Re: [arch-d] Time to reboot RFC1984 and RFC2804?

Brian E Carpenter <> Mon, 12 October 2020 21:45 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D6EA43A0A47 for <>; Mon, 12 Oct 2020 14:45:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.312
X-Spam-Status: No, score=-2.312 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.213, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id PyfnJyjRzOWd for <>; Mon, 12 Oct 2020 14:45:18 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AC9763A0A3E for <>; Mon, 12 Oct 2020 14:45:18 -0700 (PDT)
Received: by with SMTP id r10so15691799pgb.10 for <>; Mon, 12 Oct 2020 14:45:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=uLs2b6g2/6YOaIxOU4k1ftxwg8HPMzK3NuUnaZqCHf4=; b=GcdpUnIh1Hr/XDwKei2YnYkTXtQE2D7spSKKdpx1Kx1d5+EfsRB4IP6Dn3kgYNUkcc KMsKu7PSClINnLYoQ710ITorFWsJfufdVLFIh9ysP45W5i1LrPxEUR8DOvf6TF/bv29e o9q3+D7M54xCyF+JtzCeMwF842GLF49ReB0sZbLGAR4i9sTBgtl+hzTq1nG5bh5RxGod tggveSeoXi0ve28FbTiIHmwSj3f5WDju3uqpv40/QYk2Pn46PWWTXcQ/fD88BeAAMYtc krZzzyN6sEZMUHfzQwRDiU5aS9G8R2csXvmU1d3yj63Djsx2G6WntQfugUv14Xn3ldqp vVqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=uLs2b6g2/6YOaIxOU4k1ftxwg8HPMzK3NuUnaZqCHf4=; b=Nn9Ow5Nuji+c50bi6Po/5+tTzHNuyZwNrg667DnJ/CHfz4a0NsQiksMWhW3mcZaT3T DX4a8ue9CkYUL33yNLZglIc4wznIpedANboq6FRefa2y31MEzRZkMDEIS6FwtHDkI+Kl nFaNVrhL50TYm7RFO9IXV3V0yAcr+OciKJdwvGa975P/TI9rDG9wWiFurhp7P558zX9T vr/lBLRG/1mZG65uW+WreRVLbhXNBt++Qc9RWK8ALTxIO4CebIEOcIWGB0BwD8ERWLrk MXaU9hQ8pQnky5E5zroAKcqn/usWAgaQZ54oTSDjKxa+ZYLmQGvAnnPRc7ARdv7PocfJ aY9g==
X-Gm-Message-State: AOAM530jZXfszu2C6a2gyBZkn8/qXn0K6PxQmO9Vrk4rs31VAJ6ij/qd BoZ5C3+g+hzqGG+FyodT1b0Lvh8rn6kUOg==
X-Google-Smtp-Source: ABdhPJyOiQ2oi+gsGtD0Gyz4dPzc3qo23NQcq8ZQsXk/D4gF+OLbdagOPDSCpEK00DWlbHToxRp7mw==
X-Received: by 2002:aa7:9245:0:b029:156:552a:1275 with SMTP id 5-20020aa792450000b0290156552a1275mr2909556pfp.12.1602539117692; Mon, 12 Oct 2020 14:45:17 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id m11sm20899986pfa.69.2020. (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Oct 2020 14:45:16 -0700 (PDT)
To: Andrew Campling <>, Christian Huitema <>, John C Klensin <>
Cc: "" <>
References: <> <975E28FE326C22E8CD32DCC8@PSB> <> <LO2P265MB05736C784B36942C7ECF71ECC2070@LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM>
From: Brian E Carpenter <>
Message-ID: <>
Date: Tue, 13 Oct 2020 10:45:13 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <LO2P265MB05736C784B36942C7ECF71ECC2070@LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [arch-d] Time to reboot RFC1984 and RFC2804?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 12 Oct 2020 21:45:20 -0000

On 13-Oct-20 10:29, Andrew Campling wrote:
> On 10/11/2020 23:50, Christian Huitema wrote: 
>> There may be something else. The government actions typically operate through application 
>> providers acting as gatekeepers, as in "Facebook, please provide me a clear-text version of 
>> these messages". If there are just a few platforms managing a large share of the 
>> communications, governments merely have to lean onto these platforms to obtain what they 
>> want. And if a company is running a big communication business, it will come to terms with 
>> local governments in order to protect that business.
>> If the IETF wants to protect individual freedoms, then it might want to focus on distributed 
>> architecture for communication services.
> This could lead to a situation where it appears to be an unaccountable tech sector against democratically elected governments, remembering that the tech sector is responsible for surveillance capitalism, helped enable Cambridge Analytica and its ilk, provides tools facilitating misinformation campaigns etc.  In other words, the sector cannot claim the moral high ground here; this may not end well.  
> That said, it would be good news to see action taken to stop the accelerating pace of centralisation which seems likely to undermine the resilience of the Internet and potentially weaken privacy.  

We're not "the tech sector", however, nor are we rampaging libertarian capitalists. The strength of the arguments in RFC1984 and RFC2804 is that they are technical arguments about how to ensure security. RFC7258 is also based on technical arguments, although it's a bit harder to claim that it's 100% technical. I'm sure that we will see more work on fully distributed (serverless) encrypted mechanisms but I'm also wondering whether the IAB should say anything, possibly via ISOC. The basic message is only "please reread RFCs 1984, 2804 and 7258, because nothing has changed."