Re: [hrpc] hrpc Digest, Vol 6, Issue 1
Corinne Cath <cattekwaad@gmail.com> Wed, 04 March 2015 15:19 UTC
Received: from [10.10.12.45] (helo=mx2.greenhost.nl) by mailman.lan with esmtp (Exim 4.72) (envelope-from <cattekwaad@gmail.com>) id 1YTB4x-0004tp-83 for hrpc@article19.io; Wed, 04 Mar 2015 16:19:19 +0100
Received: from mail-wi0-f171.google.com ([209.85.212.171]) by mx2.greenhost.nl with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <cattekwaad@gmail.com>) id 1YTB4m-0007My-5s for hrpc@article19.io; Wed, 04 Mar 2015 16:19:18 +0100
Received: by wiwh11 with SMTP id h11so31359682wiw.1 for <hrpc@article19.io>; Wed, 04 Mar 2015 07:18:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=afpDqqrckKObmTfvwcX2Qxks3mhf7fzL4oW7sZ4845Q=; b=Vl20LuXCkzzVWAZ2A94ZnUgqYt4svvg5dDzFCZ0AK3iFb4jgEwxx5rhgEc/fZQzbdT 1K0R5uehP9mHC5NdCNyDKFNVbkyV88pxwAFk7irpPeXXQYY9I2pGhNqpTgYZeoYUcQKK OurAwjnIhvgpTTpI/6JPzKw6PfPb9gsDPQ0lbCnv9skgsl8W5SO+s15vFiNzhHuyJLUw mTaWHGtIyYGhtOSVYB1tGdYCC8lE9hxJ0VjMXHFVGHgN67gf5CHzVDjQHOWzGaKOGdIl tUwla6w/QklXMcfvPDlC714b1zaRMBerrSomevZw35PuZ4i48h7vNxut4QwlK8670HHr I7QA==
MIME-Version: 1.0
X-Received: by 10.180.14.66 with SMTP id n2mr55363778wic.50.1425482336831; Wed, 04 Mar 2015 07:18:56 -0800 (PST)
Received: by 10.194.133.101 with HTTP; Wed, 4 Mar 2015 07:18:56 -0800 (PST)
In-Reply-To: <mailman.11.1425466806.17664.hrpc@article19.io>
References: <mailman.11.1425466806.17664.hrpc@article19.io>
Date: Wed, 04 Mar 2015 15:18:56 +0000
Message-ID: <CAD499eJr3eRPkmRfQOLSt_kPqzyAoaTLphWsRSBc1kJQ33MeZA@mail.gmail.com>
From: Corinne Cath <cattekwaad@gmail.com>
To: hrpc@article19.io
Content-Type: multipart/alternative; boundary="f46d04138ccd520ded051077f87b"
X-Spam-Level: /
X-Spam-Status: No, score=-0.1 required=5.0 tests=BAYES_50, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=disabled version=3.3.2
X-Spam-Score: -0.1
X-Virus-Scanned: by Greenhost Virus Scanner
X-Scan-Signature: 9a6f6c397fafa093da07ae37c06b7a32
Subject: Re: [hrpc] hrpc Digest, Vol 6, Issue 1
X-BeenThere: hrpc@article19.io
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Human Rights Protocol Consideration Discussion list <hrpc.article19.io>
List-Unsubscribe: <https://lists.ghserv.net/mailman/options/hrpc>, <mailto:hrpc-request@article19.io?subject=unsubscribe>
List-Archive: <http://lists.ghserv.net/pipermail/hrpc>
List-Post: <mailto:hrpc@article19.io>
List-Help: <mailto:hrpc-request@article19.io?subject=help>
List-Subscribe: <https://lists.ghserv.net/mailman/listinfo/hrpc>, <mailto:hrpc-request@article19.io?subject=subscribe>
X-List-Received-Date: Wed, 04 Mar 2015 15:19:19 -0000
Dear all, Just a thought: It's clear that there are privacy considerations w/ standards, and security issues, of course, and those are both human rights issues even though IT privacy and security are not usually framed within a human rights context. However, should we be even more specific in this document of what makes standards development different from any other Internet/IT engineering issues? Users interface with software and hardware more than they do with networking or encryption standards. Why are protocols / standards unique? Or perhaps more relevant, how do we justify our particular focus on them. It's a small thing - but I think it might make the document a little stronger still if we address this issue, because I feel this might be a point of critique brought up at the upcoming meeting. On that same note - I recently booked my flight to Dallas and look forward to meeting everyone who will also be attending. Best, Corinne On Wed, Mar 4, 2015 at 11:00 AM, <hrpc-request@article19.io> wrote: > Send hrpc mailing list submissions to > hrpc@article19.io > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.ghserv.net/mailman/listinfo/hrpc > or, via email, send a message with subject or body 'help' to > hrpc-request@article19.io > > You can reach the person managing the list at > hrpc-owner@article19.io > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of hrpc digest..." > > > Today's Topics: > > 1. new draft text for the ID (Niels ten Oever) > 2. relevant UNESCO draft document (Stephen Farrell) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 03 Mar 2015 14:23:34 +0100 > From: Niels ten Oever <niels@article19.org> > To: "hrpc@article19.io" <hrpc@article19.io> > Subject: [hrpc] new draft text for the ID > Message-ID: <54F5B5D6.4080404@article19.org> > Content-Type: text/plain; charset=utf-8 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Dear all, > > Based on the traffic on this list, some interviews and discussions I > drafted new text for the ID. The additions are to 2. research topic > and 3. Proposal. I pasted the proposed text underneath, happy to discuss. > > The deadline for sending in the ID is the 9th, and since we will also > need to consolidate the comments and put the ID in XML it would be > greatly appreciated if you could comment in the coming days (before > the 7th) so we can still integrate your comments in the ID, but of > course also happy to discuss afterwards and in Dallas. > > Looking forward to your comments, questions and suggestions. > > Best, > > Niels > > PS The original ID can be found here: > https://tools.ietf.org/html/draft-doria-hrpc-proposal-00 > > 2. Research topic > In a manner similar to the work done for RFC 6973 [RFC6973] on Privacy > Consideration Guidelines, the premise of this research is that some > standards and protocols can solidify, enable or threaten human rights, > such as freedom of expression and the right to association and > assembly online. > > RFC 6973 however asserts privacy as a subset of security, and security > aims to solely serve growth of the network and communication: > > Development of security mechanisms is seen as a key factor in the > future growth of the Internet as a motor for international commerce > and communication.[RFC1984] and according to the Danvers Doctrine, > there is an overwhelming consensus in the IETF that the best > security should be used and standardized.[RFC3365]. At the same time: > > The Internet Architecture Board (IAB) and the Internet Engineering > Steering Group (IESG), the bodies which oversee architecture and > standards for the Internet, are concerned by the need for increased > protection of international commercial transactions on the Internet, > and by the need to offer all Internet users an adequate degree of > privacy. [RFC1984] > > This shows that security and privacy are very high on the agenda of > the IETF, but a reason for this, outside of underpinning growth and > trust of the network, is not given. In this research it is argued > that security and privacy are (contributing to) essential human > rights; such as freedom of expression, the right to information, the > right to privacy, and the right to security. > > The Internet aims to be a global network of network that provides > connectivity to all its users, just like the Universal Declaration of > Human Rights provides rights to all citizens. This makes a clear case > that the Internet is not only an enabler of human rights, but that > human rights, lie at the basis of, and is ingrained in, the network. > Furthermore interview will be done with the chair of the Internet > Architecture Board (IAB), members of the Internet Engineering > Steering Group (IESG) and chairs of selected working groups and RFC > authors. > > To start addressing the issue, a mapping exercise analyzing Internet > architecture and protocols features, vis-a-vis possible impact on > human rights needs to be > undertaken. > > [snip, leaving the examples in place] > > 3. Proposal > Mapping the relation between human rights and protocols and > architectures is a new research challenge, which will require a good > amount of cross organizational cooperation to develop a consistent > methodology. While the authors of this first draft are involved in > both human rights advocacy and research on Internet technologies - we > believe that bringing this work into the IRTF would facilitate and > improve this work by bringing human rights experts together with the > community of researchers and developers of Internet standards and > technologies. > > At this point we have created a mailing list where we would like to > encourage discussion of the issue and capture interest of the IRTF > community. A second step would be to create a charter and ask the > IRTF for a Research group to further develop methodology and > investigate Human rights Protocol considerations. > > Assuming that the research produces useful results, the objective > would evolve into the creation of a set of recommended considerations > for the protection of applicable human rights. > > In the analysis of existing RFCs central design and technical > concepts have been found which impact human rights. These concepts > will form the lens for the analysis of RFCs and will be further > described vis a vis their impact on human rights. > > The current working assumption is the following: > > The combination of content agnosticism, connectivity, security (as > defined in RFC 3365) [RFC3365] and privacy (as defined in RFC 6973) > [RFC6973] are the technical principles that underly freedom of > expression on the Internet. > > Privacy and security are defined, so here we focus on concepts that > have not been defined as considerations that are relevant for freedom > of expression. > > This is a non-exhaustive first list of concepts, which definitions > should be improved and further aligned with existing RFCs. > > Connectivity > The Internet is the tool for providing global connectivity conform > RFC1958. Therefore all protocols and standards should aim to improve > connectivity, and not to limit it. > > Distributed > To enable and strengthen connectivity, stability, and sustainability > of the network, protocols and standards should be developed in a way > that they can be implemented in a distributed way, if not, strong > accountability mechanism should be in place. > > Inter-operable > Standards exist to design systems that allow for other systems to > interact freely and openly. > > Reliable > Reliability ensures that a protocol will execute its function > consistently and error resistant as described and function without > unexpected result, also when there is an increase or decrease of > throughput. A system that is reliable will have a documented way to > recover from failure. > > Scalable > Any solution should support growth of the network with more hosts, > users and traffic. And have clear understanding of it's scope and > ideally a proposition how it can be expanded in order to support > greater capacity. > > Stateless / state-full > If possible protocols should be implemented stateless for reliability > and privacy considerations. If not, they should keep as little state > as possible. > > Content agnostic > Protocols should not treat packets/datagrams differently based on > their content. > > Transparent > Protocols should be transparent in what they can do and can not do and > how it is done. Implementation of protocols should advertise it's > policies on data retention for the service and which jurisdiction it > falls under. > > Debugging > A protocol should allow a user to troubleshoot and debug possible > causes of malfunction and loss of reliability. > > Robust, robustness > Protocols should be resistant to errors, involuntary legal or > malicious attempts to disrupt its mode of operations. Protocols > should be developed in a way that there is no (intransparent) kill > switch. There should also be a clear description on how a protocol > recovers from potential failures. > > End user-centric / representing stakeholder rights > As proposed in draft-nottingham-stakeholder-rights-00: > > [QUOTE] > Protocols MUST document relevant primary stakeholders and their > interrelationships. > > [..] > > End-user-facing application protocols MUST prioritise their users > higher than any other stakeholders. > Extensions to existing protocols MUST document how they interact with > the extended protocol's stakeholders. If the extended protocol's > stakeholders are not yet documented, the extension MAY estimate its > impact, in coordination with that protocol's community and the IESG. > The burden of this documentation need not be high; if HTML can do it > in a paragraph, so can most protocols. While it might be appropriate > in a separate document (e.g., a requirements or use cases draft) or > the protocol specification itself, documenting stakeholders in the WG > charter has considerable benefits, since it clarifies their > relationships up-front. > > [/QUOTE] > > > - -- > Niels ten Oever > Head of Digital > > Article 19 > www.article19.org > > PGP fingerprint 8D9F C567 BEE4 A431 56C4 > 678B 08B5 A0F2 636D 68E9 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.12 (GNU/Linux) > > iQEcBAEBAgAGBQJU9bXVAAoJEAi1oPJjbWjpeKEH/3MhfM1yFG2aJf4/8ZBWwQtA > rlb0iVw2mCeA9RsulzgkU7cZC3dh+24PIVsX0DmiaCJtk7YJbCzI8wQtvm8b2aD0 > PnQzRbkCGHxpPKLP+GkuNr2iQCdWQ6YoY68g8up26jHco9DUaTIOw9zGFV4lApu3 > d2/9DvyrF/d2lgO17c9vFVmAoE+wWdlE1CMRV2SDGcbz9Fb9xSntnJ5/+SXkNpQ+ > 24BaCk73xK88mRqvk/HLUO3GCoDd3ytM5KuU0X4hQOoLVWOpyQaVOadtLQbLkNNX > GB1NIalgs8ivK+8PXn4fsbKMCYLR3HcSDIzC/uiICRciznu0G82v49pZYYAVt+Y= > =DKrF > -----END PGP SIGNATURE----- > > > > ------------------------------ > > Message: 2 > Date: Tue, 03 Mar 2015 18:40:17 +0000 > From: Stephen Farrell <stephen.farrell@cs.tcd.ie> > To: "hrpc@article19.io" <hrpc@article19.io> > Subject: [hrpc] relevant UNESCO draft document > Message-ID: <54F60011.9050906@cs.tcd.ie> > Content-Type: text/plain; charset=utf-8 > > > Hiya, > > I'm at a UNESCO conference at the moment [1] and they have a > draft document for which they'd like to get more technical > review. [2] > > I'm not sure to which email address they'd like comments sent > but I'll check tomorrow and send a mail here. You'll not have > read the 96 pages by then most likely though:-) But it's pretty > relevant to this list I think. > > Cheers, > S. > > > [1] http://www.unesco.org/new/en/netconference2015 > [2] > > http://www.unesco.org/new/fileadmin/MULTIMEDIA/HQ/CI/CI/pdf/internet_draft_study.pdf > > > > > ------------------------------ > > _______________________________________________ > hrpc mailing list > hrpc@article19.io > https://lists.ghserv.net/mailman/listinfo/hrpc > > End of hrpc Digest, Vol 6, Issue 1 > ********************************** > -- 'The management of normality is hard work'
- Re: [hrpc] hrpc Digest, Vol 6, Issue 1 Corinne Cath
- [hrpc] Scope (was: Re: hrpc Digest, Vol 6, Issue … Niels ten Oever