v2.23.0 | Report a Bug | By Email