[hrpc] Upcoming draft on an overall report of the work
Avri Doria <avri@acm.org> Mon, 12 October 2015 18:43 UTC
Return-Path: <avri@acm.org>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF27A1B2C4B for <hrpc@ietfa.amsl.com>; Mon, 12 Oct 2015 11:43:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.465
X-Spam-Level: *
X-Spam-Status: No, score=1.465 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fe4RBnX4boOM for <hrpc@ietfa.amsl.com>; Mon, 12 Oct 2015 11:43:33 -0700 (PDT)
Received: from atl4mhob06.myregisteredsite.com (atl4mhob06.myregisteredsite.com [209.17.115.44]) by ietfa.amsl.com (Postfix) with ESMTP id EAA511B3359 for <hrpc@irtf.org>; Mon, 12 Oct 2015 11:43:32 -0700 (PDT)
Received: from mailpod.hostingplatform.com ([10.30.71.208]) by atl4mhob06.myregisteredsite.com (8.14.4/8.14.4) with ESMTP id t9CIhTZA001771 for <hrpc@irtf.org>; Mon, 12 Oct 2015 14:43:29 -0400
Received: (qmail 6535 invoked by uid 0); 12 Oct 2015 18:43:29 -0000
X-TCPREMOTEIP: 68.15.42.104
X-Authenticated-UID: avri@ella.com
Received: from unknown (HELO ?127.0.0.1?) (avri@ella.com@68.15.42.104) by 0 with ESMTPA; 12 Oct 2015 18:43:29 -0000
To: hrpc@irtf.org
From: Avri Doria <avri@acm.org>
X-Enigmail-Draft-Status: N1110
Organization: Technicalities
Message-ID: <561BFF4E.6040607@acm.org>
Date: Mon, 12 Oct 2015 14:43:26 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Antivirus: avast! (VPS 151012-0, 10/12/2015), Outbound message
X-Antivirus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/hrpc/wZLZoyvHASfxnD7CkUQaEAyK5Ao>
Subject: [hrpc] Upcoming draft on an overall report of the work
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: avri@acm.org
List-Id: "niels@article19.org" <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Oct 2015 18:43:35 -0000
Hi, While somewhat early, wanted to proposed a document that the RG, assuming we continue to actually becoming an RG, could eventually use report of the work and first considerations once we get further down the road. This proposal, would bring together much of the work that we are doing in a single draft that we could then put forward for consideration as a RFC. At this point it is more of a glorified outline than the document I plan for it to become, but, before going too far down the road figured I should put it out as a draft, draft-doria-hrpc-report-00, before Yokohama. Which means I need to get as far as I am going to get by the 19th. In keeping with the tradition that has been set in this group of floating the markdown version of the drafts on this list before putting them out as a IDs, I enclose the following. --- title: Human Rights Protocol Considerations - Research Report docname: draft-doria-hprc-report date: 2015-10-11 category: info ipr: trust200902 area: IRTF workgroup: Human Rights Protocol Consideration RG keyword: Internet-Draft stand_alone: yes pi: rfcedstyle: yes toc: yes tocindent: yes sortrefs: yes symrefs: yes strict: yes comments: yes inline: yes text-list-symbols: -o*+ author: - ins: A. Doria name: Avri Doria org: Technicalities email: avri@acm.org normative: informative: RFC1958: RFC1984: RFC2026: RFC2639: RFC2919: RFC3365: RFC5890: RFC5891: RFC5892: RFC5893: RFC6162: RFC6783: RFC6973: RFC7230: RFC7231: RFC7232: RFC7234: RFC7235: RFC7236: RFC7237: RFC7258: UDHR: title: The Universal Declaration of Human Rights date: 1948 author: org: United Nations General Assembly target: http://www.un.org/en/documents/udhr/ HRPC-GLOSSARY: title: Human Rights Protocol Considerations Glossary date: 2015 author: - ins: N. ten Oever - ins: A. Doria - ins: D. K. Gillmor target: https://www.ietf.org/id/draft-dkg-hrpc-glossary-00.txt HRPC-Method: title: Human Rights Protocol Considerations Methodology date: 2015 author: - ins: J. Varon - ins: C. Cath target: https://www.ietf.org/id/draft-varon-hrpc-methodology-00.txt Cath: title: A case study of codeing rights date: 2015 author: - ins: C. Cath Clark: title: The Design Philosophy of the DARPA Internet Protocols author: - ins: D. Clark seriesinfo: Proc SIGCOMM 88, ACM CCR Vol 18, Number 4, August 1988, pp. 106-114. date: 1988 Blumenthal: title: "Rethinking the design of the Internet: The end-to-end arguments vs. the brave new world" author: - ins: M. Blumenthal - ins: D.D. Clark seriesinfo: ACM Transactions on Internet Technology, Vol. 1, No. 1, August 2001, pp 70-109. date: 2001 Liddicoat: title: Human Rights and Internet Protocols author: - ins: J. Liddicoat - ins: A. Doria target: https://www.apc.org/en/pubs/human-rights-and-internet-protocols-comparing-proc Denardis: title: Protocol Politics author: - ins: L. Denardis date: 2013 Post: title: Internet Infrastructure and IP Censorship author: - ins: D. Post date: 2015 target: http://www.ipjustice.org/digital-rights/internet-infrastructure-and-ip-censorship-bydavid-post/ Zittrain: title: The Future of the Internet - And How to Stop It. date: 2008 author: - ins: J. Zittrain --- abstract This document present an overview of the project to map engineering concepts at the protocol level that may be related to promotion and protection of the freedom of expression and association. This first draft is intended to provide the framework for reporting on the study, initial results and basic considerations. At a later stage it will fold in the work being done in the Methodology and Glossary drafts as well as the work being done in the case studies. It also folds in some of the text included in the original proposal for the HRPC. Discussion on this draft at: hrpc@irtf.org // https://www.irtf.org/mailman/admindb/hrpc --- middle Background ============ The recognition that human rights have a role in Internet policies has become part of the general discourse. Several reports from former United Nations (UN) Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue, have made such relation explicit, which lead to the approval of the landmark resolution "on the promotion, protection and enjoyment of human rights on the Internet" at the UN Human Rights Council (HRC). And, more recently, to the resolution "The right to privacy in the digital age" at the UN General Assembly. The NETmundial outcome document affirms that human rights, as reflected in the Universal Declaration of Human Rights {{UDHR}}, should underpin Internet governance principles. Nevertheless, the direct relation between Internet Standards and human rights is still something to be explored and more clearly demonstrated. Concerns for freedom of expression and association were a strong part of the world-view of the community involved in developing the first Internet protocols. Apparently, by intention or by coincidence, the Internet was designed with freedom and openness of communications as core values. But as the scale and the commercialization of the Internet has grown, the influence of such world-views had to compete with other values, such as ease of development and cost. The purpose of this research is to discover and document the consideration involved in taking human rights into account when creating protocols. In a manner similar to the work done for RFC 6973 {{RFC6973}} on Privacy Consideration Guidelines, the premise of this research is that some standards and protocols can solidify, enable or threaten user rights. As stated in RFC 1958 {{RFC1958}}, the Internet aims to be the global network of networks that provides unfettered connectivity to all users at all times and for any content. Open, secure and reliable connectivity is essential for rights such as freedom of expression and freedom of association, as defined in the Universal Declaration of Human Rights {{UDHR}}. Therefore, considering connectivity as the ultimate objective of the Internet, this makes a clear case that the Internet is not only an enabler of human rights, but that human rights lie at the basis of, and are ingrained in, the architecture of the network. An essential part of maintaining the Internet as a tool for communication and connectivity is security. Indeed, "development of security mechanisms is seen as a key factor in the future growth of the Internet as a motor for international commerce and communication" RFC 1984 [RFC1984] and according to the Danvers Doctrine RFC 3365 {{RFC3365}}, there is an overwhelming consensus in the IETF that the best security should be used and standardized. In RFC 1984 {{RFC1984}}, the Internet Architecture Board (IAB) and the Internet Engineering Steering Group (IESG), the bodies which oversee architecture and standards for the Internet, expressed: "concern by the need for increased protection of international commercial transactions on the Internet, and by the need to offer all Internet users an adequate degree of privacy." Indeed, the IETF has been doing a significant job in this area {{RFC6973}} {{RFC7258}}, considering privacy concerns as a subset of security concerns. {{RFC6973}} Besides privacy, it should be possible to highlight other aspects of connectivity embedded in standards and protocols that can have human rights considerations. This report focuses on freedom of expression and the right to association and assembly online. Terminology ============ Currently defined in draft-dkg-hrpc-glossary to be folded in at appropriate time Link between protocols and human rights ===================================== + Include discussion of value laden engineering as discussed in {{Cath}} + Include discussion of "Values and Networks" work by Roland Bless + Include discussion of principles from NetMundial Multistakeholder Statement Discussion of Universal Declaration of Human Rights (UDHR) and Internet Architecture -------------------------------------------------------------------- This project is focused on two rights defined in the UDHR {{UDHR}}, Article 19 on Freedom of Expression and Article 20 of Freedom of Association. Article 19. : Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers. Article 20. : 1 Everyone has the right to freedom of peaceful assembly and association. : 2 No one may be compelled to belong to an association. Theory -------------- When looking at protocols the considerations can apply from several perspectives. + The protocol's direct effects on human rights on the Internet. + The protocol's direct effect on human rights in combination with other protocols + The effect of specific protocol elements, separately or in combination with other protocol elements on human rights on the Internet + The ability to determine when various effects are occurring, i.e. transparency + The effect of deployment or non deployment. While this may be may seem beyond the protocol itself, often the design of protocol, its difficulty in implementation and the degree to which it contains required elements, poison pills or other protocol artifacts that either encourage or discourse implementation or deployment can be significant in the overall human rights affect of a protocol. Other relevant research ------------------------- Look at some of the academic research on the topic including David Post, Jonathan Zittrain and Laura Denardis, among others. Methodology ============ Currently defined in detail in draft-varon-hrpc-methodolgy to be folded in at appropriate time. this will largely be a reproduction of Section 3 of that document that focuses on the methodology Briefly methodology has included: + scoping the research problem - determining terminology to be use linking engineering and human rights concepts - establishing methodology - case studies on a set of protocols - derivation of possible considerations Case Studies ============ In each of the case studies, the behavior of the protocols is analysed for its positive and negative effects. In some case these effects are due to the design of the protocol itself, in others they are due to existing or absent features. Early versions of the analysis on the following protocols are currently being discussed on HRPC list. Once the discussions have matured those discussions will be folded in this section. DNS -------------- Text being done by Will Scott on the HRPC list. IP -------------- Text being done by Will Scott on HRPC list. HTTP ------------- Text being done by Nex / Claudio on HRPC list. XMPP ------------- Text being done by Will Scott on HRPC list. P2P ------------- Text being done by Nex on HRPC List. Possible areas for protocol considerations ========================================== The case studies point to several areas of protocol behavior that may be appropriate for considerations: + Character encoding for internationalization - DNS Record - Distortion - Injection - Removal - Network Poisoning - Traffic - Interception - Manipulation - Throttling - User Identification - Source and Destination visibility - Tracking Additionally, discussion of the rights themselves and the evidence of these rights being implicits in the IETF design principles {{clark}} and in some of the existing architecture and protocols {{Cath}} {{Liddicoat}}, suggest other considerations. Next Steps ============ Once the first take at consideration are defined, what are the next steps for creating something that can be sesable for protocol designers and implementers in considering freedom of expression and and freedom of association in their work. Acknowledgement =============== A section that include the many contributors of text as as commenters and those who are assisitng this project in existing. IANA considerations =================== There shouldn't be any. Security Considerations ======================= There shouldn't be any. --- --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
- [hrpc] Upcoming draft on an overall report of the… Avri Doria
- Re: [hrpc] Upcoming draft on an overall report of… Corinne Cath