IETF Logo Mail Archive

Re: [hrpc] [irsg] Review of draft-irtf-hrpc-guidelines-13

Colin Perkins <csp@csperkins.org> Sun, 02 October 2022 12:44 UTC

Return-Path: <csp@csperkins.org>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A25AC1522DB; Sun, 2 Oct 2022 05:44:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.407
X-Spam-Level:
X-Spam-Status: No, score=-4.407 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=csperkins.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mMo3FKAxU9x4; Sun, 2 Oct 2022 05:44:20 -0700 (PDT)
Received: from mx1.mythic-beasts.com (mx1.mythic-beasts.com [IPv6:2a00:1098:0:86:1000:0:2:1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E910C1522B5; Sun, 2 Oct 2022 05:44:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=csperkins.org; s=mythic-beasts-k1; h=Date:Subject:To:From; bh=gImRAZhDjICVPS1qsoXYDXOKf28UZMJHLe1LZmos8tg=; b=nQRaZH2u8G3jH6c8Pvr5JTmvTZ sfCGoqSReKNqSDsIUoQZGsSGQVIOCE3dn7ai8o2OFl4I4qP+NGBTcmapGmsc4tF4DOD7HNOwikGge wMRbkzi+g15CNKP7hOgpAM/gaXnTqUQaxmTz+Cd37RBU9hJjMHwKUQqm4Q/OFJ9yiCSMx0gze7vCR Uyroq4VGhrH0vIeBRs3/0UE9wWWxqBzdyvu6X4C4tAuV1d7a67us6iN1FFG8IdmUKMT2eAsOHB8Mo tvGoI+82uXuvnFv3x3K9NZMvke+ajakDwPjGk0D1MdUPKuMI2kJA+pHixoEH91GAMCswkpBbbu9vb nbMR6gBQ==;
Received: from [81.187.2.149] (port=48098 helo=[192.168.0.72]) by mailhub-cam-d.mythic-beasts.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <csp@csperkins.org>) id 1oeyKN-000eFm-TY; Sun, 02 Oct 2022 13:44:16 +0100
From: Colin Perkins <csp@csperkins.org>
To: Jane Coffin <jane@connecthumanity.fund>
Cc: "Brian Trammell (IETF)" <ietf@trammell.ch>, hrpc@irtf.org, draft-irtf-hrpc-guidelines@ietf.org, irsg@irtf.org
Date: Sun, 02 Oct 2022 13:44:07 +0100
X-Mailer: MailMate (1.14r5920)
Message-ID: <B5AE2504-2475-4692-9A99-D565FD2BC50D@csperkins.org>
In-Reply-To: <CAAk_8j0iW4Szk76_GJ1BeqRbu2HJ+pSLFv9smxVH6o81Fr9Q4Q@mail.gmail.com>
References: <5F4C1659-9E41-4257-AE1A-8E4937AA1997@trammell.ch> <CAAk_8j0iW4Szk76_GJ1BeqRbu2HJ+pSLFv9smxVH6o81Fr9Q4Q@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_MailMate_E4431A4F-4EA4-4440-9740-187F64178D45_="
Embedded-HTML: [{"plain":[231, 7659], "uuid":"1EC9B826-ADC5-415C-8552-C22C44F24076"}]
X-BlackCat-Spam-Score: 0
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/h5XArf4DZiCH1CxlEMhj5TslGDU>
Subject: Re: [hrpc] [irsg] Review of draft-irtf-hrpc-guidelines-13
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: hrpc discussion list <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Oct 2022 12:44:25 -0000

Thank you, Jane and Brian, for the detailed IRSG reviews. The authors 
should now review these comments and discuss with the IRSG reviewers, 
then update the draft as necessary.

Colin



On 27 Sep 2022, at 9:18, Jane Coffin wrote:

> Hi All -
>
> I have done a review of the HRPC guidelines doc as well.
> Please see the attached.
>
> Jane
>
> On Thu, Sep 8, 2022 at 1:30 PM Brian Trammell (IETF) 
> <ietf@trammell.ch>
> wrote:
>
>> Greetings, all,
>>
>> I've reviewed draft-irtf-hrpc-guidelines-13 for the IRSG.
>>
>> I believe the document is on the right track, and thank the authors 
>> and
>> the RG for what has clearly been a lot of work. However, in my 
>> opinion the
>> document still needs a bit more work, or at least consideration, 
>> before it
>> is ready for publication as an IRTF RFC.
>>
>> tl;dr: section 4 is a very useful discussion, but I think the 
>> document and
>> the work would benefit from a more systematic examination of the 
>> guidelines
>> in section 4, which will probably lead to changes in structure more 
>> than
>> changes in content.
>>
>> Indeed, the document is quite useful in its current state, and I 
>> quite
>> enjoyed reading it. Though it claims not to be a taxonomy or an 
>> exhaustive
>> study, the considerations in section 4 seem pretty thorough to me. 
>> The rest
>> of my comments follow in no particular order, though I'll save purely
>> editorial comments for the end.
>>
>> The abstract and introduction state that the document has been 
>> "reviewed,
>> tried, and tested" by the RG. "Reviewed" I accept at face value, 
>> though it
>> is unclear how the document was "tried and tested". Have each of the 
>> review
>> categories in section 3 been run at least once by the RG/review team?
>> Should the document link to some instance of each of these kinds of 
>> reviews
>> (whether within the RG, or without)?
>>
>> Section 3 seems to be missing a recommendation about who reviewers 
>> should
>> be. Is this the shepherd, someone appointed by the WG chair, a 
>> cross-IETF
>> group of interested people, people with more or less familiarity with 
>> the
>> specifics of the context the protocol is developed in, all or none of 
>> the
>> above?
>>
>> Though happy with its completeness, I found myself unsatisfied with 
>> the
>> structure of section 4, and I wonder whether this is an editorial 
>> issue or
>> a signal of something deeper. Certain subsections of section 4 can be
>> naturally grouped together -- in some cases, leading me to wonder 
>> whether
>> they should be merged. Other subsections tie pretty deeply into 
>> existing
>> processes (formal or cultural) within the IETF, which raises the 
>> question
>> of whether the document should directly address the gaps between 
>> these
>> processes and their ideal, from a human rights standpoint.
>>
>> Specifically:
>>
>> - Sections 4.1 and 4.2 are points on a continuum, basically stating 
>> that
>> "if your protocol doesn't work in all contexts in which the Internet 
>> might
>> be deployed, then you're disadvantaging people"... which is true, and
>> stronger IMO if stated more directly. Section 4.1 is entitled
>> "connectivity" but mixes the end-to-end principle with reliability 
>> under
>> bandwidth and latency challenges (though Reliability is the title of
>> section 4.2).
>>
>> - Sections 4.4 and 4.5 seem like they were originally a single 
>> section
>> named Internationalization and Localization, and then were split. I'd 
>> merge
>> them again, because many of the points made in one apply to the other 
>> and
>> vice versa. Accessibility (section 4.18) also seems like it's 
>> following the
>> same general principle -- internationalization and localization deal 
>> with
>> application/presentation barriers tied to language, while 
>> accessibility in
>> a protocol context deals with application/presentation barriers tied 
>> to
>> mostly-nonlinguistic aspects of user experience, though in an 
>> Internet
>> context accessibility generally applies to application layer 
>> protocols
>> payload presentation (and the applications above them). Please 
>> consider
>> treating them together.
>>
>> - Sections 4.6, 4.7, and 4.17 overlap quite a bit -- adaptability 
>> goes
>> hand in hand with openness of standard and implementation, and 
>> adaptability
>> and support for heterogeneity are also intrinsically linked. Perhaps 
>> these
>> are third-level subsections of an overarching second-level 
>> subsection?
>>
>> - Similarly, sections 4.8-4.10 cover properties of communications 
>> security
>> protocols, and then we come to section 4.11, entitled Security, and 
>> section
>> 4.12 on privacy (which overlaps with Confidentiality as a property),
>> followed by sections 4.13 and 4.14 on Pseudonymity and Anonymity
>> (themselves privacy preserving techniques). These sections also cover
>> ground covered by existing formal and informal practices in the IETF, 
>> on
>> security and privacy considerations within documents. As a user of 
>> this
>> document, I'd prefer this entire set of considerations to be split 
>> out into
>> their own section, since unlike the other sections they do cover 
>> properties
>> of the protocol and its description already covered by existing 
>> practice
>> and process. What I'd like to know as an HRPC reviewer is what I need 
>> to
>> look for in existing security and privacy considerations sections to 
>> find
>> gaps in human rights considerations that might need to be addressed. 
>> What's
>> the delta between existing S&P guidelines and those in this document?
>>
>> To be clear, I'm not suggesting that the authors and the RG 
>> restructure
>> the document from a document usability standpoint; rather, I'm 
>> pointing out
>> what appear to be structural issues in the document in case these are 
>> an
>> indication that the RG's thinking on these points might be 
>> incomplete. Or,
>> in other words, the RG did not set out to build a taxonomy, but 
>> having
>> almost done so, is it worth finishing the job?
>>
>> That said, there are a couple of guidelines that stand out to me as 
>> less
>> applicable, specifically:
>>
>> - Section 4.16 Outcome Transparency asks what appears to me to be an
>> impossible question. I'm of course aware of the harms of unintended
>> consequences, but I'm not sure how I, as a protocol designer, could
>> usefully apply this question to my work. The only wise answer to "are 
>> the
>> effects of your protocol fully and easily comprehensible...?" is 
>> "no", and
>> no action I can take not involving a time machine will flip it to 
>> "yes". So
>> this observation probably belongs in the frontmatter of section 4, as
>> opposed to being a guideline itself. Section 4.21 is similarly 
>> difficult to
>> actually apply: it seems to reduce to "have you thought of anything 
>> you
>> haven't thought of yet?", which is tautologcially "no".
>>
>> - Section 4.20 points to an unsolved (and at first glance very 
>> difficult
>> to solve) problem in providing recourse to remedy, which is an 
>> interesting
>> point, but maybe not a guideline per se.
>>
>> Throughout section 4, I found the choice of which rights were 
>> impacted by
>> which consideration to be mostly arbitrary, in that in most cases I
>> couldn't come up with a convincing argument for why the impacts 
>> listed were
>> tied to the guideline at hand, or a good reason why a missing 
>> impacted
>> right was missing. The most glaring of these: section 4.12 "Privacy" 
>> does
>> not list the "Right to Privacy" as impacted, which seems... 
>> incorrect. It's
>> not clear to me that the Impacts sections are all that useful, 
>> though,
>> unless someone is trying to pick and choose which human rights not to 
>> care
>> about (not a use case we should optimize for, IMO), so might be 
>> painlessly
>> omitted.
>>
>> and as promised, one editorial nit: section 3.1 appears to 
>> incorrectly
>> cite section 3.3 as the source of guidelines; this should point to 
>> section
>> 4.
>>
>> Again, many thanks for an informative, well-written, and useful 
>> document,
>> and I hope these comments are similarly useful to you.
>>
>> Cheers,
>>
>> Brian
>>
>>

> _______________________________________________
> hrpc mailing list
> hrpc@irtf.org
> https://www.irtf.org/mailman/listinfo/hrpc

v2.23.0 | Report a Bug | By Email