[arch-d] IAB statement on "Avoiding Unintended Harm to Internet Infrastructure"
Vittorio Bertola <vittorio.bertola@open-xchange.com> Mon, 09 September 2019 15:26 UTC
Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 448ED1201EA for <architecture-discuss@ietfa.amsl.com>; Mon, 9 Sep 2019 08:26:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xA9mIeMv_oBr for <architecture-discuss@ietfa.amsl.com>; Mon, 9 Sep 2019 08:25:58 -0700 (PDT)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EA23120819 for <Architecture-discuss@ietf.org>; Mon, 9 Sep 2019 08:25:51 -0700 (PDT)
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx4.open-xchange.com (Postfix) with ESMTPS id 883206A262 for <Architecture-discuss@ietf.org>; Mon, 9 Sep 2019 17:25:47 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1568042747; bh=EHa2PykbQGmdAEcyqtgi9v6ICyWFo9XiIqHIqhYcPJ4=; h=Date:From:Reply-To:To:Subject:From; b=ihOoT3AAZP9okgegyoA++eegOBVJViy29XAmXcNKGdEt1fbFRnuO0a7n68UjwGR0h VAZorY/8oDD59W/x9ahNIYuNI92soc9KZl6gS76ynGFJUfa95Zs7Jr9aJvBCVpVG3e QnMPObrolM+KTAPnvaUM0Lx6RTXwjYJ9eSR+bjWAy2YSsgsNJuyLygly9ZjoC0d3SQ GGt1cza6J4KHnnXNrXv2yDvzDtXHkNrdDmB5OglRAiuKr660kkSyE6c0++U/vpy5W3 0bfbKa3+jrrfw+PF0L2KBScZM5WIXIPZl1f+/i1dGqS10dAhp0fo8BSw01lPqgtTsw 6PaBylVd9nNtQ==
Received: from appsuite-gw2.open-xchange.com (appsuite-gw2.open-xchange.com [10.20.28.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id 7DBBB3C0191 for <Architecture-discuss@ietf.org>; Mon, 9 Sep 2019 17:25:47 +0200 (CEST)
Date: Mon, 09 Sep 2019 17:25:47 +0200
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
Reply-To: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: "Architecture-discuss@ietf.org" <Architecture-discuss@ietf.org>
Message-ID: <1690075590.4837.1568042747417@appsuite-gw2.open-xchange.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.2-Rev12
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/yZzU3COA1IFeGT3O6BH9IdX6DQQ>
Subject: [arch-d] IAB statement on "Avoiding Unintended Harm to Internet Infrastructure"
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2019 15:26:00 -0000
Hello, after a brief discussion on ietf@ietf.org, it was suggested that this is the appropriate list to discuss the recent IAB statement on "Avoiding Unintended Harm to Internet Infrastructure" ( https://www.iab.org/documents/correspondence-reports-documents/2019-2/avoiding-unintended-harm-to-internet-infrastructure/ ) - if not, please redirect me to the appropriate place. It is unclear to me what prompted the IAB to release this statement at this point in time, so possibly I miss parts of the picture. Also I do not know if it has been discussed with the community and where. Still, I found it surprising in several points, and confusing in others. In the DNS section, it is disheartening to read the IAB stating that "[a DNS resolver] returning the wrong (or no) address breaks the trust that users have in this infrastructure", after having spent months on the ADD list and elsewhere to explain that there are indeed lots of use cases in which users expect, or even actively request, that their resolver applies filters to the responses. In some cases it is actually the opposite - if I acquire a DNS-based service to prevent any accidental connection to malware-infected websites and then I get malware, that's when I lose trust in my DNS resolver; same for parental controls. More generally, the entire document sounds like a claim that the Internet's infrastructure and those who run it need to be exempt from cooperation with law enforcement activities, and totally unregulated. However, there is some incoherence between the considerations in most of the text and the final recommendations. For example, the second bullet in the recommendations asks to exempt *communication* between network operators/DNS operators/PKI vendors from any law enforcement requirements, i.e. "do not break encryption". However, the main text argues against other possible requests from law enforcement, such as CAs being asked to "issue a certificate improperly", or network operators redirecting traffic to law enforcement agencies. These practices are not related to communication between network operators, but to the actions of each single operator, so it is unclear whether the IAB in the end recommends against them or not; in the recommendations, it then mentions "endpoint-focused interventions" only to suggest that those who are subject to them should be listed explicitly in the regulation (which, by the way, is not how a law can work). Similarly, the section titled "Impact on Internet evolution" seems to argue against regulation of the Internet, but in the final section there is no recommendation against regulation, just a request to involve all stakeholders when discussing it. It would be nice if we could understand better what is the objective that the IAB wants to achieve with this statement and what does it actually recommend, before commenting further. Thanks, -- Vittorio Bertola | Head of Policy & Innovation, Open-Xchange vittorio.bertola@open-xchange.com Office @ Via Treviso 12, 10144 Torino, Italy
- [arch-d] IAB statement on "Avoiding Unintended Ha… Vittorio Bertola
- Re: [arch-d] IAB statement on "Avoiding Unintende… Andrew Campling
- Re: [arch-d] IAB statement on "Avoiding Unintende… Paul Ebersman
- Re: [arch-d] IAB statement on "Avoiding Unintende… Mark Nottingham
- Re: [arch-d] IAB statement on "Avoiding Unintende… Stephen Farrell
- Re: [arch-d] IAB statement on "Avoiding Unintende… Paul Ebersman
- Re: [arch-d] IAB statement on "Avoiding Unintende… Brian Trammell (IETF)
- Re: [arch-d] IAB statement on "Avoiding Unintende… S Moonesamy
- Re: [arch-d] IAB statement on "Avoiding Unintende… Brian Trammell (IETF)