IETF Logo Mail Archive

Re: [hrpc] I-D Action: draft-irtf-hrpc-political-05.txt

Corinne Cath <corinnecath@gmail.com> Mon, 23 September 2019 18:47 UTC

Return-Path: <cattekwaad@gmail.com>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FBFC12082B for <hrpc@ietfa.amsl.com>; Mon, 23 Sep 2019 11:47:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id llCeS5adNMsI for <hrpc@ietfa.amsl.com>; Mon, 23 Sep 2019 11:47:47 -0700 (PDT)
Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA5DC1201C6 for <hrpc@irtf.org>; Mon, 23 Sep 2019 11:47:46 -0700 (PDT)
Received: by mail-qt1-x834.google.com with SMTP id d2so18446349qtr.4 for <hrpc@irtf.org>; Mon, 23 Sep 2019 11:47:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=d4+Chc0LE5e6nRyFjra+esWbHYuF9lyUDgEBwVk0by8=; b=COuyIF0z8x+QeIcEivdDy7PXQsT7Ll9Cqn3HhsPcyrQ92Dnzk2nBLJV5e94vJ8Yb74 NHmfs7EoXFeF/X9Q5BjtqunQApfBZCEsp2lMPquKYnTS2W2hRZbPXXw+OGigy1v2YbSo eJUv4iwym0qJ0twMDbVI1Umelvh0IH7lVpDCsfh50Jry2O1aePA/OZvzpPUv4KJ7MjFh q2welWbjUuK42fcGP8R/co+ATbmwjrOIrSQ1uFcuuUZIifd13N/WGXoYK4dqS/rQfQmm 8hf6jSamijSmcHJOzUl+uftl9v4vK/dPtq3zDymrp43IIlaxcxcdCypJl0BjEQurREKH iH/w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=d4+Chc0LE5e6nRyFjra+esWbHYuF9lyUDgEBwVk0by8=; b=ngyeRrw2i7WQIVIfVNCUICfA6k0InIJ0s64f6QKEtGLTsY6ahBX5ce5n+UEuPUXRTX Ms4V+O0dVwPT+lK8AtsI4J/KfTBc3ESAmp7pXxEKck9HY5S03WXLGtM230HZvO9OJwBJ Wx7VueEKDer/2bGG9cdxh4jN8AnpT6ybV5pqplRewqFwe5Mi9EdRVJSIXqqWAHQwm1PW UjZL0xAX7lGk4ew5Ioh355avzRWHe4U3zVgitiRpP9fQqN6zxSUcvx+Y2z8UVP0IPIvX HGgmChkBIRiz3Qnd0Zt+6QkS0/xaCjFOxFBATR/1PnA+cdMNKx3/+A0wqEOGviLfZl1m hoQA==
X-Gm-Message-State: APjAAAWrDDcE7nZWarZ4y6ofnWEEobPQUVCU+RuFNnBP+jAxaiH9D9Zx 2FmGpy/LSy3NCu7M3rNY7oIdVluC6GeSzD+O2g0=
X-Google-Smtp-Source: APXvYqxLS2zYJORgYl/F+8+l89ze06RagGzfcmCnZm81rlRaKPhGN6r1Aq7Wtrq4WIk9S1p5pgTqXzclQQf0xiWPl34=
X-Received: by 2002:a05:6214:1549:: with SMTP id t9mr686601qvw.68.1569264465664; Mon, 23 Sep 2019 11:47:45 -0700 (PDT)
MIME-Version: 1.0
References: <156882005427.4606.6393818361687491816@ietfa.amsl.com> <a5361cda-994c-27ad-adf7-0aa06d61a8a2@nielstenoever.net> <20190920183918.d7mpxb4jyulfqqwj@anvilwalrusden.com> <CABcZeBPK8h8Bn-vhr6vq9_K9jUAE-ry5iZhLLiwjd15gpEuwHQ@mail.gmail.com> <28d4faab-cb89-34bd-d8bc-525aab96ab66@nielstenoever.net> <CABcZeBPCEiAxksRz6HnErN=eJDho+WYGg28No1YzOZEL1GjYMA@mail.gmail.com> <793367e8-7151-354e-04ca-b472760c6af7@nielstenoever.net> <CABcZeBMT8JC_EQ0zd7nhjnTvPJY0szw+7kY8y=siD32f9vdT7Q@mail.gmail.com>
In-Reply-To: <CABcZeBMT8JC_EQ0zd7nhjnTvPJY0szw+7kY8y=siD32f9vdT7Q@mail.gmail.com>
From: Corinne Cath <corinnecath@gmail.com>
Date: Mon, 23 Sep 2019 21:47:09 +0300
Message-ID: <CAD499eJdLWK0dU-GGRy=_F=xACDP_EdOac2488_b6H4QBF_Raw@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Niels ten Oever <mail@nielstenoever.net>, Hrpc <hrpc@irtf.org>
Content-Type: multipart/alternative; boundary="00000000000008df5d05933cdbe9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/94t31cUbWXboxds-dKBD-6JKRFI>
Subject: Re: [hrpc] I-D Action: draft-irtf-hrpc-political-05.txt
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "mail@nielstenoever.net" <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2019 18:47:53 -0000

Hi,

I think Stephane Couture made an important point: it is important to locate
consensus on the politics of protocols in its respective academic
disciplines and literatures, and have the document reflect that nuance.

Furthermore, having followed this discussion for a while now (about a year
or four) I feel part of the continued disagreement seems to stem from the
fact that people have very different understandings of the word "political"
and "politics". For some it refers to the subtle ways by which protocol
design is influenced by the values/interests/power dynamics between various
folks present in the IETF and to others it refers to capital R or D
conversations among politicians happening outside of the IETF, and yet to
others its definition lies somewhere in the middle of these two.

As Stephane also mentioned - perhaps this document (and perhaps even the
discussion) could benefit from further clarification and state this
conceptual disagreement on what it means for some to have politics to begin
with?

Just my .2,


-- 
Corinne Cath - Speth
Ph.D. Candidate, Oxford Internet Institute & Alan Turing Institute

Web: www.oii.ox.ac.uk/people/corinne-cath
Email: ccath@turing.ac.uk & corinnecath@gmail.com
Twitter: @C_CS


On Mon, Sep 23, 2019 at 7:47 PM Eric Rescorla <ekr@rtfm.com> wrote:

> Hi Niels,
>
> I think we're sort of talking past each other, so I'm going
> to focus on one point, namely the purpose of this document.
>
> Based on this discussion, you seem to be arguing that the
> purpose is to *demonstrate* the political nature of protocols
> and standards:
>
> > >> > I certainly agree that they "can be used"
> > >> > for political means, though any "can" statement is pretty weak.
> > >> >
> > >>
> > >> If we can document *that*, we would have made a lot of progress in
> > >> the IETF imho.
> > >
> > > I don't know anyone disagrees with that.
> >
> > Great. But I meet them at every IETF meeting, and it is brought up
> > very regularly in discussion.
>
>
> However, the draft just asserts that there is agreement on this:
>
>    development process and its outputs, it is generally agreed that
>    standards and protocols are both products of a political process, and
>    they can also be used for political means.  Therefore protocols and
>
> So, which is it, generally agreed or regularly contested?
>
>
> In any case, if the point is to demonstrate that protocols
> can be derived from politically derived processes and that
> they can be used politically, then IMO you are going about
> it entirely the wrong way, which is by using a very expansive
> (and not really that familiar to the people here) definition
> political and then making a strong claim which forces you
> to defend cases that people think are questionable (e.g.,
> NTP or SSLv2).
>
> To the extent to which there is debate about the claims
> that protocols *can* be politically derived and *can* be
> deployed in political ways, the way to go about demonstrating
> that is to focus on the easy cases that are clearly political
> (I've named a number in this discussion). That doesn't require
> going and mining the literature you are citing here, but rather
> requires engaging with the history and use of these protocols.
>
> -Ekr
>
> On Mon, Sep 23, 2019 at 2:32 AM Niels ten Oever <mail@nielstenoever.net>
> wrote:
>
>>
>>
>> On 9/21/19 4:13 PM, Eric Rescorla wrote:
>> >> Niels ten Oever via ietf.org <http://ietf.org>
>> >>
>> >> 6:10 AM (48 minutes ago)
>> >>
>> >> to hrpc
>> >>
>> >>
>> >> On 9/21/19 3:32 AM, Eric Rescorla wrote:
>> >> >    Whereas there might not be agreement among the Internet protocol
>> >> >    community on the specific political nature of the technological
>> >> >    development process and its outputs, it is generally agreed that
>> >> >    standards and protocols are both products of a political process,
>> and
>> >> >    they can also be used for political means.
>> >> >
>> >> > I would like to register my agrement with Andrew and focus in on this
>> >> > one point: there are many protocols (in fact, by count probably most
>> >> > protocols) which are just designed by proprietary organizations.
>> It's
>> >> > not clear on what basis you are claiming that they are the output of
>> >> > political processes and this certainly doesn't seem like something
>> >> > that's generally agreed.
>> >>
>> >> Aren't proprietary standards, and the way they make it possible and
>> >> impossible to do certain things, a prime example of a political
>> >> process and political impact?
>> >
>> > Well, I don't think without stretching the term "political" outside
>> > of the point where saying something is political is trivial, no,
>> > I don't think so.
>> >
>> > Again, let's take the example of SSL, which was designed by Netscape
>> > for its own market purposes and became a de facto standard because
>> > Netscape had the dominant browser and people wanted to interoperate
>> > with it. What's poltical about that process?
>> >
>> >
>>
>> There are several political aspects about this, we had for instance text
>> in a previous version that read about dominance and de facto standards:
>>
>>    Within economy studies, _de facto_ standards arise in market
>>    situations where one entity is particularly dominant; downstream
>>    competitors are therefore tied to the dominant entity's technological
>>    solutions [Ahlborn].  Under EU anti-trust law, _de facto_ standards
>>    have been found to restrict competition for downstream services in PC
>>    software products [CJEU2007], as well as downstream services
>>    dependent on health information [CJEU2004].
>>
>> Another interesting aspect that SSL introduced were of course certificate
>> authorities, that served as trust anchors, which is ultimately defining
>> trusted authorities.
>>
>> SSLv2 was introduced as open standard (while v1 was not), which of course
>> was also quite a change, I reckon I don't need to elaborate on the politics
>> of licensing in this audience.
>>
>> >
>> >> > I certainly agree that they "can be used"
>> >> > for political means, though any "can" statement is pretty weak.
>> >> >
>> >>
>> >> If we can document *that*, we would have made a lot of progress in
>> >> the IETF imho.
>> >
>> > I don't know anyone disagrees with that.
>>
>> Great. But I meet them at every IETF meeting, and it is brought up very
>> regularly in discussion.
>>
>> > But in any case, demonstrating
>> > that doesn't require hauling in the theoretical apparatus you
>> > are trying to deploy here, but rather requires *history*. I.e.,
>> > demonstrate that the process of developing some set of standards
>> > involved the political process of balancing the objectives of
>> > the various stakeholders, finding compromise, etc. Given that
>> > every IETF standards development process I have ever been involved in
>> > has had some of this, that doesn't seem hard. As a non-IETF example
>> > "The Box", a history of the shipping container, has a nice description
>> > of the standardization of that technology.
>> > >
>> >> > This is even true at some level for many standards, especially
>> >> > because your definition of "standard" is so expansive:
>> >> >
>> >> >    Standards  'A standard is an agreed-upon way of doing something or
>> >> >       measuring something.'  [Sisson]
>> >> >
>> >> > By this definition I think it would be pretty hard to argue that
>> >> > SSLv2,  and SSLv3 weren't standards given their wide use, even
>> >> > though they were just designed by people at one company.
>> >>
>> >> I don't see how that definition would make that impossible.
>> >
>> > I'm not sure I understand your response here. Are you saying that
>> > protocols defined by one company and that then achieve wide use
>> > are standards, or they are not?
>> >
>>
>> SSLv2 and SSLv3 were standards because people agreed that they were the
>> standard? For something to be a standard it does not need to be a formal
>> process to accept them as such.
>>
>> >> > Another
>> >> > example would be the Philips screwdriver head. What's the political
>> >> > process that produced these?
>> >> >
>> >> >
>> >>
>> >> The patenting of process by Henry F. Philips, the regimes under
>> >> which is was patented, its competition with other screw heads (torx,
>> >> etc). There is an enormous amount of politics, and societal ordering
>> >> connected with screws.
>> >
>> > Again, this just seems to serve to make the definition of "political"
>> > meaningless. By this definition, what human commercial activity
>> > would *not* be political, as it all occurs against a political
>> > backdrop.
>> >
>>
>> A transaction can be political, but of course does not need to be.
>> (Trans)action, such as standards, that change the market, are political
>> activities.
>>
>>
>> >
>> >> > More generally, it seems like depending on how one interprets the
>> >> > major claims in this document, they are either too strong (all
>> >> > protocol and standards development is political)
>> >>
>> >> Why is that too strong?
>> >
>> > For the reasons I indicated above: I don't think the development
>> > of many protocols, especially the small ones which get use internally
>> > as in, for instance, mobile apps, is generally political, And sometimes
>> > becoome standards and that's not necessarily political either.
>> >
>> >
>> >> > or trivial (some
>> >> > protocol and standards development is political). The first is too
>> >> > strong for the reasons I indicate above,
>> >>
>> >> I don't think so, but I am happy to discuss.
>> >>
>> >> and the second seems pretty
>> >> > obvious and doesn't really need much theorizing;
>> >>
>> >> As said, I think it would be very useful if we would document this,
>> >> so we don't need to repeat the discussion.
>> >
>> > Well, I'm not sure it matters if we repeat this discussion or
>> > even come to a conclusion on it. What's at stake in the answer?
>> >
>> > But, again, if you want to demonstrate that standards development
>> > can be political -- which, as I said, is a rather weak claim --
>> > then I would discard this document and instead focus on documenting
>> > the history of the development of some protocols that was clealr
>> > political.
>> >
>> >
>>
>> As you know, what this draft meant to do, is to document a discussion so
>> it doesn't need to be repeated in the study of every different protocol.
>>
>> We could paste in a lot of examples here, for instance some of the review
>> of the human rights review team. But the discussion in 4.5 might be enough?
>>
>> >>
>> >> > one needs just point
>> >> > to the development of some protocol which was a political process,
>> and
>> >> > it seems like that's been pretty amply documented for a number of
>> >> > protocols/standards (e.g., HTTP/2 or TLS 1.0).
>> >> >
>> >> > As I noted above, the claim that protocols can be used for political
>> >> > means also seems relatively obvious (cf. Tor).
>> >>
>> >> I am happy to conclude that we agree on the two statements:
>> >>
>> >> - some protocol and standards development is political
>> >>
>> >> and
>> >>
>> >> - protocols can be used for political means
>> >
>> > Well, I don't think this document demonstrates that, it's just
>> > conclusory.  To the extent to which we think these statements are
>> > actually in debate and need demonstrating, then I would, as I said,
>> > focus on demonstrating them with reference to actual standards
>> > rather than by referring to other people's views about these
>> > statements. I would think 3-5 of each of these should be sufficient
>> > (though of course logically one alone is sufficient to prove
>> > existence, but several is more convincing)
>> >
>>
>> Again, the document seeks to document existing positions in the community
>> and provide background in existing literature on the topic, that could then
>> be a platform for further work.
>>
>> For instance on specific drafts, and or specific tendencies (based on
>> case studies, quantitative models, etc).
>>
>> Best,
>>
>> Niels
>>
>>
>>
>>
>>
>> >
>> >> That's progress for me in this discussion. Now let's see if we can
>> >> further flesh out:
>> >>
>> >> - all protocol and standards development is political
>> >
>> > I think what would help at this point that would be for you to
>> > describe some commercial activities that you think are *not*
>> > political.
>> >
>> > -Ekr
>> >
>> >
>>
>> --
>> Niels ten Oever
>> Researcher and PhD Candidate
>> DATACTIVE Research Group
>> University of Amsterdam
>>
>> PGP fingerprint    2458 0B70 5C4A FD8A 9488
>>                    643A 0ED8 3F3A 468A C8B3
>>
> _______________________________________________
> hrpc mailing list
> hrpc@irtf.org
> https://www.irtf.org/mailman/listinfo/hrpc
>


-- 
Corinne Cath - Speth
Ph.D. Candidate, Oxford Internet Institute & Alan Turing Institute

Web: www.oii.ox.ac.uk/people/corinne-cath
Email: ccath@turing.ac.uk & corinnecath@gmail.com
Twitter: @C_CS

v2.23.0 | Report a Bug | By Email