Re: [hrpc] review of draft-irtf-hrpc-research-00

[Mallory Knodel <mallory@apc.org>]

Great, Niels, I'll continue to send my edits via pull requests. At the
moment, I'm working on a fork via the apcorg Github user.

-Mallory

On 10/10/16 12:24 PM, Niels ten Oever wrote:
> Hi Mallory,
>
> Reviews and proposed edits (in the form of suggestions here on the list
> and/or as pull request), are very welcome!
>
> If you want to focus on the abstract and the introduction that would be
> great, but of course feel free to look at other sections as well.
>
> The latest version can always be found here:
>
> https://github.com/nllz/IRTF-HRPC/blob/master/draft-research.md
>
> Which is currently the same as:
>
> https://tools.ietf.org/html/draft-irtf-hrpc-research-01
>
> Best,
>
> Niels
>
> Niels ten Oever
> Head of Digital
>
> Article 19
> www.article19.org
>
> PGP fingerprint    8D9F C567 BEE4 A431 56C4
>                    678B 08B5 A0F2 636D 68E9
>
> On 10/10/2016 09:27 AM, Mallory Knodel wrote:
>> Hi all
>>
>> I have started to edit via git but perhaps that's no longer helpful at
>> this stage? I was focussed on the abstract and introductions as those,
>> at a minimum, should have strong logical arguments that draw the reader
>> into the longer paper.
>>
>> I also fully agree with Stephen about the DDoS section and if nothing
>> else would be happy to proceed with working on this.
>>
>> However, fully aware that work needs to progress and without having been
>> able to comment up to now I'd like feedback on where in the text my
>> edits could be most useful.
>>
>> -Mallory
>>
>> On 09/10/16 07:31 PM, Niels ten Oever wrote:
>>> Hi Stephen,
>>>
>>> Thanks so much for this extremely thorough review. We've responded to
>>> all your comments and offered some solutions or at least some arguments
>>> why we did not think it was a problem. Responses inline, and a new
>>> version can be found here:
>>>
>>> https://tools.ietf.org/html/draft-irtf-hrpc-research-01
>>>
>>> On 09/22/2016 02:33 PM, Stephen Farrell wrote:
>>>> Hiya,
>>>>
>>>> I spent a bit of time reviewing this finally.
>>> We also spent a bit of time coming up with a reply, sorry if it took
>>> longer than expected (and announced).
>>>
>>>> Overall, I think this is a fine piece of work and I look
>>>> forward to it becoming an RFC. I don't think it's nearly ready
>>>> yet though, there's a lot to fix. (But see #1 below for a
>>>> suggested short-cut.)
>>>>
>>>> Cheers,
>>>> S.
>>>>
>>>> General, and, I think, important to handle...
>>>>
>>>> (1) What kind of consensus are we aiming for here?
>>>>
>>>> I'm not sure if this would be better off aiming to be a
>>>> document that has RG consensus or not. There's a lot of fine
>>>> text here, but there's also quite a few instances of text for
>>>> which I think it may be quite hard to establish RG consensus,
>>>> and where that may take some time and draft iterations.
>>>> (You'll see some examples in my specific conments.) Clearly,
>>>> processing the document aiming for RG consensus is an option,
>>>> and maybe the default option, but I wondered if it'd also be an
>>>> option to proceed more quickly with this documenting the
>>>> author's research and opinions/conclusions (and not necessarily
>>>> RG consensus) and to then later try to extract an updated
>>>> version of the guidlines/questionnaire into a separate RFC
>>>> aiming for RG consensus. I'm not arguing strongly for that
>>>> latter plan but just wanted to ask in case it helps the RG (and
>>>> Avri who I guess will have the fun of figuring this out:-).
>>>>
>>> Up to now we have been able to reach consensus on all points, so let's
>>> not lower the bar!
>>>
>>>> (2) Length and structure for protocol developers.
>>>>
>>>> I think this is too long to be very useful for protocol
>>>> developers.  I doubt many of them will wade through 40+ pages
>>>> to get to the bit that's really aimed at them. (And which
>>>> pretty much needs a total re-write.) The plan mentioned in #1
>>>> might help there I guess but another idea might be to move
>>>> section 5.3.2 to the front and make a lot of the rest of the
>>>> text into subsequent explanatory material and/or appendices.
>>>>
>>> I think this is actually quite an apt description of the research as it
>>> has been done. After we managed to get this into a document I think it
>>> would be great to come up with next steps for 5.3.2, such as bringing it
>>> into the IETF.
>>>
>>>
>>>> (3) What architecture do you mean?
>>>>
>>>> There are 25 lines that mention the term architecture in the
>>>> draft and I'm not at all sure the term is used to mean the same
>>>> thing throughout.  I'm also not sure that there is an accepted
>>>> thing that is "the one true Internet architecture" that has
>>>> IETF consensus but you seem to me to be assuming that there is
>>>> such a beast. Is this just a language issue or a deep(er)
>>>> problem?  I'm not sure, but eliminating references to the
>>>> Internet architecture where possible would I think help.  See
>>>> some of the specific comments below, but I'd recommend a pass
>>>> over the document to check how this term is used as well.  (To
>>>> try head off some lines of debate that might follow from this
>>>> comment, I do think there are aspects of Internet architecture
>>>> for which we do have IETF consensus, but I don't think the IETF
>>>> has consensus on any one way in which to put all those together
>>>> into something that'd be rightly termed the (or an) Internet
>>>> architecture. I think RFC1958 section 2.1 supports that
>>>> position btw.)
>>>>
>>> Thank you for pointing this out. By architecture, in this text, we are
>>> referring to the technical functioning of the Internet – as it pertains
>>> to the remit of the IETF. Would it be better if the first mention of the
>>> word architecture came with the following clarification: ‘Internet
>>> architecture is a catch-all phrase. In order to ensure it does not ring
>>> hollow we want to clarify what we mean by this term. Our definition is
>>> partly based on the consensus understanding of the term architecture as
>>> laid out in RFC RFC1958 section 2.1, which states: ‘Many members of the
>>> Internet community would argue that there is no architecture, but only a
>>> tradition, which was not written down for  the first 25 years (or at
>>> least not by the IAB).  However, in very general terms, the community
>>> believes that the goal is connectivity, the tool is the Internet
>>> Protocol, and the intelligence is end-to-end rather than hidden in the
>>> network. The current exponential growth of the network seems to show
>>> that connectivity is its own reward, and is more valuable than any
>>> individual application such as mail or the World-Wide Web.  This
>>> connectivity requires technical cooperation between service providers,
>>> and flourishes in the increasingly liberal and competitive commercial
>>> telecommunications environment. The key to global connectivity is the
>>> inter-networking layer.  The key to exploiting this layer over diverse
>>> hardware providing global connectivity is the "end to end argument’.
>>> Building on RFC1958 we hold that the word architecture, in the context
>>> of the IETF, refers to all the protocols, procedures, processes and
>>> their accompanying people and politics that go into ensuring the
>>> Internet remains a medium for unfettered global connectivity.’ Would
>>> such a definition clarify our use of the word architecture sufficiently?
>>>
>>> Additionally, we would like to push back a bit against the argument that
>>> because there is no consensus in the IETF on what the term architecture
>>> means, we cannot use it in the text. The IRTF should be the space where
>>> we can push the boundaries on that discussion, bringing in definitions
>>> from academia as we do in the text by referring to amongst others the
>>> work of Prof. Denardis and Prof. Bowker on architecture.
>>>
>>>
>>>> (4) What does "=" mean here?
>>>>
>>>> In section 2 and later (in 5.2.2) you have diagrams with
>>>> bracketed terms on the left, then "=" and then another term on
>>>> the right. I just don't get what you mean by that "=" sign. You
>>>> say "combine" and "makes up" but frankly I don't get it, even
>>>> though I was in some of the meetings where those pictures were
>>>> presented.  E.g. in section 2, I don't get how to combine
>>>> authenticity and anonymity in any useful sense, as those are
>>>> mostly in conflict.
>>> The easy answer, which will probably will not be enough for you, would
>>> be: depends on the usecase. If we for instance take the example of TLS
>>> for .onion websites, there the security model includes anonymity as well
>>> as authenticity.
>>>
>>> I think it can easily be argued than in many models of security, privacy
>>> and anonymity play a role, in others anonymity may be less important.
>>>
>>> To reflect this I changed the text to:
>>>
>>> A combination of reliability, confidentiality, integrity, anonymity, and
>>> authenticity is what makes up security on the Internet.
>>>
>>> I also changed the '=' in to an '⇒'
>>>
>>>
>>>> And the 2nd picture in section 2 has
>>>> connectivity on the RHS, which you defined as being an "extent"
>>>> and none of the things on the LHS seem to reflect that at all.
>>>> While those pictures may well have been ok for use in
>>>> presentations, I'm less happy that they're useful in an RFC.
>>>> So, what does "=" mean? Can you actually define that relation?
>>>> (Apologies if I'm being all "techie" and anal here, but I
>>>> really don't get it, honest;-)
>>> Where it come to the definition of rights in 5.2.2 the relation between
>>> the LHS and the RHS should be 'contribute to an enabling environment
>>> for', so I replaced the '=' with '⇒' and added an explanation.
>>>
>>>
>>>
>>>> (5) The DDoS discussion is still wrong.
>>>>
>>>> I think the discussion of DDoS in section 5.2.11 (see below for
>>>> specifics) is not good enough and that section needs to be
>>>> re-written or mostly deleted. (Not all list discussions need to
>>>> end up with a section in the document.) It may be the case that
>>>> what is needed is some discussion of forms of protest using the
>>>> Internet, but that I think would better be the topic for
>>>> another document, if soeone has the energy/interest. (That
>>>> could be interesting too!) For this document, if it is aimed at
>>>> the IETF audience, the current text is not useful as it ends up
>>>> as a (controversial) NOOP - "don't enable DoS" is already in
>>>> RFC3552 since 2003.
>>>>
>>> The scope of this document is _very_ different from RFC3552. It analysis
>>> a case of technology and it's impact human rights. So, it has a
>>> completely different role from RFC3552, even though the conclusions are
>>> largely the same.
>>>
>>>
>>>> (6) The questionnaire is not good enough.
>>>>
>>>> 5.3.2.x.y: Please go through these questions yourself (for some
>>>> protocol) and write down answers and see then what you think of
>>>> the questions.  I think a number of these questions will not
>>>> produce meaningful answers in any real attempt at using them.
>>>> I also think that someone who is not an author and who is
>>>> developing a new protocol needs to have gone through the
>>>> exercise at least once before we should publish this document
>>>> as any RFC. It is far too easy to ask unanswerable or
>>>> non-useful questions otherwise.
>>>>
>>> We have had four people who did an exhaustive roadtest of the
>>> questionnaire and used it on their draft in development. They presented
>>> the outcomes at the session in Berlin and were also posted to the list.
>>>
>>>> (7) Missing introductory text.
>>>>
>>>> I think there's a missing bit of explanatory text about rights
>>>> in general that'd help some more IETF-oriented readers.  As I
>>>> understand it, in HR all rights are contingent in the sense
>>>> that governments are expected to balance competing rights in
>>>> all cases. So e.g. even though we have a right to life,
>>>> governments can legislate for capital punishment and still
>>>> consider themselves signed up to the UDHR. I think this is
>>>> worth noting, as for example, it means that we do not
>>>> necessarily want to enshrine all the fine concepts on which the
>>>> IETF has consensus as human rights, in particular, claiming
>>>> that one had a right to encrypt could as a side-effect allow
>>>> some governments to claim that they had a right to limit one's
>>>> knowledge of mathematics, if that is claimed to compete with
>>>> other rights (e.g. to safety). I'm not sure if this is the
>>>> right HRPC document to capture that, but it was a surprise for
>>>> me when I first found that out, so it may be worth adding a bit
>>>> of text explaining basic rights concepts like that here or
>>>> somewhere else.
>>>>
>>> The concept of balancing rights is not an easy one and there is also no
>>> consensus in the law community about how this should be done. There are
>>> many scholarly papers written about this, and I would large go with the
>>> approach in the UN Guiding Principles for Business and Human Rights. So
>>> I would offer the following text:
>>>
>>>     Human rights can be in conflict with each other, such as the right
>>> to freedom of expression and the right to privacy. In such as case the
>>> different affected rights need to be balanced. In order to do this it is
>>> crucial that the rights impacts are clearly documented in order to
>>> mitigate the potential harm in a proportional way. Making that process
>>> tangible and practical for protocol developers is what this research
>>> aims to ultimately contribute to.
>>>
>>>> Specific comments (without reference to importance:-)
>>>>
>>>> Note: I'm not quite sure why, but I read this through and
>>>> commented as if it were a PhD thesis, which is a bit more
>>>> stringent that e.g. IESG evaluation. Apologies if that seems
>>>> like nitpicking, but I think given the possibly political
>>>> (ab)uses to which this RFC could be put, and since we might
>>>> effectively kill the impact of the RG if we do this first RFC
>>>> badly, we might be better off to take that approach. I'm
>>>> willing to believe that I'm being too nit-picky though:-)
>>>>
>>> Does this mean that if we answer all these questions to your
>>> satisfaction we'll get a PhD ?
>>>
>>>> abstract: These ought not have references and I think is too
>>>> long.  I'd suggest keeping the 2nd para (minus the reference)
>>>> and move the rest to the intro.
>>> Proposal accepted
>>>
>>>> intro, p3: How do you know that "open, secure and reliable" are
>>>> necessary conditions here? I think you're likely correct, but
>>>> I'm not sure that claim is justified in the document or in the
>>>> references.
>>> Reference added (to FOC Talinn agenda)
>>>
>>>> intro, p3: "The Internet aims to be a global network of
>>>> networks that provides unfettered connectivity to all users at
>>>> all times and for any content [RFC1958]. " The "aims to be"
>>>> there seems odd, and I don't see where 1958 says "at all times"
>>>> which seems to me overstated.
>>> Changed it into:
>>>     The purpose of the Internet to be a global network of networks that
>>> provides unfettered connectivity to all users and for any content
>>> {{RFC1958}}
>>>
>>>> intro, p3: "One could even argue that the Internet is not only
>>>> an enabler of human rights, but that human rights lie at the
>>>> basis of, and are ingrained in, the architecture of the
>>>> network." Sure one could argue that but is that claimed as an
>>>> RG consensus? And you're assuming that there is one true
>>>> Internet architecture there I think, which is problematic.
>>>>
>>> Although there has been a lot of discussion on the extend to which human
>>> rights were at the top of the minds of the people developing it, the
>>> technical principles like end-to-end, decentralization etc which were
>>> priorities for the initial developers overlap sufficiently with human
>>> rights like freedom of speech and access to information to make this
>>> argument stick. It might have been a happy accident, but few in the RG
>>> have disputed that - when looking at it from this perspective - human
>>> rights are not intrinsically weaved through the structure of the
>>> network. We have specified our definition of Internet architecture to
>>> mitigate your concerns there.
>>>
>>>
>>>> intro, p3: "By doing so, the IETF enabled the manifestation of
>>>> the right to privacy, through the Internet's architecture." I
>>>> think this shows a misconception of the IETF's role, at least
>>>> as I see it. I don't believe that the IETF controls the
>>>> Internet's architecture in the sense implied here. If you'd
>>>> said "through it's protocol design processes" at the end
>>>> instead, then I think that'd be better. And saying "Enabled"
>>>> makes it sound like a done-deal and we can all go home, which
>>>> strikes me as pretty optimistic;-)
>>> A little wish-fullthinking never hurt anyone I guess ;-) Incorporated
>>> your suggestion at the end of the sentence  and changed 'enabled' to
>>> 'allowed' for.
>>>
>>>> intro, p3, "Openness of communications of the technical design"
>>>> what does that mean? And how does it "foster freedom of
>>>> communication"?  I don't get the argument here.
>>> We mean to say here that the nature of the Internet was fundamentally
>>> open. People could just show up and hack away. Have changed the sentence
>>> to read: The open nature of the initial technical design (open
>>> standards, open source, etc) fostered freedom of communication as a core
>>> value, everyone could join and everyone could submit code. Hope that
>>> clarifies a bit. This was done to show that today's Internet is more
>>> closed. Closed standards (and standards bodies) walled garden
>>> applications etc.
>>>> intro, p3, "galvanize" is overstated and the IETF doesn't
>>>> "ensure" what happens in the network, but only in the protocols
>>>> we define - what implementers and operators do with that is
>>>> really up to them and not the IETF. That's an important
>>>> distinction that's mixed up in a few places in the document,
>>>> including in the next sentence - if the IRTF produces this RFC,
>>>> that's great and will help to ensure better realisation of HR
>>>> issues, but the existence of the RFC itself will not ensure
>>>> anything.
>>>>
>>> Have changed the words ensuring and galvanizing for the word encourage.
>>> And changed the word encourage in the second sentence to the word
>>> facilitate. I understand that the IETF/IRTF does not ensure anything.
>>> But to tone the language down all through the document would take away
>>> from the fact that the IETF/IRTF does have a substantial role in setting
>>> the standard (no pun intended) for what they think the network should
>>> look like, irrespective of what implementers and operators end up doing.
>>>
>>>> section 2: "unfettered" - while I myself do like that term, I
>>>> think following the approach from RFC 4084 which you quote here
>>>> would be a good general approach for this entire document.
>>>> 4084 section 1.2 says that it intentionally avoide pejorative
>>>> terms so as to increase the likelihood that operators will pay
>>>> attention. I think following that guidance in this document
>>>> would be good. Most of the text is actually fine in this
>>>> respect, but an editing pass based on a review from some (as
>>>> yet uninvolved) protocol developers would be a good thing.  For
>>>> example, some of the references to companies and products later
>>>> on might raise hackles in a way that'd be counter productive.
>>>> Anyway, 4084 does not use the term unfettered at all so better
>>>> to not say that here.
>>>>
>>> OK - removed 'unfettered'.
>>>
>>>> section 2, and elsewhere: I think the use of the term anonymity
>>>> is wrong in almost all cases in this document.
>>> Interesting. Happy to fix, but would be great if you could give me a bit
>>> more to work with.
>>>
>>>> While it is the
>>>> case that users (and non-technical folk in general, including
>>>> law makers) may talk about anonymity, I think there are few to
>>>> zero technical folks who think that anonymity is achievable at
>>>> any scale today.
>>> Anonymity has a very specific meaning in both legal and technical terms,
>>> there I think it's important that we work on this. The UN Special
>>> Rapporteur on Freedom of Expression has underlined the importance of
>>> encryption and anonymity online (
>>> http://www.ohchr.org/EN/Issues/FreedomOpinion/Pages/CallForSubmission.aspx
>>> ). And eventhough it is indeed a hard technical problem, I actually
>>> think quite a lot of people are working on this. Tor is indeed probably
>>> the best 'running code' example, but there is also Briar, I2P, Tribler,
>>> etc. There is also an  increase in Operating Systems that are geared
>>> towards anonymity (by integrating Tor and other measures) such as
>>> Subgraph, Tails, and Qubes, so I think discussing it is relevant, and I
>>> don't think we should take a step back an accept that it's not possible.
>>>
>>>
>>>
>>>> Tor may be the closest we get, but it's not at
>>>> all clear to me that anonymity is really a requirement or a
>>>> goal for almost all protocol designers almost all of the time.
>>> Maybe it's not and maybe it should be. Because there is a clear human
>>> rights impact here. The aforementioned report by the UNSR recognizes the
>>> essential role of encryption and anonymity in realizing human rights
>>> protected under international law, as such technology “provide[s]
>>> individuals and groups with a zone of privacy online to hold opinions
>>> and exercise freedom of expression without arbitrary and unlawful
>>> interference or attacks.”
>>>
>>>> I do think we should consider "being hard to track" and similar
>>>> as requirements/goals but that's different and I'm not sure we
>>>> even have that good an idea about all the trade-offs that are
>>>> involved here.
>>> Isn't that something that should be documented?
>>>
>>>> I'd recommend checking every time you use this
>>>> tern, and getting rid of most of them.  (Will try to point out
>>>> the ones I think are problematic below.) Note that the 4949
>>>> definition is probably ok(ish:-) but once there are muliple
>>>> protocols involved things become very unclear and in real
>>>> networks, there's almost always someone somewhere who can
>>>> identify (or re-identify) a person, host or bit of s/w and that
>>>> context seems to be missing here when you use the term.
>>>>
>>> See above.
>>>
>>>> 2, Defining connectivity as an "extent" is interesting. I'm not
>>>> sure if it's precise enough though, e.g.,  what'd "twice better
>>>> connectivity" mean? Not sure what to suggest but I do think
>>>> you're right to not define it as binary. Maybe refer to RFC4084
>>>> here again for some different types of connectivity?
>>> Done - added reference to RFC4084
>>>
>>>> 2, "content-agnosticism" - hmm, that seems a bit broken to me
>>>> as a definition, it is ok to treat delay intolerant traffic
>>>> differently and we do want that sometimes. "Identically" seems
>>>> too strong, but I'm not sure what better definition to use
>>>> without getting into an essay about net neutrality and similar
>>>> things that I don't know much about;-)
>>>>
>>> I did not change this. Because although your statement on the delay of
>>> intolerant traffic is true, common practice does not influence the
>>> definition of content agnosticism perse.
>>>
>>>> 2, "end-to-end" - I much prefer to refer to this as an argument
>>>> and not a principle. You'll get different opinions on that
>>>> though:-)
>>> Could you elaborate? I think we documented the use and origins pretty
>>> well in bodies of literature and academic discussion.
>>>> 2, "Internet censorship" - I think this definition is too broad
>>>> and could even be read to discourage data minimisation.  It
>>>> seems to be missing the concept that the censor is acting
>>>> without the agreement of the endpoints, but agreement/consent
>>>> is such a slippy concept on the Internet maybe that'd be a bad
>>>> idea. Anyway, this seems to broad to me fwiw.
>>> Do you have any suggestions for new language to replace it with?
>>>> 2, "Internet Standards as an Arena for Conflict"... eh...
>>>> What? That's not a term to define, it's an argument for over
>>>> beer! I think you need to delete that from this section. If you
>>>> want to include the text somewhere then find a better way to do
>>>> that I'd say. (But I'd still then ask: where is the principle
>>>> of constant change defined for all time? :-)
>>>>
>>> Agreed. Moved the text to the literature and discussion section
>>>
>>>> 2, "i18n" - I think you're wrong that "Many protocols..." don't
>>>> support i18n. It's for sure true that a bunch don't do this
>>>> well and ought, but "many" seems overstated. Did you count
>>>> them?
>>> We got this observation from the i18n WG in Yokohama.
>>>
>>>  (Note that for many binary protocols i18n isn't very
>>>> relevant at all, if one assume that i18n is mostly important
>>>> for end-users and less so for developers or bigger operators.)
>>>>
>>> Here I would like to push back with the arguments Ramsey Nasser
>>> introduced at his presentation at the hrpc session at IETF95. Based on
>>> his programming language in Arabic he showed through 'engineering
>>> performance art', that the Internet and its technical infrastructure is
>>> inherently hostile to non latin characters, which send the message that
>>> the Internet natively belongs to English speakers. This is true for
>>> developers, operators and users alike imho.
>>>
>>>> 2, "Open Standards Conform" - what? That's not a term to
>>>> define. I think you also say this elsewhere so deleting this
>>>> would be right. And what's RFC2606 got to do with it?
>>>>
>>> There should have been a hard return there. The text is lifted from
>>> RFC2606. Should be fixed now.
>>>
>>>> 2, "Openness" - I think this is just wrong and am not sure what
>>>> you even want to define. You cannot for example have free
>>>> access to hosts in my home network, no matter how openly you
>>>> ask:-) If you want to define openness, then I think it'd have
>>>> to be about processes and not access to hosts.
>>>>
>>> The definition doesn't say access to all hosts, right? I don't think I
>>> agree with the critique.
>>>
>>>> 2, "permissionless innovation" is not all about new protocols.
>>>> It's also about using existing protocols in new ways without
>>>> having to ask. Not all such uses are usefully described as new
>>>> protocols.
>>> added that to the text.
>>>
>>>> 2, "Privacy" - I think adding some references to the HR and
>>>> legal literature about privacy could help the more technical
>>>> readers here.
>>>>
>>> Added:
>>> The right to privacy is articulated  all of the major international and
>>> regional human rights instruments, including:
>>> {{UDHR}} Article 12: “No one shall be subjected to arbitrary
>>> interference with his privacy, family, home or correspondence, nor to
>>> attacks upon his honour and reputation. Everyone has the right to the
>>> protection of the law against such interference or attacks.”
>>> {{ICCPR}} Article 17: “1. No one shall be subjected to arbitrary or
>>> unlawful interference with his privacy, family, home or correspondence,
>>> nor to unlawful attacks on his honour or reputation. 2. Everyone has the
>>> right to the protection of the law against such interference or attacks.”
>>> The right to privacy is also included in:
>>> Article 14 of the United Nations Convention on Migrant Workers;
>>> Article 16 of the UN Convention on the Rights of the Child;
>>> Article 10 of the African Charter on the Rights and Welfare of the Child;
>>> Article 4 of the African Union Principles on Freedom of Expression (the
>>> right of access to information);
>>> Article 11 of the American Convention on Human Rights;
>>> Article 5 of the American Declaration of the Rights and Duties of Man,
>>> Articles 16 and 21 of the Arab Charter on Human Rights;
>>> Article 21 of the ASEAN Human Rights Declaration; and
>>> Article 8 of the European Convention on Human Rights.
>>>
>>>
>>>
>>>> 2, reliable, resiliance and robustness - I'm surprised there're
>>>> no references for the first two and puzzled by the references
>>>> for the 3rd.
>>> References added (my bad, thanks for spotting) and offered grammtical
>>> improvements for robustness:
>>>
>>> : The resistance of protocols and their implementations to errors, and
>>> to involuntary, legal or malicious attempts to disrupt its mode of
>>> operations. {{RFC0760}} {{RFC0791}} {{RFC0793}} {{RFC1122}}. Or framed
>>> more positively, robustness is the quality of a system that can provide
>>> functionality consistently and without errors despite  involuntary,
>>> legal or malicious attempts to disrupt its mode of operations.
>>>
>>>
>>>> There also seem to be very few reference to these
>>>> later, which makes it odd to find them here. I wonder if the
>>>> formalism you're using (introduced at the end of section 2) has
>>>> caused you to shoe-horn in definitions of these?
>>>>
>>> Nopes - these were terms that kept returning in interviews and during
>>> research. I also do not think they're hardly mention actually.
>>>
>>>
>>>> 2, scalable - it's often a challenge in proocol design to
>>>> ensure that a protocol scales down as well as up, in the sense
>>>> of working well for smaller networks/deployments.  Might be
>>>> worth pointing that out as it's relevant here when one
>>>> considers designing new protocols potentially putting too much
>>>> emphasis on the requirements of only bigger operators (who are
>>>> in the room).
>>> good point, added the following language to the text. In protocol design
>>> ensuring for the capacity to both scale up and down can be a challenge.
>>> Yet, it is important to consider the capability of the protocol to do
>>> both, to ensure new protocols consider the requirements of both big and
>>> small operators.
>>>
>>>> 2, stateless - is used exactly once later, and stateful is not
>>>> used at all later - do you really need this here? (Just define
>>>> it when used, but I think protocol developers will get the
>>>> meaning anyway.) You could also say that retaining state has
>>>> potential privacy impact, which may not be so obvious. (That
>>>> retaining state impacts on other protocol features such as
>>>> hard-reboot is fairly well understood I think.)
>>>>
>>> Removed glossary entry
>>>
>>>> 2, "Strong encryption / cryptography" I don't think this is
>>>> needed or useful - why is it here? I think the IETF community
>>>> know this already, is it useful for some other readership?  If
>>>> so who? (Since I'm not sure it'd be that useful for any
>>>> readership.)
>>> It is an IRTF document, so I am hoping that it will be read by
>>> researchers as well as protocol developers.
>>>
>>>> 2, "transparent" - I don't like this definition which I think
>>>> is not actually definining the term in the sense in which you
>>>> use it in this document. As you actually use the term, it is
>>>> mostly about processes, which is not what RFC2775 is about. In
>>>> fact, I think you're actually using the term in it's normal
>>>> English usage and don't really need a specific definition.
>>>> (Though I didn't check all uses of the term.)
>>>>
>>> Fair point. Removed.
>>>
>>>
>>>> 2, " The combination of reliability, confidentiality,
>>>> integrity, anonymity, and authenticity is what makes up
>>>> security on the Internet." No. That is just wrong. For example,
>>>> that list omits DoS resilience, bugs (and protocol flaws) that
>>>> cause problems like heartbleed, and I think, much else besides.
>>>> I'm not sure how to fix this. (But see my general question wrt
>>>> "=" as used here.)
>>>>
>>> I think this should be solved with the solution offered above.
>>>
>>>> section 4: I don't accept that "protocols are politics by other
>>>> means" - if I develop a way for two computers to interact in my
>>>> (non-existent as it happens:-) basement, that is not politics.
>>>> If I publish an academic paper on a faster way to do ECDH
>>>> that's not politics.  I know it's a quote, but I don't think
>>>> you ought present that quote in that way (reading IMO as if it
>>>> were an RG consensus statement) without qualification.  The
>>>> relevant qualification I think is tricky to formulate but has
>>>> something to do with broad deployment or with deployment at
>>>> some technical choke point that offers significant control to
>>>> someone.
>>>>
>>> I want to push back a little on the fact that this is not RG consensus.
>>> I think a lot of people have expressed the sentiment that their
>>> technical protocols increasingly have an impact on the political realm
>>> and vice-versa. As such protocols have become enveloped in politics,
>>> whether we/the IETF/the technical community likes it or not. Not to
>>> speak of the fact that many prominent academics, which include engineers
>>> and computer scientists, underwrite this statement. I also do not think
>>> it is without qualification, the text goes on to mention at least eight
>>> different papers that carefully qualify these statements. If we however
>>> write out there arguments we run the risk of making that bit of text
>>> suffer from TL;DR.
>>>
>>>> 4: I don't get the "values-by-design" point and how it's
>>>> relevant to the IETF. I don't recall discussions about that on
>>>> IETF/IRTF lists. Is this perhaps something that's really being
>>>> discussed outside the IETF/IRTF context? If so, then the
>>>> statement that these are a "new focal point" is not correct.
>>>> (If you want to say this should or could be a discussion to
>>>> have, that'd be fine but that's a different statement.)
>>> These discussions have been had on the lists, in addition to the latest
>>> session of hpc in Berlin when United Nations Special Rapporteur David
>>> Kaye presented his latest report on the responsibility of SDOs vis-a-vis
>>> human rights. The HRPC work has been focused specifically on the
>>> question of how values get translated to design, and how they should or
>>> should not. As such, I am surprised to hear you say that you have not
>>> seen this happen on the list.
>>>
>>>> 4: "tools of enforcement" - I'm not sure what you mean here. If
>>>> you mean law enforcement then saying that would be better, but
>>>> the sentence is vague, for me anyway so would be better
>>>> rephrased.
>>>>
>>> The full quote in the paper reads:  "The “theory of the blunt
>>> instrument” says that if  you  can  blunt  the  tools  of  your
>>> antagonist  in  a  tussle,  you  may be able to disable him. Thus, if
>>> all users of the Internet always  encrypted  everything  they  sent,
>>> there  could  be  no wiretaps and no discrimination based on content.
>>> The only tool left to the regulator (e.g., the state) would be the blunt
>>> instrument  of  total  disconnect.  This  theory  is  appealing  to
>>> those  who  see  the  Internet  as  a vehicle for contention with state
>>> controls.  And indeed, this theory is appealing and has much  to
>>> recommend  it.  But  (again)  in  the  extreme,  it
>>> suffers from two problems. First, we have seen states, faced with  the
>>> only  option  of  the  blunt  instrument,  use  it.  When Google
>>> refused  to  continue  to  comply  with  the  law  of  the land  in
>>> China,  China  threatened  to  revoke  their  license  to operate
>>> there,  leaving  Chinese  users  with  the  even
>>> - more regulated  alternative  of  Baidu.  Opinions  may  differ,  but
>>> some  argue  that  a  little  Google  would  be  better for the Chinese
>>> people than none.
>>> Similarly,  Burma  took  the  step  of disconnecting all international
>>> telecommunications links during    the    2007    “Saffron
>>> Revolution”,    and    several
>>> countries  have  blocked  Facebook  and  YouTube.  Are  those countries
>>> and  their  citizens  better  off  with  that  outcome than    with
>>> half    a    loaf?    Second,    when    law    trumps technology,
>>> baking the “blunt instrument” outcome into the architecture   may
>>> raise   large   complexities   for   actors required to comply with
>>> regulations. When France required that  Yahoo  block  auctions  of  Nazi
>>>  memorabilia  to  its citizens,  Yahoo  had  to  organize  a  table
>>> that  identified (imperfectly)  IP  addresses  of  French  users.  Would
>>>  it  have been better or worse if the Internet made it easy to tell from
>>> what jurisdiction a connection came?"
>>>
>>> See here:
>>> http://conferences.sigcomm.org/co-next/2010/Workshops/REARCH/ReArch_papers/10-Brown.pdf
>>>
>>> What they mean in this case is that if the IETF were to bake the UDHR
>>> into its protocols, countries who do not agree with that might
>>> completely withdraw from the standard setting process. I agree that
>>> tools of enforcement is unclear so I changed that sentence to better
>>> reflect that sentiment.
>>>
>>>> 4: "This document sets out some preliminary steps and
>>>> considerations for engineers to take into account when
>>>> developing standards and protocols." I think that's a good and
>>>> fair statement of where this document is at. But don't you
>>>> elsewhere go further?
>>> Not in this document methinks.
>>>
>>>> section 5: It'd be great if you could add links or references
>>>> to the source materials here. For example, who'd you interview?
>>>> Are the videos avaiable? What's the list of RFCs you read and
>>>> which were considered (most) relevant? Similarly for WG lists
>>>> analysed etc. I'm sure you have all that stuff and making that
>>>> available for later would be great.
>>>>
>>> Several people only wanted to be reviewed on the basis of anonymity,
>>> releasing an incomplete list doesn't make a lot of sense methodologically.
>>>
>>> There is a preliminary RFC reading list, but we let it go relatively
>>> soon we we were able to do automated RFC analysis with this tool:
>>>     https://github.com/nllz/rfc-analysis
>>>
>>> The RFCs that were deemed most relevant are mentioned in the ID.
>>>
>>>
>>>> 5.2.1.4 and 5.2.1.5: (See general point #4 above about "=") I
>>>> don't think you actually have achieved this "the creation of a
>>>> list of technical concepts that when combined create an
>>>> enabling environment for human rights." It's a fine goal, but
>>>> I'm not sure it's achievable in reality with the kind of
>>>> precision claimed in this section.  I don't think the terms
>>>> used in the figure in 5.2.1.5 are at all precise TBH, e.g.  the
>>>> phrase "good enough" only occurs in this figure and nowehere
>>>> else.
>>>>
>>> I hope this has been sufficiently addressed now with the fix offered above.
>>>
>>>
>>>> 5.2.3: "These capabilities for network control and limitations
>>>> of the freedom of expression by end hosts can be traced back to
>>>> the IPv4 design..." I don't think you have justified this
>>>> claim. My argument would be that there is no simlarly
>>>> scaled/robust nework against which to compare IP and that does
>>>> not have the feature that it allows deployments to limit
>>>> freedom of expression. So it may be that this feature/bug is
>>>> not IP specific but inherent in large networks. In any case,
>>>> the claim seems too much to me. (That might be a useful topic
>>>> for the RG to tackle, or maybe someone has already studied this
>>>> issue?)
>>>>
>>> That thee is no scaled/robust network to compare against doesn't mean
>>> that this cannot be true for the current one, right? Not sure if I
>>> understand your point.
>>>
>>>> 5.2.3.1: On what do you base the claim that source-routing
>>>> could be better here? Source-routing seems to usually generate
>>>> objections from transport folks. (You'd have to ask them for
>>>> the history of that.) Spoofed source IP is a common mechaism
>>>> for abuse.  While you do say these are not considered good
>>>> practice, you don't say why (or provide a reference) so it
>>>> looks to this reader as if you're saying that those "features"
>>>> could have been better, but without evidence for that.  (Tor is
>>>> lovely, but as currently defined, would not scale to the size
>>>> of the Internet as it was quite some years ago.)
>>>>
>>> What we're doing here is 'know and show' the human rights impacts of a
>>> specific protocol, that this is the only solution that exists and works
>>> today, doesn't mean that it doesn't have a specific impact.  So it's
>>> about documenting of impacts. I don't think we're claiming anywhere that
>>> those features could have been better, the sentence only reads that it
>>> _can_ be done differently, not that that solution would be better.
>>>
>>> I've also added a reference on source routing.
>>>
>>>> 5.2.3.2: are you referring to the protocol number here? (As
>>>> listed at [1]) That has about 140 protocols many of which
>>>> aren't in widespread use.  If so, then I question the claim
>>>> that this is really the cause of DPI - I suspect that DPI
>>>> devices mostly look deeper into the packet. That also seems to
>>>> be indicated when you talk about transports and spdy. I think
>>>> this section is confused about the differences between headers
>>>> at various layers, and our history of sending cleartext.  That
>>>> said, I could see that in future, as we encypt more Internet
>>>> traffic, someone may find rights-invading ways to use layer 3
>>>> headers but I'm not sure this is a significant issue today. (If
>>>> there is evidence of this being done, I'd be interested in
>>>> knowing about that. I guess there may be IPv6 options that are
>>>> in use like that or have been suggested but you don't cover
>>>> those at all that I can see.)
>>>>
>>>>    [1]
>>>> https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
>>>>
>>> I removed this para for now, but am still researching it. Might offer
>>> new text later on. Need some more thinking.
>>>
>>>> 5.2.3.3: I don't think mobile IP could never have displaced NAT
>>>> for IPv4.  We'd still have run out of addresses. So I'm not
>>>> sure the point made here (that there was a "viable
>>>> alternative") is correct at all.
>>> With NAT deployed all over we're also running out of IP addresses, so
>>> not sure your critique holds. Mobility could have been an alternative
>>> for NAT, not for IPv6 (or its other alternatives).
>>>
>>>> 5.2.4: "which enact ICANN's policy" Do you thnk that the ccTLDs
>>>> would agree with that? I don't.
>>> Altered the text to: "which function in line with ICANN's policy"
>>>
>>>> 5.2.4: I think the fact that new gTLDs are hugely expensive is
>>>> well worth a mention, as a deterrent to various freedoms.
>>>>
>>> You mean that it is expensive to become a registry (starting from
>>> 185.000 USD), or that gTLDs are expensive? If it's the first, we
>>> probably need to address this discussion:
>>> https://archive.icann.org/en/topics/new-gtlds/explanatory-memo-new-gtld-program-budget-22oct10-en.pdf
>>> , for the latter I do not have any data that shows that gTLD overall are
>>> more expensive.
>>>
>>>> 5.2.4: I think you're missing some points here, maybe even an
>>>> entire subsection. One of the ways around some of the issues
>>>> listed is for clients to choose their resolver, e.g. so as to
>>>> pick one that does check DNSSEC or that is not subject to the
>>>> same regime as a default resolver. That can be blocked at the
>>>> IP level, which is one issue. But even if I do that and use
>>>> DPRIVE, then that creates a new threat of centralisation of
>>>> lots of queries (e.g. at 8.8.8.8) which introduces yet another
>>>> point at which control can be enforced or where traffic can be
>>>> analysed. Passive DNS also has good and bad aspects. I'd say
>>>> some or all of these points would be good to note. (But I'm not
>>>> the right person to suggest good text sorry.)
>>> Stephane has been so nice to provide text for this:
>>>
>>> Users can switch to another resolver, for instance a public one such as
>>> those operated by  Telecomix [http://dns.telecomix.org/]. The distorter
>>> can then try to block or hijack the connection to this resolver. This
>>> may start an arm's race, the user switching to secured connections to
>>> this alternative resolver ({{RFC7858}}), the disruptor then trying to
>>> find more sophisticated ways to block or hijack. In some cases, this
>>> research to find an alternative, non-disrupting resolver, may lead to
>>> more centralisation, many people going to a few big commercial public
>>> resolvers.
>>>> 5.2.5: The lack of a mandate for TLS was not the only reason
>>>> why the web started out largely cleartext. There were also
>>>> significant performance, UI, tooling and missing infrastructure
>>>> issues, as well as the charging per certificate business model.
>>>> Those were more important issues IMO, even though they do not
>>>> nicely tie into the discussion of h2 and it's lack of a mandate
>>>> for use of TLS. While I personally regret that, it was the
>>>> result of a real and extended and open debate, which I think
>>>> also ought be noted.
>>>>
>>> replaced 'caused' with 'was one of the reasons for'
>>>
>>>
>>>> 5.2.5 and 5.2.5.x: While I'm fine with you calling the
>>>> development of TLS MitM devices and similar "malicious," I am
>>>> pretty sure plenty of folks might argue that. It'd be better to
>>>> skip the pejorative language I think, but it is entirely
>>>> correct to have the references to the attacks mounted using
>>>> such technologies. I'd also tend to not mention specific
>>>> companies and products in the body of the text, except where
>>>> that is really necessary to make the point.
>>>>
>>> Done
>>>
>>>> 5.2.5.1: How do you know it was Snowden's relevations that
>>>> caused mail service providers (not ISPs!) to "follow Google's
>>>> lead"? That may be correct, but I'm not sure there's the public
>>>> evidence that they said that was why. (If there is, great, but
>>>> please provide a reference, the one you do provide, [Peterson],
>>>> is about gmail and not yahoo.) Also, Google use TLS, not SSL
>>>> for gmail.
>>> Done
>>>> 5.2.5.1: "less democratic" - I think it's an error to say that,
>>>> since many countries that are considered role models for
>>>> democracy could do the same things, "some countries" and
>>>> examples would be better. Same with "oppressive regimes" -
>>>> there's no need to include that judgement here.  The reference
>>>> here [RSF] wasn't accessible to me (no route to host) from a
>>>> hotel network and eduroam. That could be nicely ironic, or a
>>>> badly chosen reference. (But you need a reference.) The 2012
>>>> Libya report also really needs a reference.
>>>>
>>>>    [RSF]
>>>>
>>> https://en.rsf.org/syria-syria-using-34-blue-coat-servers-23-05-2013,44664.html
>>>
>>> Updated link, reference added and judgemental language removed.
>>>
>>>> 5.2.5.2: wrt great-cannon, you might want to note that the IESG
>>>> issued a related statement [2]. That's a bit tangential, but I
>>>> think is relevant for this work.
>>>>
>>>>    [2]
>>>> https://www.ietf.org/iesg/statement/maximizing-encrypted-access.html
>>>>
>>>> 5.2.5.2: "Companies like" is pejorative and the patent
>>>> application seems irrelevant. "has been largely documented"
>>>> calls for a reference. "Oppressive regimes" is also not needed
>>>> here as is "little concern for bad human rights records." The
>>>> right thing here I think is to note the documented record
>>>> without pejoratives and to then let the reader draw their own
>>>> conclusions.
>>>>
>>> Done and done
>>>
>>>> 5.2.5.2: I don't think the text about h2 is fair. You're
>>>> missing a) that there was a real and open debate on the topic,
>>>> b) that some important implementations are exclusively h2/tls
>>>> and c) that there is a spec for OS for HTTP being developed.
>>>> Those are all as relevant as the fact that the outcome of the
>>>> debate was to not mandate use of TLS all the time. (Which I do
>>>> think is worth saying in this document, but needs more complete
>>>> context.)
>>> I am not sure what this would add to this. It is not stated that there
>>> was no debate or that there are no exclusive h2/tls implementation. Am
>>> happy to write something but am not completely sure what it would add to
>>> the the analysis of the impact of this protocol on human rights.
>>>
>>>> 5.2.6: I think this section is missing some things. First, the
>>>> IETF/XSF relationship is relevant here and needs a mention. (As
>>>> both good and bad!)
>>> Do you have a reference / source where we can learn more about this?
>>> Since you seem to hint at something I do not know about.
>>>
>>>> Second, OTR is important, as is the
>>>> community's failure to produce a better e2e standard for xmpp.
>>> I am hesitant to do so, because then we would be analysing another
>>> protocol, right?
>>>
>>>> And lastly, I think the tendency of IM deployments to not
>>>> deploy interoperable standarsd is missing, which also has good
>>>> and bad aspects (good: they can do telegram etc, bad: no
>>>> interop).  I'd suggest asking an XMPP expert to review/suggest
>>>> text.  (Happy to help find you one if needed.)
>>>>
>>> Do we really want to get into the Facebook Messenger, Ello, Telegram,
>>> Signal, Axolotl discussion with this? That would be a serious extension
>>> to the discussion... in the security direction. I would like to hear
>>> what other people think about this, because I think this document
>>> already covers a lot of ground. On the other hand:
>>>
>>>
>>> https://www.theguardian.com/technology/2016/aug/03/turkey-coup-gulen-movement-bylock-messaging-ap
>>>
>>> Review by experts is always welcome. I asked Peter Saint Andre a while
>>> ago but I did not hear back. Suggestions and reviewers are always very
>>> welcome.
>>>
>>>> 5.2.6: "The protocol also has facets that may stifle speech as
>>>> users self-censor for fear of surveillance, or find themselves
>>>> unable to express themselves freely." That's not an XMPP
>>>> specific point - the same applies to email and the web and to
>>>> any other protocol that supports interpersonal messaging or
>>>> access to sensitive information. I think you ought up-level
>>>> this point to a more generic section that calls out issues with
>>>> multiple protocols. (Not sure where exactly, but having it here
>>>> only isn't great.)
>>> Agreed, have added this point to the Privacy Explanation in the
>>> questionnaire.
>>>> 5.2.7: Is this section about P2P in general (I'd consider P2P a
>>>> design pattern) or about PPSPP or about BT? Each of those
>>>> choices seems wrong. If the first, then that's not the same as
>>>> other 5.2.x sections and doesn't mention other P2P protocols
>>>> (e.g. RELOAD maybe). If the second, is the deployment of that
>>>> sufficient to justify the text? If the 3rd - that's not an IETF
>>>> protocol. So I'm not sure what to make of this.
>>> It's the first. The reason for adding this case category to the research
>>> was that peer-to-peer got mentioned a lot in the interviews and in
>>> discussions on this, so we thought it would be useful for the document
>>> to discuss it here.
>>>> 5.2.7: Is it still true to say that P2P is an "increasingly
>>>> becoming a popular architecture"? I thought usage stats were
>>>> showing the opposite nowadays? The examples given are odd: as
>>>> BTC doesn't do file sharing/interpersonal messaging, skype is
>>>> no longer really P2P iiuc, and I don't know if spotify really
>>>> is or not. Surely BT is the canonical real example?
>>>>
>>> Removed 'is becoming and added:
>>>
>>>     "While its most common application has traditionally been
>>> file-sharing (and other types of content delivery systems), P2P is a
>>> popular architecture for networks and applications that require (or
>>> encourage) decentralization. A prime example is Bitcoin (and similar
>>> cryptocurrencies), as well as Bitcoin and proprietary multimedia
>>> applications."
>>>
>>>
>>>> 5.2.7: "mostly delegated" - I'm not sure this is correct.  I
>>>> could argue that RELOAD is a counter example.
>>> That's why it says 'mostly', right?
>>>
>>>> I could further
>>>> argue that the lack of deployment of RELOAD (iiuc) may be
>>>> evidence that your implied argument that it'd be better for an
>>>> organisation like the IETF to try produce complete specs in
>>>> this space might be unwise in that it's less likely to result
>>>> in deployment.
>>> I think the 'conclusion' para is pretty clear on this:
>>>
>>> These platforms are not perfect, and more research needs to be done.
>>> If adopted at large, well-designed and resistant P2P networks might
>>> represent a critical component of a future secure and distributed
>>> Internet, enabling freedom of speech and freedom of information at scale.
>>>
>>> I think that is not an implied argument for making everything P2P.
>>>
>>>> 5.2.7.3: I think ledbat has some protocol features that would
>>>> allow deployments (if they are nice) to reduce the scope for
>>>> tracking. That's RFC 6817 but I'd have to reread it to check if
>>>> there's something useful there, also not sure about ledbat
>>>> deployment.
>>>>
>>> You mean this? https://tools.ietf.org/html/rfc6817#section-5.1 Doesn't
>>> seem very conclusive.
>>>
>>>
>>>> 5.2.7.4: Sybil attacks in this context (e.g. astroturfing) seem
>>>> to be relevant to more than p2p protocols. In fact wouldn't
>>>> they be more common on web based systems, at least as exploited
>>>> by/for governments and commercial entities?
>>>>
>>> Added this suggestion
>>>
>>>> 5.2.8: There are many kinds of VPN - I think it'd be better to
>>>> rename this section to something like "personal VPNs" or
>>>> similar, as you don't get into e.g. corporate VPNs.
>>> I think the first para does cover the difference, and I don't think
>>> there is anything in the rest of the analysis that is not true for other
>>> kinds of VPNs?
>>>
>>>> 5.2.8.1: "local illegitimate wiretapping" - that's another
>>>> pejorative term for some, "monitoring" would be just as clear.
>>>> (Again, not because what you say is wrong, but because there's
>>>> no point in antagonising those who read this.)
>>>>
>>> updated
>>>
>>>> 5.2.8.1: "are way less analyzed and understood" I think I
>>>> recall some papers on these kinds of VPN that found some issues
>>>> - be good to reference such work if possible, esp if there's a
>>>> survey.
>>> I've been searching a bit and did not find anything really good. Things
>>> like:
>>>     http://dx.doi.org/10.1016/S1742-6847(06)70438-4
>>>     http://www.ijcse.com/docs/INDJCSE14-05-04-101.pdf
>>>
>>> Theses ones are the best I could find:
>>>
>>> https://www.insinuator.net/2013/08/vulnerabilities-attack-vectors-of-vpns-pt-1/#respond
>>>
>>> http://ieeexplore.ieee.org.proxy.uba.uva.nl:2048/stamp/stamp.jsp?arnumber=7314859
>>> So I referenced them in the text.
>>>
>>>
>>>> 5.2.8.3: " VPN providers should at least be transparent on what
>>>> information do they store and for how long is being kept" I
>>>> fully agree with this, but what's it telling the IETF
>>>> readership? Perhaps that RFCs ought identity potentially
>>>> sensitive logged data or for how long that needs to be retained
>>>> for technical reasons? That migth not belong here anyway but
>>>> could be relevant somewhere in the document.
>>>>
>>> Changed 'shoud' into 'would' and added your suggestion to the privacy
>>> question in the questionnaire.
>>>
>>>> 5.2.9: This could be shorter and may better as a part of
>>>> section 5.2.5 - why is this one status code so important?
>>> reduced the text substantially.
>>>> 5.2.10: I'm really not sure this (all) belongs here.  The
>>>> middlebox debate is old and won't be resolved here, so I'm
>>>> don't think it's worthwhile regurgitating the arguments in such
>>>> detail. And I think you already said what you need to say when
>>>> discussing NATs. I'd say deleting this section is maybe right.
>>> deleted it.
>>>> 5.2.10: (If you keep it) "IETF's role to prevent such
>>>> censorship" again, the IETF is not the Internet police and does
>>>> not "prevent" things like that. If you refer to the SPUD BoF,
>>>> you should include references to the minutes etc.
>>>>
>>> deleted it.
>>>
>>>> 5.2.10: "Middleboxes are becoming a proxy for the debate on the
>>>> extent to which commercial interests are a valid reason to
>>>> undermine the end- to-end principle." That seems like an
>>>> opinion, and one I'd be surprised had consensus. Do you need to
>>>> say that?
>>> deleted it.
>>>
>>>> 5.2.11: "Some people may say that DDoS attacks are the only
>>>> mean to be heard, in the current Internet." Some people say
>>>> that the moon landings were faked. Vague reportage like that is
>>>> useless. I'd say this entire section needs to be redone with a
>>>> strong statement that there is no valid use-case for DDos, and
>>>> that DDoS is not a valid form of protest. I think such a
>>>> statement is one that would have RG and indeed IETF consensus.
>>>> I'm very sure that no concept of DDoS as a valid form of
>>>> protest would garner consensus in either the RG or the IETF.
>>> Done
>>>> 5.2.11: "seem to suggest that the IETF should try to ensure
>>>> that their protocols cannot be used for DDoS attacks" That's
>>>> very understated and maybe even misleading. I would say that
>>>> the IETF has long-standing consensus that DDoS is an attack
>>>> that protocols should mitigate to the extent they can and that
>>>> DDoS vectors in protocols are basically bugs.  RFC3552 (section
>>>> 4.6) from 2003 covers this and says that standards MUST
>>>> describe DoS issues.
>>>>
>>> Text added:
>>>
>>>     All of these issues seem to suggest that the IETF should try to
>>> ensure that their protocols cannot be used for DDoS attacks, which in
>>> consistent with the long-standing IETF consensus that DDoS is an attack
>>> that protocols should mitigate them to the extent they can {{RFC3552}}.
>>>
>>>> 5.2.11: The linkage between private sector control of networks
>>>> and DDoS is IMO entirely unconvincing. NRENs are generally
>>>> private sector and have major issues with DDoS. (I'm sitting in
>>>> a talk on that topic right now.) It is not at all clear that
>>>> anyone who'd claim that they are using a DDoS attack to protest
>>>> would actually be protesting about a network operator - it is
>>>> much more likely they are protesting about some content owner,
>>>> who may be public  or private sector.
>>>>
>>> Removed
>>>
>>>> 5.2.11: I don't think we need or want the argument based on PM
>>>> here at all. The argument about motivations for PM in RFC7258
>>>> depends on there being some justifiable reasons for monitoring.
>>>> (Otherwise we would not need to even point out that motivations
>>>> don't matter.) There are no such close-to-good arguments at all
>>>> for DDoS, so drawing that analogy is misleading.
>>>>
>>> Removed
>>>
>>>> 5.2.11: If the RG feel there is a need to discuss a possibility
>>>> for fully opted-in people to collectively protest, (I do not)
>>>> then you should invent a new term for that and clearly say that
>>>> even though such protest might appear to the network as beng
>>>> the same as a DDoS (and hence be treated as an attack), that is
>>>> not the same as a DDoS, where 100% of real cases involve
>>>> compromised hosts or hosts being used as reflectors without
>>>> permission. If the RG feel there is a need to discuss forms of
>>>> protest on the Internet, then I think an entirely different
>>>> section is needed, probably with a different structure.
>>>>
>>> Removed
>>>
>>>> 5.3.1: I'm not sure the "HR threats" model is the right thing
>>>> here. The same was true of rfc6973 as well, as you say, but in
>>>> this case, I'm not sure you really even need the concept. 5.3.2
>>>> just says stuff like "did you think about <foo>" so I don't see
>>>> a need to say that "<foo> is a threat." I don't think you lose
>>>> anything by losing that concept entirely. There is also a
>>>> danger in including that risk analysis model here in that doing
>>>> so might cause later disussion to be somewhat blinkered.
>>> Not sure if I share your view. There are concrete threats, that we can
>>> people to be cognizant of by thinking and documenting issues that could
>>> arise, through the use of the questionnaire. I don't see how the use of
>>> 'threat' here is problematic.
>>>> 5.3.1: "This is by no means an attempt to cherry picks rights,
>>>> if other rights seem relevant, please contact the authors
>>>> and/or the hrpc mailinglist." I'd delete that, it's not that
>>>> appropriate for an RFC (it was for an I-D). But if you do want
>>>> to say something about a contact point, the RG list would be
>>>> better. (The phrasing "cherry pick" is also a bit odd.)
>>> Rewrote: This is by no means an attempt to exclude specific rights or
>>> proritize some rights over others, if other rights seem relevant, please
>>> contact the research group mailinglist.
>>>
>>>> 5.3.2: The title here is a bit inaccurate and misleading.
>>>> You're presenting guidelines for protocol designers, and not
>>>> for "HR considerations."
>>>>
>>> Seems in line with the dictionary definition here:
>>>
>>> Simple Definition of consideration
>>> : careful thought : the act of thinking carefully about something you
>>> will make a decision about
>>> : a desire to avoid doing something that will make another person sad,
>>> upset, angry, etc.
>>> : something that you think about when you make a choice or decision
>>>
>>> from: http://www.merriam-webster.com/dictionary/consideration
>>>
>>>> 5.3.2: I don't think that many IETFers follow or read RFC4101.
>>>> (RFC4101 is a useful, good thing, but one that's not much used
>>>> iiuc.)
>>>>
>>>>
>>> It seem quite useful though, I do not necessarily see a reason to remove
>>> it.
>>>
>>>> 5.3.2.1.2: We're updating RFC3552 now, and the update will
>>>> include some guidance on privacy considerations. I'm not sure
>>>> if it'd be better to reference that draft now or not though, as
>>>> it's early days. Probably best to refer to BCP72 though, as
>>>> that'll remain the right reference when the 3552bis work is
>>>> done.
>>> Replaced everymention of RFC3552 with BCP72
>>>
>>>> 5.3.2.1.2: "Could your protocol counter traffic analysis, or
>>>> data minimization?" oops - I don't think you want to counter
>>>> data minimisation. Better to split that into two questions
>>>> probably.
>>> Done.
>>>> 5.3.2.1.3: This set of questions need work. All protocols "look
>>>> at the packet content" or else do nothing at all. I think you
>>>> want to ask people to think about which fields in the packet
>>>> they need to access and to try to minimize those, and if
>>>> possible, discourage others from looking at the rest (e.g. by
>>>> enabling encryption of those).  I also have no clue what " Is
>>>> the protocol transparent about its decisions?" means. And the
>>>> last question is also pretty meaningless when looked at in
>>>> isolation. (I think I already commented on the agnosticism
>>>> phrase as used here before. The same issues apply to the
>>>> explanatory text here.)
>>> I've rewrote the section:
>>>
>>> If your protocol impacts packet handling, does it look at the packet
>>> payload? Does it look at Is it making decisions based on the payload of
>>> the packet? Does your protocol prioritize certain content or services
>>> over others in the routing process ? Is the protocol transparent about
>>> the priotization that is made (if any)?
>>>
>>>
>>>> 5.3.2.1.5: "readable by humans" is not the right criterion
>>>> here. What you need to say is that "have to be understood by
>>>> humans." For example, DNS names are mostly readable but IDNs
>>>> are not, depending on which form one uses.
>>> Accepted.
>>>
>>>> For some protocols
>>>> it is entirely fine still to use ascii for human-readable
>>>> labels, if those are only seen by developers or more capable
>>>> admins.
>>> I would push back on this in relation to the presentation of and points
>>> made by Ramsey Nasser that I already referenced above.
>>>
>>>> 5.3.2.1.6: Re-using existing identifiers (e.g. MAC addresses)
>>>> is the more common way that (re-)identification is enabled in
>>>> protocols. You should point that out. I think the "make ...
>>>> transparent" point is worth splitting from the identifier issue
>>>> too - identifiers are very common, but making filtering
>>>> apparent is much less so, and will be missed if you bundle
>>>> these two things together. The last two questions aren't really
>>>> useful though and are more explanatory text then real new
>>>> questions.
>>>>
>>> Changed text, but I think last two questions are still useful for context.
>>>
>>>
>>>> 5.3.2.1.7: These are not useful, as phrased for IETFers.  The
>>>> only useful part here is the 2nd last question (use other
>>>> things that are proprietary), the rest are not as they are
>>>> already handled in IETF processes, and we do not want yet more
>>>> bureaucracy. The explanatory material is way too long and also
>>>> not useful for the IETF audience. The example given is an
>>>> interesting thing, but far from a typical protocol, so
>>>> therefore is not a good example.
>>> Not sure about this. That this is picked up in other IETF processes
>>> doesn't mean it shouldn't be discussed here from the human rights angle.
>>> Else also wouldn't need to discuss security, etc. Plus I think there is
>>> ample reference to the existing IETF procedures hear to ensure that
>>> there is no duplication of efforts.
>>>> 5.3.2.1.8: This entire section is useless for IETFers, except
>>>> the last question about extensibility. The explanatory text and
>>>> example however don't address that and are also not useful.
>>>>
>>> Pretty strong statement with not too much argumentation, could you
>>> elaborate pls?
>>>
>>>
>>>> 5.3.2.1.9: The question was asked already. Anonymity is not a
>>>> useful goal in almost all IETF protocols, and if it were, it'd
>>>> be a first order requirement (e.g. if we wrote an RFC for Tor)
>>>> and would not be missed. Delete this section entirely.
>>>>
>>> I don't agree, especially since anonymity is such a concept that is both
>>> legally and technically understood, but hard to achieve. And as you said
>>> previously, the combination of protocols make anonymity harder, which is
>>> actually a case to raise awareness about anonymity in all protocols.
>>>
>>>> 5.3.2.1.10: The emphasis here is wrong. You should be asking
>>>> about whether the protocol generates or processes anything that
>>>> can be, or be tightly correlated with, PII. Many protocols have
>>>> identifiers that are perfectly safe, until the host running the
>>>> protocol is something that a person carries with them. The
>>>> section needs a rewrite to take that approach.
>>> Suggested text added.
>>>
>>>> 5.3.2.1.11: Mixing accessibility and statefulness is wrong.
>>>> Both are fine questions, but should not be bundled.
>>> I think it helps if you look in the glossary for the different
>>> definitions of accessibility, that might clarify things, or in the
>>> explanation.
>>>
>>>> The
>>>> example is bad - HTML5 is the current spec and is not that RFC.
>>> Reference changed.
>>>
>>>> 5.3.2.1.12: I think this is arguably duplicative and the issue
>>>> will (or should) be caught via other IETF processes apart from
>>>> HR considerations. I'd delete this, though it's mostly harmless
>>>> here.
>>>>
>>> I'm hesitant here (again) to remove this because this gets a different
>>> meaning from the human rights perspective imho.
>>>
>>>> 5.3.2.1.13: Again, this bundles things in a counterproductive
>>>> manner. Split the topology/architecture points from the
>>>> discriminaton/implication ones. (Even if you think those relate
>>>> in terms of HR, that does not mean that they ought be bundled
>>>> together in a questionnaire.)
>>>>
>>> Why not? I think the explanation and example tie it together nicely.
>>>
>>>> 5.3.2.1.14: I don't think this belongs in the questionnaire
>>>> either. It's covered alredy in other IETF processes, when most
>>>> relevant, so is not useful to ask about here.
>>>>
>>> I'm hesitant here (again) to remove this because this gets a different
>>> meaning from the human rights perspective imho.
>>>
>>>> 5.3.2.1.15: This needs to be rewritten, there are 13 questions
>>>> in the text which is entirely pointless. I would not bother to
>>>> try answer those.
>>> Hmmmmm. This is not a MUST, but it helps people structure their
>>> thinking. Granularity can help with that, especially in an issue such
>>> problematic and little understood such as Informed Consent, etc.
>>>
>>>> You should just ask how confidentiality is
>>>> supported and between what endpoints and how keying is done.
>>>> (Or something like that, I didn't try the full re-write that is
>>>> needed.) The re-write should also bundle this with most of the
>>>> next two sections. (See below.)
>>>>
>>>> 5.3.2.1.15: The cryptographic parts of this should be merged
>>>> into a rewritten 5.3.2.1.14. If there are non-crypto bits of
>>>> this then those need better explanatory text as it'd not be
>>>> relevant for most protocols. (I mean things like database
>>>> consistency.) I'm not sure if anything would remain when this
>>>> and the previous section were re-written.)
>>> Having a hard time understanding this, because it are inherently
>>> different issue from a rights perspective. Merging them would not be
>>> helpful imho, but am happy to be convinced.
>>>
>>>> 5.3.2.1.17: As per 5.3.2.1.16.
>>> I assume you think these two should be merged? I could be convinced of
>>> that, but would that make it easier to understand? Or just for the sake
>>> of making it shorter? I do not think this Research Draft necessarily
>>> needs to be short because it outlines the full research. If we take this
>>> work further we can have a closer look at usability and streamlining it
>>> with other relevant reviews that are ongoing in the IETF, IESG, etc.
>>>
>>>> 5.3.2.1.18: This is entirely duplicative and should be deleted.
>>> Agreed, removed.
>>>> 5.3.2.1.19: I've no clue if this'd be useful to ask. Only
>>>> testing would tell. (It might be, but I'm really not sure.)
>>>>
>>>> Nits/editorial...
>>>>
>>>> lots of places: there are too many over-long sentences that
>>>> make this hard to read and less clear. I'd really recommend
>>>> getting rid of as many of those as you can. The first non-quote
>>>> paragraph of the intro is a good example.
>>> During RG last call we'll do a full editorial review.
>>>> intro, "the core of the Internet, its architectural design
>>>> is..." Using "core" is a bad term there, mostly we mean
>>>> something quite different when we talk about the Internet's
>>>> core or similar.  (And that's another assumption that there's
>>>> one true architecture.)
>>>>
>>> Hmmm, not sure. Compare:
>>> http://www.wrr.nl/fileadmin/en/publicaties/PDF-Rapporten/The_public_core_of_the_internet_Web.pdf
>>>
>>>> intro, "properly defined, described and protected as such" - I
>>>> don't think "defined" is needed there, and it might not be
>>>> correct either.
>>>>
>>> Why not? I think defining is always the first step to make something
>>> tangible. Also inline with
>>> https://business-humanrights.org/sites/default/files/media/documents/ruggie/ruggie-guiding-principles-21-mar-2011.pdf
>>>
>>>> intro, "New protocols, particularly those that upgrade the core
>>>> infrastructure of the Net, should be designed to continue to
>>>> enable fundamental human rights." I'd drop the "core
>>>> infrastructure" bit there, it's a distraction and liable to
>>>> generate argument about what is or is not core, e.g. BGP is
>>>> clearly core but is not otherwise mentioned in this document,
>>>> and maybe correctly.
>>>>
>>> We have thought of BGP as one of the cases actually, and it is one that
>>> I would love to to.
>>>
>>> I do think it makes sense to put in some prioritization of human rights
>>> impacts assessments in here though. I don't think core or non-core needs
>>> to be binary as well. Some things are simply bound to be used more and
>>> thus can have a bigger potential impact.
>>>
>>>> intro, "The authors believe that the issues that have been
>>>> raised by the reviewers have been addressed." Sorry to be
>>>> raising more:-)
>>> That should have been taken care of now ;)
>>>
>>>> section 2: I think some better formatting is needed here to
>>>> distinguish the terms defined from the text, which in some
>>>> cases is fairly long. Just add bullets or quoting or something.
>>> But this is the standard glossary approach, right? Will take this up (in
>>> due time) with the RFC editor who probably has some good ideas about this.
>>>
>>>> 2: "In the discussion of human rights and Internet architecture
>>>> concepts developed in computer science, networking, law,
>>>> policy-making and advocacy are coming together" Sorry, what is
>>>> coming together in what discussion(s)? Too many commas there to
>>>> be sure I think. (BTW, "architecture concepts" may well be an
>>>> ok use of that word:-)
>>>>
>>> Concepts developed in different fields come together.
>>>
>>>> 2, "censorship resistance" does not "prevent" censorship, I'd
>>>> say mitigate is better than prevent.
>>> Accepted
>>>
>>>> 2, "confidentiality" - why not refer to 4949 there?
>>>>
>>> Done
>>>
>>>> 2, "debugging" - the term debug is not used in the draft, why
>>>> do you need the definition?
>>> Tossed.
>>>
>>>> 2, "decentralized" - why is "opportunity for" needed in this
>>>> definition? I don't get that.
>>> Tossed.
>>>> 2, "technical this means..." needs fixing.
>>>>
>>> Fixed.
>>>
>>>> 2, "Heterogenity" typo
>>> Fixed
>>>
>>>> 2, "autonomous organizations" do you mean ASes? If so, say so.
>>>> If not, better to avoid the word autonomous here.
>>>>
>>> Changed autonomous with independent.
>>>
>>>> 2, "integrity" - why not refer to 4949?
>>> Added.
>>>
>>>> 2, "Inter-operable" is normally not hyphenated in the IETF
>>>>
>>> Fixed
>>>
>>>> 2, i18n - funny line breaks there make that hard to read
>>> Fixed
>>>
>>>> 2, l10n - you don't actually use that abbreviation so why
>>>> define it?
>>>>
>>> Because many people use it, so it might provide some clarity. Don't
>>> think it hurts.
>>>
>>>> 2, "The combination of the end-to-end principle,
>>>> interoperability, resilience, reliability and robustness are
>>>> the enableing factors that result in on the Internet.  " That
>>>> (non-)sentence needs fixing. I don't even know what you want to
>>>> say tbh.
>>>>
>>> Fixed: The combination of the end-to-end principle, interoperability,
>>> resilience, reliability and robustness are the enableing factors that
>>> result in connectivity to and on the Internet.
>>>
>>>> section 3: I think this short section is missing text to the
>>>> effect that you think the answer to question 2 is yes.
>>> But it would be weird to answer that question here, right? That is what
>>> we're doing in the rest of the document.
>>>
>>>> section 4: you say "five clear positions" but they are not
>>>> clearly delineated in the document. I'd suggest using some
>>>> headings or some other way to make these more distinct in the
>>>> document.
>>> Hmm, it's one position per para, and in it even mentioned which number
>>> they are.
>>>
>>>> 4: "embedded into the Internet's architecture" (top of p13) has
>>>> another claim that there's one true Internet architecture.  You
>>>> could change this one to be the set of protocols defined by the
>>>> IETF or something similar.
>>> The conception of Internet architecture of the authors is broader than that.
>>>
>>>> 4: " As it stems from the issues as they arise in the field of
>>>> technical engineering." That's not a sentence.
>>> I also don't think it adds much, so it's removed.
>>>
>>>> 5: "step taken by the research group" that's ambiguous - I
>>>> think you mean the set of authors and their research groups at
>>>> home and not the HRPC, which I don't think collectively read
>>>> all the RFCs you mean. (I think it's fine to say that the
>>>> authors were the one who did the work, if that's what you
>>>> mean.)
>>> I made it: authors and contributors
>>>
>>>> 5.1: This section duplicates the intro to section 5. Is there a
>>>> new point being made?
>>> Yeah - methodology and datasources are inherently different parts that
>>> both need to be justified afaik. Mixing them up would just be messy.
>>>
>>>> 5.2: "(detailed under "2.vocabulary used")" do you mean section
>>>> 2 there? Saying "Section 2" with the right xml2rfc incantation
>>>> will cause the tools rendering to make that a link, which'd be
>>>> nice.
>>> I think that should also be working now.
>>>
>>>> 5.2.1.1: "was assembly" typo.
>>> Fixed.
>>>
>>>> 5.2.1.5: figures are better numbered and with captions.
>>> Done
>>>
>>>> 5.2.2.1: I guess there's a heading level bug here in the
>>>> document sounce?
>>> Fixed.
>>>
>>>> 5.2.3.1: "ability for those hosts to assemble or to
>>>> consensually express themselves" huh? When/how do hosts
>>>> assemble or do things consensually? Confusing people and hosts
>>>> like that is odd.
>>> Fixed.
>>>
>>>> 5.2.3.2: Why refer to spdy and not h2? And is that even a good
>>>> reference? The 4906 reference also puzzled me. (Even more:-)
>>> That was removed, but we might introduce it in another for again later on.
>>>
>>>> 5.2.5: Why "because of it's simple design"? I'd have thought it
>>>> was more complicated than that and that a combination of HTTP,
>>>> HTML, open-source browsers and web servers and cool content was
>>>> involved.
>>> Rewrote into: Its simple design strongly contributed to the fact that
>>> HTTP......
>>>
>>>> 5.2.5: TLS and SSL could do with references.
>>> Added
>>>
>>>> 5.2.5: Gen-ART? Huh? That's wrong. Gen-ART are fine people but
>>>> they don't do what you say they do any more than any other set
>>>> of IETFers. Are you confusing them with the IAB statement on
>>>> encryption perhaps? Otherwise that is quite the puzzle for
>>>> me:-)
>>> Removed
>>>> 5.2.5.1: What does "of the first" mean? "From the start"?
>>>>
>>> Dutchism - Fixed by changeing it into:
>>>
>>> E-mail providers such as riseup.net were the first ones to enable SSL by
>>> default.
>>>
>>>> 5.2.5.1: "have been corrected in TLS1.3" is in the wrong tense
>>>> - "are being corrected" is correct.
>>> Fixed
>>>
>>>> 5.2.5.1: TEMPORA, XKEYSCORE etc need references. Those can get
>>>> hard to find later, at least good references can be hard to
>>>> find.
>>> Added.
>>>
>>>> 5.2.6.1: I assume the URLs [1] and [2] don't need to be there
>>>> and are xml2rfc artefacts to be fixed. Also, you should use
>>>> example.com and example.net as per the usual way of handling
>>>> examples in RFCs.
>>> Will take this up with the RFC editor in due time.
>>>
>>>> 5.2.7: "often seen" - by whom? I'm not sure that IETFers would
>>>> share that opinion, so better to say who you do mean. "remains
>>>> critical" is also overstated.
>>> "regularly described" and "remains imporant"
>>>> 5.2.7.1: "directed directly" typo
>>> changed into: aimed directly
>>>
>>>> 5.2.7.2: "throtteling" typo
>>> Fixed
>>>
>>>> 5.2.7.5: Why does only this section have a conclusions
>>>> subsction? I'd say be consistent.
>>> Heading tossed.
>>>
>>>> 5.2.8.1: you could lose the heading here (consistency again:-)
>>>>
>>> Heading tossed.
>>>
>>>> 5.2.8.1: some VPNs (but not the ones you care about) are not
>>>> point-to-point.
>>> Fixed with:
>>>     The Virtual Private Networks (VPN) that are being discussed here are
>>> point-to-point connections that enables two computers to communicate
>>> over an encrypted tunnel.
>>>
>>>> 5.2.8.1: "There are multiple implementations and protocols used
>>>> in provisioning a VPN" do you really mean provisioning a VPN
>>>> there? That'd mean something else for some IETFers. I think you
>>>> mean setting up a personal VPN for a single user but not quite
>>>> sure.
>>> Fixed with: "There are multiple implementations and protocols used in
>>> the deployment of VPNs,"
>>>
>>>> 5.2.8.5: The URL for [PET2015VPN] didn't work for me. I found
>>>> the paper elsewhere though.
>>>>
>>> Works fine for me.
>>>
>>>> 5.2.8.7: This bit seems fairly repetitive, other than the
>>>> timing/correlation issues. You could maybe say that more
>>>> briefly.
>>> Tossed the first two sentences.
>>>> 5.2.10: The URL for [Walfish] doesn't point at the named paper
>>>> - what's up there?
>>> Fixed - but then we removed the whole section :)
>>>
>>>> 5.2.11 (and elsewhere): "Many individuals, not excluding IETF
>>>> engineers, have argued..." I hate constructs like that that
>>>> assert that somebody somewhere (unnamed) thinks/says something.
>>>> I don't see why any such assertions (of rumour basically) ought
>>>> be in the RFC series. There are other examples of this
>>>> construct in the draft.
>>>>
>>> It has been argued on the list. Would you prefer a link to the list
>>> email? I think this a quite broadly shared opinion, so I don't really
>>> think it's problematic.
>>>
>>>> 5.2.11: Not all DoS attacks flood with traffic. Some might
>>>> consume CPU cycles, in future some will consume limited power,
>>>> and could be used in a DDoS. I don't think it's useful here
>>>> (for the IETF audience) to define 3 types of DDoS attack.
>>>>
>>> Fixed:
>>>
>>>     Technically DDoS attacks are when one or multiple host overload the
>>> bandwidth or resources of another host by flooding it with traffic or
>>> making resource intensive requests,
>>>
>>> Re: Definition: why not?
>>>
>>>> 5.3: "Having established how..." I don't think you established
>>>> the "how." It'd be fair to do s/how/that/ though. (Twice.) That
>>>> sentence is also overlong. Also "... by detailing how..." is
>>>> similarly not correct.
>>>>
>>> In the previous steps we have established that human rights relate to
>>> standards and protocols and offered a common vocabulary of technical
>>> concepts that impact human rights and how these technical concept can be
>>> combined to ensure that the Internet remains an enabling environment for
>>> human rights. With this the contours of a model for developing human
>>> rights protocol considerations has taken shape. This subsection provides
>>> the last step by detailing how specific technical concepts identified
>>> above relate to human rights, and what questions engineers should ask
>>> themselves when developing or improving protocols. In short, it presents
>>> a set of human rights protocol considerations.
>>>
>>>> 5.3.1: 1st para is repetitive. Delete it.
>>>>
>>> I feel like some concrete cases here bring the focus back to the
>>> questionnaire.
>>>
>>>> 5.3.1: The term "ICTs" isn't common in the IETF community. I'd
>>>> say rephrase stuff to not use that.
>>> But it is used in the slides of Bless and Orwat, that's why it's there.
>>>
>>>> 5.3.2.x.y: Having such deep levels of TOC makes life harder for
>>>> readers and those commenting and later using this. Flatten it
>>>> tall out. Or, do you even need the 5.3.2.x.y headings at all?
>>>> (Some of the section titles don't map that well to the
>>>> content.)
>>> What doesn't map out? I think the numbers have been extremely handy in
>>> reviewing. If people share this opinion I can remove them at the end of
>>> Research Group Last Call
>>>> 5.3.2.1.1: s/e2e principle/e2e argument/ again:-)
>>>>
>>> We cut the discussion up in the doc, but here it makes sense I'd say,
>>> because it can concretely impact human rights.
>>>
>>>
>>>> 5.3.2.1.1: the communication content would be concealed, not
>>>> the act of communication
>>> Fixed.
>>>
>>>> 5.3.2.x.y: It'd be a very good idea to add an appendix that
>>>> lists the questionnaire questions only (with those being
>>>> numbered). That way, people who want to do this analysis can
>>>> just use that part (at least the 2nd time).  If doing that,
>>>> please ensure each question also has an unique number/label in
>>>> the body of the document too, so that folks can find/correlate
>>>> things.
>>> I would prefer doing this in another document once this one is done.
>>>
>>>> 5.3.2.1.4: The last para of explanatory material should not
>>>> re-define COMSEC etc. Just point people at RFC3552/BCP72.  (But
>>>> as BCP72.) The global adversary is also not purely passive, I'd
>>>> lose that phrase.
>>> Done.
>>>
>>>> 5.3.2.1.5: "many protocols" is not usefully true I think.
>>> Maybe you should take up that problem with
>>> https://tools.ietf.org/html/rfc2277#section-2 ;)
>>>> 10.2: delete this.
>>>>
>>> Done!
>>>
>>> Thanks again!
>>>
>>> Corinne & Niels
>>>
>>>
>>>
>>> _______________________________________________
>>> hrpc mailing list
>>> hrpc@irtf.org
>>> https://www.irtf.org/mailman/listinfo/hrpc
>> -- 
>> Mallory Knodel
>> Association for Progressive Communications :: apc.org <https://apc.org>
>> gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
>>
>>
>> _______________________________________________
>> hrpc mailing list
>> hrpc@irtf.org
>> https://www.irtf.org/mailman/listinfo/hrpc
>>
>
>
> _______________________________________________
> hrpc mailing list
> hrpc@irtf.org
> https://www.irtf.org/mailman/listinfo/hrpc

-- 
Mallory Knodel
Association for Progressive Communications :: apc.org <https://apc.org>
gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780