Re: [arch-d] Review of draft-nottingham-avoiding-internet-centralization
Mark Nottingham <mnot@mnot.net> Sun, 22 May 2022 03:52 UTC
Return-Path: <mnot@mnot.net>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79E45C06D7E1 for <architecture-discuss@ietfa.amsl.com>; Sat, 21 May 2022 20:52:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=OYyMP+tf; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=TGBwHY3z
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sxu6kZRs93sM for <architecture-discuss@ietfa.amsl.com>; Sat, 21 May 2022 20:52:27 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EAFD7C06D7E0 for <architecture-discuss@ietf.org>; Sat, 21 May 2022 20:52:26 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id B698F5C01A7; Sat, 21 May 2022 23:52:25 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Sat, 21 May 2022 23:52:25 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1653191545; x= 1653277945; bh=RH6dmBufOXHwCzewSnHYdZVHtmZnG5hG+Acycd1I7XI=; b=O YyMP+tf+R9d3RDjjSsw5XjI2RD7RmS3dIIANgLL8l3b1n9J5Ye5I/vBZvZA2mKYT l+Vlmv7AWUgmtGphl+gRXYTWhjxHBhREXZ9KBA1elFH8j3pPo6GoCwk+QWm90PPs XP1RwFMlySocpl8c9sK5aoIZlK5BVuiQx54LncksHMCkoecBDQ68T+J9I8P/Uyq/ UdMXznGzDGA5RT+7c4Zb9Srbvtm5WhvUpPwWCnvE4Dnpji1fiB505yuhv9Z63am0 YHdMlyH4Xxiya0pE0OubVqcCwzvPbP1rD7Ut97JLWbrv/kHdb/5e3pPJFKEATyiq 3Rs3Xi5ojDmBaAictWFlA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1653191545; x= 1653277945; bh=RH6dmBufOXHwCzewSnHYdZVHtmZnG5hG+Acycd1I7XI=; b=T GBwHY3zXPM6uzxYBA91RtY6QUcOnh4pLq0TV9YXC8CgCH81GYxCzcUZRecjoKEJW fIJFb//h4xD8xT0hL1c5DxvJvFbHQdhnuQzHuY+W0vuhO/V/LNs+pNbGeR2bayK8 JWtjc9Ar0QVsb484tZVeEtbPOvUPuGeRFQIGiJ07TRg0TQbVQ0wb7LHKYVX/u/Qr hf4gnah2GCtzyFlcVRqnBJL+uXnSx6TaBOh34gI1sQrwPqF3SgvNk395jt3lN0Kj 6ail4eqGt3b5NCNIsNOldQAkDrMwZP8iKdVEzXFxk0FZd9MINy68Dh5+XdqNDuHz BpKW7I10lwn2n8GwA3gdw==
X-ME-Sender: <xms:ebOJYiS_-LELQl4iAJGE7wel6LwpZyI2NQ6SMkR7nNvC04ON-_8RHQ> <xme:ebOJYnzWyffXFCTAFtqBZX2aBwiExEkQTeAIpvbG6G3n4sB2brzmT-bCIauAhAOAT DH6PXF78hvPZRcBPg>
X-ME-Received: <xmr:ebOJYv0SVBGVTlrU6uiWM9AmHpKnUgh1lFyWy-HGV871ne2YqEF4Kdob0ntBihqLhUXbWpGtXfCrJt4sifIRysnk7oFe3lHWjKrFK5rDNSFQ51pqSsf4jJ-h>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrieejgdejhecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpegtggfuhfgjffevgffkfhfvofesthhqmhdthhdtjeenucfhrhhomhepofgrrhhk ucfpohhtthhinhhghhgrmhcuoehmnhhothesmhhnohhtrdhnvghtqeenucggtffrrghtth gvrhhnpedvffeujedtueevtdejgeetleeftedukeegjeegvdekledvheekleeufeekjeet ueenucffohhmrghinhepghhithhhuhgsrdgtohhmpdhmnhhothdrnhgvthenucevlhhush htvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmnhhothesmhhnohht rdhnvght
X-ME-Proxy: <xmx:ebOJYuDP-hUNbp_G9Uy-X2eckUjDTs1lcfj7mBqfkmZfcQq67ABWIA> <xmx:ebOJYriGUdG3kct_EW4mKF702mMsQ0Y3qKIsKbHvTOUFWmLI70dNNw> <xmx:ebOJYqpIRqE_7KMLo8mbU1WtXs9VwTSTNMQTHrmpSwuV6r4CZmnR3g> <xmx:ebOJYjb3J-MZP-dIZsLgPd0BLskSd1jh6b11Vf1pCj-C5IFA1qyNow>
Feedback-ID: ie6694242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 21 May 2022 23:52:24 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <1967B24F-F19C-462B-815F-65F0D7B4742F@piuha.net>
Date: Sun, 22 May 2022 13:52:21 +1000
Cc: architecture-discuss@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <1496E292-1F0C-49E8-87ED-5A27F2601045@mnot.net>
References: <F6C321FB-4F52-485B-A342-6A6641ADA0B1@piuha.net> <E0D644AF-9F40-4A94-AE85-D57C08D0A77F@mnot.net> <1967B24F-F19C-462B-815F-65F0D7B4742F@piuha.net>
To: Jari Arkko <jari.arkko@piuha.net>
X-Mailer: Apple Mail (2.3696.100.31)
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/vLOgqyaE2PHFpb5RU9d1f3wRmo0>
Subject: Re: [arch-d] Review of draft-nottingham-avoiding-internet-centralization
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 May 2022 03:52:31 -0000
Thanks, Jari - that's very helpful. Just so folks know, I'm responding in the issues created. Cheers, > On 21 May 2022, at 12:32 am, Jari Arkko <jari.arkko@piuha.net> wrote: > > Mark, > > Returning to this topic. > >>> Section 6.1 talks about relationship between centralization and privacy, and points out that there's sometimes a tradeoff. I would argue that this is heavily dependent on what we're talking about. We're far along on the mission to encrypt all communications. Many of the remaining privacy issues are made worse, not better, by centralization. E.g., one entity has access to all your mail or browser history or other things. Perhaps the 6.1 language could be improved, as it currently reads a bit like focusing on privacy in standardisation and leaving centralisation to other entities. I’m not sure that’s always desirable, particularly if we want to address privacy. >> >> Agreed - I've created: >> https://github.com/mnot/avoiding-internet-centralization/issues/27 > > Thanks. I added some text proposal on GitHub. Or at least a start for one. > >>> More generally, I think you're missing a subsection on limiting data centralisation to too few hands. Perhaps that could be added? >> >> I'm not sure what you mean here, although it might brush against an issue I recently created: >> https://github.com/mnot/avoiding-internet-centralization/issues/26 >> >> Could you expand / give examples? > > That issue seems to be about something else. > > But in any case, the suggested text for issue 27 does add some discussion of what the ’data in too few’ hands might imply. Did that text clarify what I meant? > > (I think it is a bigger issue in the sense that it might be raised on its on subsection as well, but your call on how you want to edit the document.) > >> >>> Also, one thing that is not discussed but perhaps should be is the role of discovery. We seem to have an increasing number of solutions that are built for relatively fixed linkages between OS - device - browser - application - network services. For instance, a default service lead to a situation where a vast majority of users will use the default service. From a standards perspective it would be better to build on discovery such that for instance local services can be used. This is of course not always easy, but I think it needs to be looked at, at least on a per-case basis. >> >> Yes - I think that's hinted at in the discussion of 'Decentralise Proprietary Functions' -- but that might not be the best framing, and more examples / discussion would probably help. I've created: >> https://github.com/mnot/avoiding-internet-centralization/issues/28 > > Here I don’t have a text proposal yet, but maybe one could cover at least the following: > > - examples: OS, device, browser, and application systems get built to use very specific services. E.g., the use of DNS resolvers. > - effects: Difficult for other or local services to be used. > - rationale for X to be built with very specific binding to a service: Whoever builds X understands exactly what they need and what is provided by the service. There may also be contracts associated with the use of that specific service. > - issue: While settings can be changed, that is not a practical alternative for vast majority of users > - issue: Sets up a model where only the services that can have a default bundling and a contract e.g. with major browser or OS vendor will actually get used > - issue: Internet and applications become more and more ’packaged’, designed & curated black box services where changing components or parts is difficult > - possible alleviating techniques: Modularity, discovery, indirection > - difficulties: For many functions, it is not ok to use a random thing that someone nearby offers, for obvious security reasons. Indirection and user/os-specificed trusted roots for specific functions may be helpful though. > - other: there’s probably some more considerations that at least I have not figured out yet > >> >>> Section 4.4 inherited centralization — I’m not sure how much network-imposed limitations we have today, or in few years, given that in the western world at least much of the traffic is today encrypted. However, there are situations where government mandates or government - large internet content provider collaboration can create a setup where the user's choices for communication are severely restricted, and consequently, often centralized to few remaining ones. Perhaps you could talk a bit about this. >> >> I agree that's a risk, but I'm not sure it's in-scope for this document. Perhaps it could be worked in as a source of centralisation -- effectively, externally-induced centralisation. I'll track in: >> https://github.com/mnot/avoiding-internet-centralization/issues/29 > > I see that you resolved this, looked initially at least good. Thanks! > > Jari > > -- Mark Nottingham https://www.mnot.net/
- [arch-d] Review of draft-nottingham-avoiding-inte… Jari Arkko
- Re: [arch-d] Review of draft-nottingham-avoiding-… Mark Nottingham
- Re: [arch-d] Review of draft-nottingham-avoiding-… Jari Arkko
- Re: [arch-d] Review of draft-nottingham-avoiding-… Mark Nottingham
- Re: [arch-d] Review of draft-nottingham-avoiding-… Christian Huitema
- Re: [arch-d] Review of draft-nottingham-avoiding-… Mark Nottingham
- Re: [arch-d] Review of draft-nottingham-avoiding-… Christian Huitema
- Re: [arch-d] Review of draft-nottingham-avoiding-… Phillip Hallam-Baker
- Re: [arch-d] Review of draft-nottingham-avoiding-… Brian E Carpenter