Re: [hrpc] Fwd: [] New paper from IGP on Standards and Human Rights
Corinne Cath <corinnecath@gmail.com> Wed, 02 December 2020 05:23 UTC
Return-Path: <cattekwaad@gmail.com>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A42DA3A0FEC for <hrpc@ietfa.amsl.com>; Tue, 1 Dec 2020 21:23:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9M7ZcDr7oyLa for <hrpc@ietfa.amsl.com>; Tue, 1 Dec 2020 21:23:22 -0800 (PST)
Received: from mail-qv1-xf29.google.com (mail-qv1-xf29.google.com [IPv6:2607:f8b0:4864:20::f29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BFE83A1009 for <hrpc@irtf.org>; Tue, 1 Dec 2020 21:23:22 -0800 (PST)
Received: by mail-qv1-xf29.google.com with SMTP id y11so191845qvu.10 for <hrpc@irtf.org>; Tue, 01 Dec 2020 21:23:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6AwHj1z8u2RoUGcp+n9P3bdZFrrEzZhGB0WCpncMy8o=; b=uQfFfrD0+0ahCnWpHL5ypr56OMV6B8Sgf2Qi5uQI5uQTkwMNIEOQ+NkIQudpTzQyFJ ry50MOveSdwTAa/PqaawcOdFxETVp83lvCgG/OeSUXtBK8FhGlPwwISHjTrso6E2wDkN b45Oo4iGxRzKEavlLSCWHA5KqQ0ZXk90zLo9LZbCyqU+fy9yHF327go9sd3KgjCrAAKx BWTw4F3Dn+gfj8wM+y5Pq3/gdKYo7HtKuxZ74TjjaPYEyMf28XmP0j3SaBdum1zkmDzW H5vy+pY1zA8iyJX7RvIGlJK5eiyKW/N6pYMwtgKht9uafQq7mE892arvBglHlrasyYcL GMPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6AwHj1z8u2RoUGcp+n9P3bdZFrrEzZhGB0WCpncMy8o=; b=OnT3WMWDP/vNgcaWNI8TmTRz4hDWKUzXj18A0KCpHAYpcZgcHhuz5XyZYEy8xZD4/W BXt0YUQFMSomyu0IRoNE9Q0sURnLHjZpKG56Qx9Q/wGOMyYYllP5DRPQROwFZHWH7RAA wARZmb6dkDbputN+09EWFPKZhtDinHoshiTWuuvHWA0i2BuDpRGxkcRWwNvC1OYaPlV4 zVBH7b7ixwlfyF+N4gKFSKiQiQ8TXqYZzAqQ98jxebeuXmTsXwlbuwOfBetCLMssLK0C 7ufYHkhPL+BXRzTYOhX441URE1e2DGCYPlUvVZwgYBm7Dn7+pkDD/ooqvB8bJpzwnFqz hkfg==
X-Gm-Message-State: AOAM531SNQiIcLUoCIAsXcBd0POx/Vho14Okz/PLenb25W2RcHuNasBT zxBkO8fB3zictQupXLcZUvD8g6TuzGEDrZ+e1f6bzN+aRZ3PTg==
X-Google-Smtp-Source: ABdhPJyt5sb0EAzQXN8t8GKRg6JFeLejGJ06KeaV6oKWRN+F3WtPpY0vK2eHb5QzH63FjxirA8F77foJOZ5JBrjcFVE=
X-Received: by 2002:ad4:4a8a:: with SMTP id h10mr961397qvx.55.1606886601400; Tue, 01 Dec 2020 21:23:21 -0800 (PST)
MIME-Version: 1.0
References: <BN6PR07MB28654E467D074EAD7E5A154BA1FC0@BN6PR07MB2865.namprd07.prod.outlook.com> <dc94bc83-5e05-8ecb-696a-63799874f5db@acm.org> <404e48b9-08d6-1df1-15bb-a22234bf5133@cs.tcd.ie>
In-Reply-To: <404e48b9-08d6-1df1-15bb-a22234bf5133@cs.tcd.ie>
From: Corinne Cath <corinnecath@gmail.com>
Date: Wed, 02 Dec 2020 08:23:08 +0300
Message-ID: <CAD499eKfb+giu+VLFCHXJQrNEEZ8Xf1Fgo7KCm9-G76Hn7atow@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: avri@acm.org, hrpc@irtf.org
Content-Type: multipart/alternative; boundary="00000000000012249905b574716a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/lPNFKkGYXQTSt__szxYlowUkM6g>
Subject: Re: [hrpc] Fwd: [] New paper from IGP on Standards and Human Rights
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: hrpc discussion list <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 05:23:25 -0000
Hi, I also read this paper and have some qualms with the bits that Stephen didn’t speak to, i.e. the 3 part framework. I think some of the work misreads STS approaches to protocol politics and flattens the argument made by scholars who focus on the inherent power dynamics of standardization. I also would have liked to see a more elaborate methods section, such that it becomes clear how the historic construction was done and why the authors decided to do this seemingly without in-depth interviews with the individuals involved. Lastly, it’s good to note that this paper has not been peer reviewed yet. Going through that process would, as with I-Ds, would probably help straighten out some of the folds identified on this thread. Kind regards, Corinne On Wed, 2 Dec 2020 at 02:13, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > Hiya, > > On 01/12/2020 19:37, avri doria wrote: > > Hi, > > > > Possibly interesting to some. > > Had a read. I think it's wrong as to the motivations > for TLS1.3 - Snowdonia was IMO only one of those, we > had had a long series of documented attacks on TLS > so TLS1.3 probably would've happened anyway because > of those and the potential RTT improvements. It also > ignores the role of academic cryptographers in the > process of developing TLS1.3 - their proofs and > formal methods and the tools they had for producing > those lead to some of the design choices rather than > any political anything. > > There's also a few minor factual errors in the dramatis > personnae, and some omissions of relevant players. > I suspect those may have been driven by the tools that > we have available for re-constructing working group > histories post-facto, as talking to people involved in > the process should have avoided those. The errors > really are minor and of no real impact, but if they > are down to the methodology used by the authors, but > not described, that's a bit more of interest. > > I've no opinion as to whether the history backs any > of the three theoretical explanatory frameworks or > not, but the paper's interesting as an example of a > reasonable but imperfect reconstruction of what > happened. > > Cheers, > S. > > > > > avri > > > > > > > > -------- Forwarded Message -------- > > > > IGP releases a new research paper on the politics of the new Transport > > Layer Security standard: Standardizing Security: Surveillance, Human > > Rights, and TLS 1.3. > > > > > > > > Standardizing Security develops a conceptual framework for understanding > > the relationship between technical standards and political/social > > effects. We identify three distinct ways of understanding this > > relationship: 1) by examining the interest groups who shaped the > > standard, which we call the Political Economy of Standardization (PES); > > 2) by focusing on the Societal Effects of Standards (SES) which refers > > to cumulative effects of adoption and implementation decisions over > > time; and 3) the idea that politics and rights are embedded in the > > standard; i.e., that Protocols Have Politics (PHP). We then perform a > > detailed analysis of the controversies around the design, adoption and > > implementation of TLS 1.3. > > > > > > > > We find that the PHP approach had limited explanatory value compared to > > the PES and SES approaches. TLS 1.3 does in fact strengthen privacy – > > and technical efficiency – if adopted and implemented as intended. But > > the design of TLS 1.3’s stronger confidentiality measures met with > > resistance from corporate network operators who wanted more visibility > > into their internal networks and some governmental interests, leading to > > the development of an alternate standard by ETSI. There are also > > technical measures that can be deployed to undermine perfect forward > > secrecy. Additionally, authoritarian governments are now taking measures > > to block use of the new protocol. TLS 1.3 was an improvement, but its > > effects were limited. > > > > > > > > By conveying the idea that political, economic and social effects can be > > hard coded into protocol designs, the protocols-have-politics view > > short-circuits careful analysis of the way standards contribute to > > governance. It also drastically overstates the role of protocol design > > in internet governance. Rights advocates and internet governance > > participants need to have more realistic ideas about what measures > > advance human rights on the internet. > > > > > > > > Download the paper here: > > > https://www.internetgovernance.org/wp-content/uploads/StandardizingSecurity-TLS.pdf > > < > https://www.internetgovernance.org/wp-content/uploads/StandardizingSecurity-TLS.pdf > > > > > > > > > > > > Dr. Milton L Mueller > > > > Georgia Institute of Technology > > > > School of Public Policy > > > > IGP_logo_gold block > > > > > > > > _______________________________________________ > > hrpc mailing list > > hrpc@irtf.org > > https://www.irtf.org/mailman/listinfo/hrpc > > > _______________________________________________ > hrpc mailing list > hrpc@irtf.org > https://www.irtf.org/mailman/listinfo/hrpc > -- Corinne Cath - Speth Ph.D. Candidate, Oxford Internet Institute & Alan Turing Institute Web: www.oii.ox.ac.uk/people/corinne-cath Email: ccath@turing.ac.uk & corinnecath@gmail.com Twitter: @C_CS
- [hrpc] Fwd: [] New paper from IGP on Standards an… avri doria
- Re: [hrpc] Fwd: [] New paper from IGP on Standard… Stephen Farrell
- Re: [hrpc] Fwd: [] New paper from IGP on Standard… Corinne Cath