IETF Logo Mail Archive

[arch-d] Review of draft-nottingham-avoiding-internet-centralization

Jari Arkko <jari.arkko@piuha.net> Thu, 24 March 2022 11:49 UTC

Return-Path: <jari.arkko@piuha.net>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 470413A10F3 for <architecture-discuss@ietfa.amsl.com>; Thu, 24 Mar 2022 04:49:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Thd5S1GwKrU1 for <architecture-discuss@ietfa.amsl.com>; Thu, 24 Mar 2022 04:49:52 -0700 (PDT)
Received: from p130.piuha.net (p130.piuha.net [193.234.219.226]) by ietfa.amsl.com (Postfix) with ESMTP id 065773A11B6 for <architecture-discuss@ietf.org>; Thu, 24 Mar 2022 04:49:46 -0700 (PDT)
Received: from smtpclient.apple (dhcp-9af6.meeting.ietf.org [31.133.154.246]) by p130.piuha.net (Postfix) with ESMTPSA id CFE796600E3; Thu, 24 Mar 2022 13:49:43 +0200 (EET)
From: Jari Arkko <jari.arkko@piuha.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Message-Id: <F6C321FB-4F52-485B-A342-6A6641ADA0B1@piuha.net>
Date: Thu, 24 Mar 2022 12:49:42 +0100
Cc: architecture-discuss@ietf.org
To: mnot@mnot.net
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/sze8T58U1eoOSkbhuxJ8CHKPsaw>
Subject: [arch-d] Review of draft-nottingham-avoiding-internet-centralization
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2022 11:49:55 -0000

Hi Mark,

And thanks for writing this. I think this is spot-on, and a very useful document. And understanding an issue even if you can’t always do something about it is important.

I did have a few comments, though. Mostly in the category of perhaps-you-could-also-talk-about-these:

Section 6.1 talks about relationship between centralization and privacy, and points out that there's sometimes a tradeoff. I would argue that this is heavily dependent on what we're talking about. We're far along on the mission to encrypt all communications. Many of the remaining privacy issues are made worse, not better, by centralization. E.g., one entity has access to all your mail or browser history or other things. Perhaps the 6.1 language could be improved, as it currently reads a bit like focusing on privacy in standardisation and leaving centralisation to other entities. I’m not sure that’s always desirable, particularly if we want to address privacy.

More generally, I think you're missing a subsection on limiting data centralisation to too few hands. Perhaps that could be added?

Also, one thing that is not discussed but perhaps should be is the role of discovery. We seem to have an increasing number of solutions that are built for relatively fixed linkages between OS - device - browser - application - network services. For instance, a default service lead to a situation where a vast majority of users will use the default service. From a standards perspective it would be better to build on discovery such that for instance local services can be used. This is of course not always easy, but I think it needs to be looked at, at least on a per-case basis.

Section 4.4 inherited centralization — I’m not sure how much network-imposed limitations we have today, or in few years, given that in the western world at least much of the traffic is today encrypted. However, there are situations where government mandates or government - large internet content provider collaboration can create a setup where the user's choices for communication are severely restricted, and consequently, often centralized to few remaining ones. Perhaps you could talk a bit about this.

Jari

v2.23.0 | Report a Bug | By Email