IETF Logo Mail Archive

Re: [hrpc] HRPC recharter

Eric Rescorla <ekr@rtfm.com> Thu, 05 January 2023 15:10 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CB0BC14F723 for <hrpc@ietfa.amsl.com>; Thu, 5 Jan 2023 07:10:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.896
X-Spam-Level:
X-Spam-Status: No, score=-6.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PVlQj4UKDhC0 for <hrpc@ietfa.amsl.com>; Thu, 5 Jan 2023 07:10:26 -0800 (PST)
Received: from mail-pj1-x102a.google.com (mail-pj1-x102a.google.com [IPv6:2607:f8b0:4864:20::102a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E8DBC14F720 for <hrpc@irtf.org>; Thu, 5 Jan 2023 07:10:26 -0800 (PST)
Received: by mail-pj1-x102a.google.com with SMTP id z9-20020a17090a468900b00226b6e7aeeaso2307549pjf.1 for <hrpc@irtf.org>; Thu, 05 Jan 2023 07:10:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=FDe1IlJi/NZi0/4HrEQBmRLj0lcbPhhMwEKECMnzcw8=; b=ypcQ6xfTXmIF+GfDDNR4RHpTCVW53FTjNIJC0UPdfD3L515IHJAi7rWuJ9dOO8bI/3 nz+B3ucpAc6hDah5T2MuYR0+++Sda6Nqz7dWS97Di7xmyQXK4t8Kvbfnn0ooDgn9ghW2 aZAmw90/CUetLoYDi81cfSwqev/byHhssjiwZqoW+ppbLbK/3DrR+Zc/XIOduTtDSBQj FyehkLHwjt7DdAiMEjOMsg+cDM0bio3rUYHf0DPrOUk1ZYptdYomNv0sx+VLBoLjdu+x 7P3CKZMLOhB8umA8gUI4/US2Edff5i6AOpUNT9njKW/TQUK1ScXHUqnJiniAgFcFfakm 75pA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=FDe1IlJi/NZi0/4HrEQBmRLj0lcbPhhMwEKECMnzcw8=; b=XkoLzYN2hxqwyqlrztTvIFqhhFIUcTLcFNWaqg/oE3TTrbwbhTMB1/O6hl3zHvyT/A xFm1qIM/D7RD23w0MG4uqOoq26QpWxuyJat9K2YCP48t8/z6d/jjUMrvX70z2mXvXHSA AFsZcDzHvv5PEXSYxR/VF3FnkI+Qb5yAbKQTtsJqXXlJfcx/PgZs0iuXgcJJfOrX9OfD N4nNNPKe7EphPdz/szBkY0Ahe5Pzhk+yEWL3eyrAhSUtMkmmnAoISho5NmJJ62TntkgZ J5dkPlaQ9uoAkEqiV397jhtduzFtJtxsGKilPcNtYlqjVUv91lfOPXU0eQvv6XyJzH8i JO0g==
X-Gm-Message-State: AFqh2kpmxRmkhveUmgeODXvKCDyaSdDA1ln5xROA+Bft+9MCf7s1yvv4 9+7I/TuMSLzy4WN/Ib+LVANGd8JDVFjRoQRhve0ds2BxuUgRyg==
X-Google-Smtp-Source: AMrXdXuXj9Yp+RTshedP54h1xgF+z0EpW6afLqflw82SWbynfDGXHXrb1eZyVpBK2fECabHSIvHsMduEagX6skrx8e8=
X-Received: by 2002:a17:903:4294:b0:192:7e73:f21c with SMTP id ju20-20020a170903429400b001927e73f21cmr2377748plb.23.1672931425354; Thu, 05 Jan 2023 07:10:25 -0800 (PST)
MIME-Version: 1.0
References: <6ddd480d-76ed-a05e-066d-d740fee61441@cdt.org> <CABcZeBO-kN+KmNcGuiAxv5ZidvuZW5A5yjB2mP_ZJCiF1qNLyg@mail.gmail.com> <f727a6c8-7f1e-0db8-46d0-36248b921b79@cdt.org> <CABcZeBPuGUXcAo6z+uSCn=99ct7ALxOP8aQHYX+ncViLitMciw@mail.gmail.com> <ff338456-b2b5-0eec-f18f-be81ef1afe99@cdt.org>
In-Reply-To: <ff338456-b2b5-0eec-f18f-be81ef1afe99@cdt.org>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 05 Jan 2023 07:09:49 -0800
Message-ID: <CABcZeBO_9tjxDTurFr-uaN6OAPR1=Qo7aJNNHMprLPBUyrsAEg@mail.gmail.com>
To: Mallory Knodel <mknodel@cdt.org>
Cc: Hrpc <hrpc@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000579fec05f185b3e8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/sRj8n1Lqf_O7WNmZdz2Ov-XTNCo>
Subject: Re: [hrpc] HRPC recharter
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: hrpc discussion list <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2023 15:10:28 -0000

On Thu, Jan 5, 2023 at 6:59 AM Mallory Knodel <mknodel@cdt.org> wrote:

> Hi,
> On 1/4/23 4:17 PM, Eric Rescorla wrote:
>
> I see that the proposed charter revises this bullet somewhat to remove
>> the comparison to 6973, but I think it would be good to be clearer in
>> the charter that the intent for the HRPC is not to be some
>> human-rights flavored version of secdir or opsdir. In particular, if
>> guidelines for how to design protocols so that they protect human
>> rights are to have any normative force, they need to come out of the
>> IETF, not the IRTF. And if the intent is to provide something
>> informative, then I think what's needed is something much more like an
>> analysis of problems and a catalog of techniques than guidelines. This
>> is, for instance, what PEARG does.
>>
>> ...
>
> And alternatively if you can point to a place in the charter where this
>> sort of thing appears and is described better than what we have?
>>
> I'm sorry,  I don't think I understand that question.
>
> In an effort to keep this conversation specific to the charter text, I am
> wondering if you feel that PEARG's success in analysis of problems and a
> catalog of techniques lies in the way it's charter is written on these
> points? Because this is what I'm seeing in their charter:
>
> Provide a forum for discussion and analysis of the cryptographic and
> practical aspects of privacy protocols e.g.
> Analyse dependencies between protocols in the larger Internet ecosystem
> and understand the privacy implications in a wider context
> Understand why some protocol design efforts have succeeded and other have
> not
> Formulate better models for analyzing and quantifying privacy risks
> Offer guidance on the use of emerging techniques and new uses of existing
> ones.
>
> It does not in fact look that different than ours. I think that execution
> and interest in bringing research to HRPC is what we need to focus on to
> fix much of what is being raised in the conversation, not necessarily
> charter text.
>

I agree that charter text is not the problem, and I don't think my initial
comments
implied otherwise. Rather, my position is that the charter text *reflects*
a misguided
view of what this group is for and can accomplish and that we should
converge
on a better view and write a charter that memorialized that view.

With that said, however, I think that the charter text is different in two
very material ways:

1. It actually does specifically say to provide the kind of guidance I'm
talking about
(see the last bullet).
2. I think Privacy is much better understood than "Human Rights" and there
is
broader (though not perhaps as broad as in other areas) consensus on what
improving privacy means, and so even similar charter language just is a lot
clearer in the Privacy context.

Ekr

v2.23.0 | Report a Bug | By Email