IETF Logo Mail Archive

Re: [HT-rt] [arch-d] HR-RT Review of draft-iab-marnew-report-01

Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Fri, 25 May 2018 04:24 UTC

Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: hr-rt@ietfa.amsl.com
Delivered-To: hr-rt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F53512D885 for <hr-rt@ietfa.amsl.com>; Thu, 24 May 2018 21:24:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9WZntx6nz4d7 for <hr-rt@ietfa.amsl.com>; Thu, 24 May 2018 21:23:55 -0700 (PDT)
Received: from mail-yb0-x233.google.com (mail-yb0-x233.google.com [IPv6:2607:f8b0:4002:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7863312D88A for <hr-rt@irtf.org>; Thu, 24 May 2018 21:23:55 -0700 (PDT)
Received: by mail-yb0-x233.google.com with SMTP id p22-v6so1401582yba.13 for <hr-rt@irtf.org>; Thu, 24 May 2018 21:23:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3XumPmNTH7m/Vt5/Gcxhnf81ehxhaTAP/YHnVxxpofQ=; b=JUmVWYlmDxQgjeY3/m8R7iMvQvJNR97oreZ8pPudsGnejRQHufmfg7ZCTPAEDsTYP6 1CBqYBupo0ECWMF8RRXanunkBPqPXqXubZ3lb5pnjsO3aeJxZyZ7IhtKfLOFZ86OnPMK 6CcOjnTxegN0HSxISBrBS2OIwuWqYnyV9UPTaAOKY3RBSHi1JP61H1eKygy85BVpAbWa 7O/fMMhqzRNsAusKKg5tLDQXnOEDxNkZFkBAKOY8rGqX+x6+3EABm9lmvbRgsOHnnKBh ZxNqfxsAMnSCO0Dr05CXVjgQ/CUNOaDlw0WVeNGNe0Usui1Eh4B4QzsdkPwco4Ig+eSl R0mQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3XumPmNTH7m/Vt5/Gcxhnf81ehxhaTAP/YHnVxxpofQ=; b=C9Khp4pWvDT1s1VEGZGQmunVzX0Ovs+DnYUEU9cFNgj2BSEA/p74L7paymNAsy5U1m M+wP+b8n3OBFqpqnQODdez6MwgOwKasqCHsIf79+FC7fAAwLk3Z/Zj0hDYKKv3mDHgRk U14rRHqMZTsW/bOTcDRi3FIUbZVml8fTaZD9kcuvcwHX8tVyzDd1SO5bvj/qQ0UT4ISN e8M4KyENsB9TLxYLIOQZvN/D5UAB9lKdjV7IzflcnTVJfSS1h9IvDp6OTwwwassRkfAE gkYim8ehNTWud58Dufj2VHzxUVjRHdgfT3jsOnsWLxIGvfS592P7RI824s8eWnIp5yLU WeKQ==
X-Gm-Message-State: ALKqPwf2u5FWH/6BxJ4a+z3zWFiHwd9tFRJp228wuonILddKCzz+Rh2n 61wG7Q8t74koIWO3wnyPk4sqYukDWkT45uHof+w=
X-Google-Smtp-Source: AB8JxZpuSZ6KzYC0dBRy1ZEl7TSYaNepkKbS7bpIqq3jTgyThRb78iYlE1pYI/71OnaFE3F0qwlhD2NIoIS4Uca7wKY=
X-Received: by 2002:a25:618f:: with SMTP id v137-v6mr406023ybb.221.1527222234507; Thu, 24 May 2018 21:23:54 -0700 (PDT)
MIME-Version: 1.0
References: <CAG3f7Mgd3yArxLsGdMS6-Ki2GqemtKhTLeHXrD8mqEMnV7CXLg@mail.gmail.com>
In-Reply-To: <CAG3f7Mgd3yArxLsGdMS6-Ki2GqemtKhTLeHXrD8mqEMnV7CXLg@mail.gmail.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Thu, 24 May 2018 23:23:42 -0500
Message-ID: <CAKKJt-fQqjFUsUBYZ9rpYtkfAZ3nnv0c3Jt6S3wR4AEPOdbd0Q@mail.gmail.com>
To: Shivan <shivankaul.1993@gmail.com>
Cc: hr-rt@irtf.org, architecture-discuss@ietf.org, IAB IAB <iab@iab.org>
Content-Type: multipart/alternative; boundary="000000000000c7ee5a056d002298"
Archived-At: <https://mailarchive.ietf.org/arch/msg/hr-rt/E4uXQms8yMkDcJKYEwAueO3aAZM>
Subject: Re: [HT-rt] [arch-d] HR-RT Review of draft-iab-marnew-report-01
X-BeenThere: hr-rt@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Human Rights Protocol Considerations Review Team <hr-rt.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hr-rt>, <mailto:hr-rt-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hr-rt/>
List-Post: <mailto:hr-rt@irtf.org>
List-Help: <mailto:hr-rt-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hr-rt>, <mailto:hr-rt-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 May 2018 04:24:01 -0000

Hi, Amelia and Shivan,

On Wed, May 2, 2018 at 12:12 PM Shivan <shivankaul.1993@gmail.com> wrote:

> This is a review done within the framework of the Human Rights Review
> Team. It was done by Amelia Andersdotter and Shivan Kaul Sahib. The Human
> Rights Review Team aims to implement and improve the guidelines for
> human rights considerations provided in RFC8280, and seek to mitigate
> potentially adverse human rights impacts that IETF and IRTF documents
> might have.
>

An aside - I'm glad we're doing this (and I get to say that as an IESG
member), but I hadn't heard that we would be doing it.

I'm glad this document was picked to review. Thanks for that.

Inline ...


>
> We find the topics addressed during the workshop interesting and look
> forward to following future developments.
>
> ---
>
> Document: draft-iab-marnew-report-01
> <https://datatracker.ietf.org/doc/draft-iab-marnew-report/>
> https://datatracker.ietf.org/doc/draft-iab-marnew-report/
>
> Review:
>
> The Human Rights in Protocols Research Group welcomes the draft report
> from the MaRNEW workshop. In particular, we welcome the efforts to continue
> advancing an encrypted, secure and human rights enabling environment, as
> well as solid assessments of the potential impacts of considered remedies
> to mobile network operator difficulties on the right to privacy of an
> individual.
>
> In this regard, we wish to remind the drafters and the IAB of the inherent
> connection between privacy and freedom of expression. The right to privacy,
> or to one's own personhood, reinforces the freedom of expression and
> freedom of opinion.
>
> Semantic Suggestions
> ===========================
>
> The following sections addresses a few semantic problems in the draft
> report, that were they solved the draft report would be easier to parse
> from both a human rights perspective, and from a business, legal or
> technical perspective.
>
> 1. Abstract, para 2:
>
> Problem: Draft text contains  value judgements on participants'
> presentations that could be avoided.
>
> Solution: Remove the word "honest" in relation to CDN presentations, since
> it may cause readers to assume that other presenters were less forthcoming.
>
> The new paragraph would read
>
>    The group discussed the current Internet encryption trends and
>    deployment issues identified within the IETF, and the privacy needs
>    of users which should be adhered.  Solutions designed around sharing
>    data from the network to the endpoints and vice versa were then
>    discussed as well as analysing whether the current issues experienced
>    on the transport layer are also playing a role here.  Content
>    providers and CDNs gave their views of delivering
>    content with mobile network operators.  Finally, technical responses
>    to regulation was discussed to help the regulated industries relay
>    the issues of impossible to implement or bad-for-privacy technologies
>    back to regulators.
>

I adjusted this to "gave their own views", but, yes.


>
> 2. Section 1, Introduction:
>
> Problem: It is unclear whether the "requirements" referred to imply
> regulatory requirements enforceable by government authorities, or technical
> requirements. Because of the nature of issues discussed during the
> workshop, understanding what sorts of "requirements" are being referred to
> is imperative.
>
> Solution: Specify the nature of the requirements being referred to, or
> remove the reference to requirements.
>
> The new Introduction would read
>
>    Mobile networks have a set of properties which
>    places a large emphasis on sophisticated bandwidth optimization.
>    Encryption is increasing on the Internet which is positive for
>    consumer and business privacy and security.  Many existing mobile
>    bandwidth optimization solutions primarily operate on non-encrypted
>    communications; this can lead to performance issues being amplified
>    on mobile networks.  Encryption on networks will continue to
>    increase; and with this understanding the workshop aimed to
>    understand how we can solve the issues of bandwidth optimization and
>    performance on radio networks in this encrypted world.
>

I used this (with one s/;/,/).

>
> 3. Section 1.1:
>
> Problem: The first paragraph mixes business models with technical
> necessities. The last paragraph in the section Understanding "Bandwidth
> Optimization" refers to regulatory requirements (within the meaning of
> government enforced requirements or legal requirements, cf above) on mobile
> network operators to perform traffic filtering and monitoring.
>
> Solution: It may facilitate understanding of human rights impacts to
> separate technical considerations from business considerations and legal
> considerations. Paragraph 3 ("Many of these functions can continue...")
> could be put as the last paragraph, while Paragraph 1 could be split into a
> technical section and a business model section, followed by a legal section.
>
>
>    For the purposes of this workshop, bandwidth optimization encompasses
>    a variety of technical topics related to traffic engineering,
>    prioritisation, optimisation and efficiency enhancements. It also
> encompasses
>    user-related topics such as specific subscription or billing models,
> and may touch upon regulatory aspects or other issues relating to
> regulatory, within the meaning of government initiated, concerns.
>
>    The first category of bandwidth optimization includes:
>
>    o  Caching
>
>    o  Prioritisation of interactive traffic over background traffic
>
>    o  Per-user bandwidth limit
>
>    The second category of bandwidth optimization may depend on either of
> the first category optimization strategies, but may, in particular, also
> encompass:
>
>    o  Business-related topics such as content delivery arrangements with
>       specific content providers.
>
>    Finally, while not strictly speaking traffic management, some
>    networks employ policy-based filtering (e.g., requested parental
>    controls) and many networks support some form of legal interception
>    functionality per applicable laws.
>
>    Many of these functions can continue as they're performed today, even
>    with more encryption.  Others are using methods which inspect parts
>    of the communication that are encrypted, and these will have to be
>    done differently in an encrypted Internet.
>

I used this structure, and made a few editorial changes that seemed to
clarify the text.

>
>
> 4. Section 4:
>
> Problem: QUIC is an active area of work for the IETF in the transport
> layer - this section barely mentions it, and even then does so vaguely.
> What problems are solved by QUIC that are general problems rather than TCP
> problems? What was the nature of the disagreement around this?
>
> Solution: More detail about how QUIC fits into transport-layer work would
> make this section more relevant. In addition, there has been discussion
> involving network operators around technical details that have potential
> privacy impacts within the QUIC working group (SPIN bit); this section
> would benefit greatly from an examination of that.
>

This topic has grown in interest significantly after the MaRNEW workshop -
the QUIC BOF happened nearly a year later, and formation of the working
group happened a few months after the BOF. We really didn't talk about QUIC
at the workshop, except when people (often from Google) referred to
specific experiences with the proprietary QUIC protocol in discussion.

I look forward to seeing what the next workshop in this space says in its
workshop report ;-) ...


>
>
>
> Human Rights Considerations
> ===========================
>
> Upon consideration of the draft report, no implications for
> internationalization ([RFC8280], sec. 6.2.5), heterogeneity support
> ([RFC8280], sec. 6.2.8), accessibility ([RFC8280], sec. 6.2.11) or
> localization ([RFC8280], sec. 6.2.12) have been found. We will further
> suppose that issues relating to Anonymity ([RFC8280], sec. 6.2.9),
> Pseudonymity ([RFC8280], sec. 6.2.10) and Confidentiality ([RFC8280], sec.
> 6.2.16) have been sufficiently addressed in the draft as is.
>
> In the below text, Security ([RFC8280], sec. 6.2.4), Integrity ([RFC8280],
> sec. 6.2.16) and Authenticity ([RFC8280], sec. 6.2.17) are further
> considered to have been addressed, or as in progress of being addressed by
> the specific endeavours pointed out in the report. As such, this assessment
> hopes to serve as a complement to remaining Human Rights Considerations
> Guidelines which were not addressed by the MaRNEW draft.
>
> ## Privacy ([RFC8280], sec. 6.2.2)
>
> We laud the general emphasis on considering user privacy concerns
> paramount [Section 2.1.1, 2.3 etc].
>
> In Section 3.1.1, para 1, it would be useful to emphasize that middleboxes
> that are "authenticated and invoked explicitly" might not be very effective
> at conserving user privacy if they lead to auto-click through. In practice,
> "opted-in" middleboxes might not be much better than transparent
> middleboxes. Additionally, this poses the danger of making matters worse if
> users assume that because they haven't been asked for middlebox permission,
> they are not going through a middlebox. For users accessing the Internet on
> a browser client: if the connection is MITMed by a middlebox, the browser
> would somehow need to convey this effectively and actionably to the user.
> Whatever effort is expended on this should involve browser vendors.
>

I agree with your point here, but this issue wasn't raised in the workshop
at the time. This is good information to keep in mind as we move forward on
standardization efforts in a post-MaRNEW world.


>
> ## Connectivity ([RFC8280], sec. 6.2..1)
>
> It is a priori obvious that a discussion with mobile network operators
> would touch upon connectivity. As a general comment, the HRPC RG is not
> concerned that encrypted internet traffic could create topological problems
> in network deployment with respect to density of base stations. It is more
> sensible to imagine that the density of base stations is kept low by
> deployers to save money on infrastructure roll-out.
>
> In the MarNEW draft report, middleboxes are brought up frequently as an
> example of infrastructure rendered less useful by the ubiquitous adoption
> of encryption. Middleboxes may enhance access to content for individuals,
> and may also interfere with their ability to enjoy content free of
> surveillance, censorship or content manipulation. The focus of the workshop
> of exploring ways in which encrypted materials can benefit from the same
> speed of deliverance as un-encrypted materials is therefore welcome.
>

I agree, and would say that this is a guiding principle for current
specification efforts in places like the QUIC working group.


>
> ## Content Agnosticism
>
> Traffic prioritisation, whether based on technical or commercial grounds,
> risks interfering with an individual's right to freedom of expression or
> opinion, by restricting access or enjoy content of their own choosing. As
> such, prioritisation should be made explicit and obvious, and subject to
> consent from the individual, whether the motivations for deployment are
> commercial or technical.
>
> It is clear that internet filtering and blocking of content of specific
> types, whether motivated by network management or regulatory concerns, does
> not fulfill a content agnosticism criterion. It is the observation of HRPC
> that [RFC7725] (An HTTP Status Code to Report Legal Obstacles) may assist
> communication of specific filtering and blocking operations in action.
>
> It the the impetus of the Human Rights Guidelines in RFC8280 that content
> agnosticism be respected by protocols developed in the IETF, and in general
> an accepted view in the global human rights community that content
> agnosticism is desirable at all levels of technical infrastructure. As
> such, the HRPC RG is concerned about ideas that traffic be classified
> through additional headers or metadata, identifying traffic via 5-tuples,
> trust models and frameworks, or heuristics.
>

These last points are good things to keep in mind as our specification work
moves forward.

Again, thank you for all of this, and I look forward to considering these
issues more consistently in the future than we were in 2015.

Spencer


>
>
> _______________________________________________
> Architecture-discuss mailing list
> Architecture-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/architecture-discuss
>

v2.23.0 | Report a Bug | By Email