Re: [HR-rt] [regext] [hrpc] Human Rights Review of draft-ietf-regext-verificationcode

Ulrich Wisser <ulrich@wisser.se> Wed, 03 October 2018 15:40 UTC

Return-Path: <ulrich@wisser.se>
X-Original-To: hr-rt@ietfa.amsl.com
Delivered-To: hr-rt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F31913130E for <hr-rt@ietfa.amsl.com>; Wed, 3 Oct 2018 08:40:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wisser.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id edV6yhxX30U6 for <hr-rt@ietfa.amsl.com>; Wed, 3 Oct 2018 08:40:16 -0700 (PDT)
Received: from mail-ua1-x92f.google.com (mail-ua1-x92f.google.com [IPv6:2607:f8b0:4864:20::92f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E85A71312E6 for <hr-rt@irtf.org>; Wed, 3 Oct 2018 08:40:12 -0700 (PDT)
Received: by mail-ua1-x92f.google.com with SMTP id c21so555644uap.7 for <hr-rt@irtf.org>; Wed, 03 Oct 2018 08:40:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wisser.se; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3Ea1l1n0sAfwEvXHB6mhIWw8oRgIW8uakdwkjGG5cEo=; b=03/FbzvltXtS3tARXUXIYNFkNWuoQy+B5wwaQMnZSAI6r26gwTw7BT+AlMP9cpuOVH T3lLi+G3yFHFzT4nZ9zQmuaSQLDoV+/1FtWvPCVdU6Vw4S1/ksMe/Hi6bJAjPAfPGYIe uUTMh5dPbhMcZ1N/R+rKatJFQX+cwxK5URr4ITgzIuTULNs42Owv76JsLkhNppkiRW7s Ot13TF7Ma2cWDhcdow2P1GOHNw2xKDJV54Rhp4t95gIEXXQUBLf2fa2kpQPwq5RMPNRa KnyUNwk0bF61Jvr2k5K4Ioy6ihurRsPxH9PbUKmMd5PXMqv2HyfvvJvKjgxdBQbwe+Xz JUmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3Ea1l1n0sAfwEvXHB6mhIWw8oRgIW8uakdwkjGG5cEo=; b=I+eztVxPiQTd9E9oPYxe5D5O6Kf1zd5Gqp1s07CHUXQDl+ExwtcHAUno8ya+Gq5YND Q0Wp/LF90IpYkWotuumnPpTiH/gq3kYI+RpuVVmlelFo2mdbG7tWCi3wUmcSzlHLqywy YrsAc5NfNl5Ue5+/iTbW8g1JP7mc9TJnspwR1L8OOIV05LyPCcaT5FNakGPPKSZhKWa8 1PV7FF2jXxmUSAnw0tzLExTdYlwgJOPrQDQoLHCr+irjw3etYRJl0Jne46s7PeqSwwO0 2fPfENLGdJ0T9Rsopb+GNG4ufYhgB6+phth5Z+ONS1qL/Q3fFAUJlqsQeJ8upeqZJtaK BWjA==
X-Gm-Message-State: ABuFfoiJRcthHe34Vg7WMbHuRtc42d9RYT/ZZAieJiJ/6df4s7Pyh7I5 AngYgnvie2PMzT9l5R4bH4LO5jBfn3cSMV9UMDKjjQ==
X-Google-Smtp-Source: ACcGV63Bemh8N4oJjLr97b3Y9VJGJBEYl4BoPT3UCZKxWq8ixLEDmB1jloEeCB0fEnvliEJ/JshNaGGB/Hxm7RqZHG8=
X-Received: by 2002:ab0:5e8f:: with SMTP id y15mr817711uag.21.1538581211602; Wed, 03 Oct 2018 08:40:11 -0700 (PDT)
MIME-Version: 1.0
References: <EE368E9F-E08F-4960-BC0D-88B94D66EF02@verisign.com> <20181003134215.GA23633@mir> <321916997.13308.1538579123709@appsuite.open-xchange.com>
In-Reply-To: <321916997.13308.1538579123709@appsuite.open-xchange.com>
From: Ulrich Wisser <ulrich@wisser.se>
Date: Wed, 3 Oct 2018 17:39:59 +0200
Message-ID: <CAJ9-zoUWgntbp-pKguPDvONdomg6Yu01KxNcsGDx2B0RF2=7Vw@mail.gmail.com>
To: Vittorio Bertola <vittorio.bertola@open-xchange.com>
Cc: Niels ten Oever <lists@digitaldissidents.org>, "Gould, James" <jgould=40verisign.com@dmarc.ietf.org>, hr-rt@irtf.org, hrpc@irtf.org, regext@ietf.org, gurshabad@cis-india.org
Content-Type: multipart/alternative; boundary="000000000000937551057754daf1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/hr-rt/1Ro3nLmuKDQmixxrhJiS2JYU7pY>
Subject: Re: [HR-rt] [regext] [hrpc] Human Rights Review of draft-ietf-regext-verificationcode
X-BeenThere: hr-rt@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Human Rights Protocol Considerations Review Team <hr-rt.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hr-rt>, <mailto:hr-rt-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hr-rt/>
List-Post: <mailto:hr-rt@irtf.org>
List-Help: <mailto:hr-rt-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hr-rt>, <mailto:hr-rt-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Oct 2018 15:40:20 -0000

Hi,

I completely agree with Gurshabad assessment. But as others already pointed
out, it is an intended consequence of the extension.
In the context of domain registration, privacy cannot be expected. So my
question is rather, does this extension make the situation worse?

As you were asking for examples. China and Denmark require preregistration
of registrants. Denmark does even require preregistration of hosts. Denmark
has plans to only allow registrations with a Danish electronic id.

In my assessment, a registrant cannot have any expectation of privacy.
And therefore the extension does not worsen the situation for the
registrant.

/Ulrich


Vittorio Bertola <vittorio.bertola@open-xchange.com>; schrieb am Mi., 3.
Okt. 2018 um 17:05 Uhr:

> Il 3 ottobre 2018 alle 15.42 Niels ten Oever < lists@digitaldissidents.org>;
> ha scritto:
>
>
> On Wed, Oct 03, 2018 at 01:14:10PM +0000, Gould, James wrote:
>
> The draft is intended for interoperability and is independent of the
> verification process.
>
>
> I am a bit confused with your reasoning that the verificationcode
> extension has is independent from the implementation of this extension,
> because the extension exists to enable implementation, right? Why else
> would it exist?
>
> The EPP extension takes no position on specific verification processes
> which are a "local matter" for the implementation.
>
> The EPP extension does enable it, so it does have a position on it.
>
> This exchange strikes me because of the discussion that we have been
> having on content tagging on HRPC (Nalini, Barry and I are still working on
> it).
>
> So my question is: is any protocol that supports additional points of
> content control at the national level favouring censorship, and thus
> inherently bad and contrary to human rights?
>
> Or even, if you prefer: is all censorship inherently bad? More
> specifically, if the national government or policy verification authority
> used the proposed EPP extension to block the registration of
> lets-kill-all-the-jews.cctld or child-pornography-for-everyone.cctld, is it
> censoring the Internet, or is it just doing its job on behalf of its
> citizens?
>
> And in that context, shouldn't the right to free expression of the user be
> balanced with the right to cultural and legal sovereignty of that country's
> citizens, which may end up establishing laws which legitimately make some
> content illegal in their country? (not to mention the rights of the people
> that may be harmed by the circulation of certain content)
>
> All in all, and with no offense for the reviewer's laudable efforts, the
> assessment in the review that any local point of control is bad because it
> could be used to harm someone's rights is IMHO too simplistic: it could
> also be used to defend someone else's rights.
>
> Regards,
>
> --
>
> Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
> vittorio.bertola@open-xchange.com
> Office @ Via Treviso 12, 10144 Torino, Italy
>
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext
>
-- 
Ulrich Wisser
ulrich@wisser.se