Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)

Padma Pillay-Esnault <padma.ietf@gmail.com> Wed, 11 October 2017 19:49 UTC

Return-Path: <padma.ietf@gmail.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76DA813307B; Wed, 11 Oct 2017 12:49:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AWGYrQaere_0; Wed, 11 Oct 2017 12:49:54 -0700 (PDT)
Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43A291320CF; Wed, 11 Oct 2017 12:49:52 -0700 (PDT)
Received: by mail-wm0-x22d.google.com with SMTP id u138so7873475wmu.4; Wed, 11 Oct 2017 12:49:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=MzJzM2f0prtnowu+H/s6+7byUFMH4yEClyAZxsAk3AI=; b=f5N+SXiWJk6lUBogi14T3U4+rD/63qMDQLcwM57G6PDScD9zx16efd9Kf741Ip76Pv GAUAcPzrYUSNuPUwVKo9MKQJDWRapTNlGbc3qel77SmKbOlBMK5kjAZ8Pi4SUFq/LWCP 6/Ov1wvThR5pm5MrRAZ+0rBaH3cJJbxndps3ZoFRPhb/QixROO6gX78/52q/PZK8DkeK ccol+5+HEF1Y46nz5VhxSmGpeZWGO5/RPs5eXZePv4va0yT6tQEUahhx/7Ly8nWv/VMS 7SKTb/v+E+gtqB80RFg/iPUnzAQxHJ9FGhQ/iM5Shpdd5c1zKzmHvYAJu87eXWi+ybsx fzXA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=MzJzM2f0prtnowu+H/s6+7byUFMH4yEClyAZxsAk3AI=; b=DjUbzTYRZTa83o5AgVfkv9pCEKfEHMCcFfq4FZBO3ik68d7xBjfADFNhezcpsZcARC Bur8cv6Vv+tNOdXabCyoV9/VR1LYmbgqs0qwEbKZS8rXgmSQJhas6d8yI1J+8MVdl4s1 GK85WIgmtj1EFxeHWY+6zfiV9Cdx+Qjl0MIEyTmfFSEJ6A8qLbRl6Z0rqGmN9G6zyz8k TI+s/QDayP0YYoxQgy1grh/3O24TxaZgiR4cYBtc4KOw6ff9NL3dBs5uVLr93u4c32Yo j1h/mbLqKqE3BZ4PUSHmJtapgRxGZVLsqgXfRtk+Ogn6MhtbS3iQsrBM5oiKAuw9veOp //eA==
X-Gm-Message-State: AMCzsaUlRrcgHSMwhI8f2qUjDu8SLSPftPSRmDloohK/0tVsKwZiyIaL vIz86MTzrs+5/9m1zFW3xc/qwmPcCtS18RY7gXg=
X-Google-Smtp-Source: AOwi7QDvRNvkdyc9kfE45tMTCeyUKCITbQMzuQxZ/MRNL8z0Dimpx5VV6E2QeEaLkgTNdQweljeW9wjCKVJQAKaRDWE=
X-Received: by 10.223.199.15 with SMTP id k15mr99378wrg.111.1507751390728; Wed, 11 Oct 2017 12:49:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.173.86 with HTTP; Wed, 11 Oct 2017 12:49:49 -0700 (PDT)
In-Reply-To: <666d4b84-72e6-8d5a-cc67-8c698d07c5b9@huitema.net>
References: <150670160872.14128.2758037992338326085.idtracker@ietfa.amsl.com> <6.2.5.6.2.20171007163002.11c897a0@elandnews.com> <CAG-CQxpnHKtov+pj6YFL0wxnO3YX7mbLUA9uHUkVQbHqE3A1rQ@mail.gmail.com> <6.2.5.6.2.20171008102541.11499408@elandnews.com> <CAG-CQxpEb8Lcjy0M5445K4Ob+nQW15WeEooggcxpb=hToB4HZw@mail.gmail.com> <CALx6S372+69EkycAJ_y6b_rJnMw3ncFEZzhVFyWsA+3GbxHaZA@mail.gmail.com> <CAG-CQxpUKT9gt7ZggVPzWpxQjYfO2nzVzpmp-Dfsav7CKnmTQQ@mail.gmail.com> <01dd6551-16f6-46e2-e861-94285c160f35@gmail.com> <28999ddc-840a-30c6-5b22-bc9b2e06a2a7@htt-consult.com> <e34f2c28-f444-4b79-10d9-ea861a72e993@cs.tcd.ie> <bc66de9c-aa62-1433-fe93-64871dc5bb67@htt-consult.com> <666d4b84-72e6-8d5a-cc67-8c698d07c5b9@huitema.net>
From: Padma Pillay-Esnault <padma.ietf@gmail.com>
Date: Wed, 11 Oct 2017 12:49:49 -0700
Message-ID: <CAG-CQxrJvxK4O7ap9WckqPQSkp0OP0Wwvwvrd=3RU3Kr32Ytvw@mail.gmail.com>
To: Christian Huitema <huitema@huitema.net>
Cc: Robert Moskowitz <rgm-ietf@htt-consult.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Brian E Carpenter <brian.e.carpenter@gmail.com>, IETF Discussion Mailing List <ietf@ietf.org>, ideas@ietf.org
Content-Type: multipart/alternative; boundary="089e0824490c0dd9ed055b4aba71"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/hQ6ZSHWEJ4hMw3Vjt-_g4owxHb0>
Subject: Re: [Ideas] WG Review: IDentity Enabled Networks (ideas)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Oct 2017 19:49:57 -0000

On Wed, Oct 11, 2017 at 9:19 AM, Christian Huitema <huitema@huitema.net>;
wrote:

>
>
> On 10/11/2017 9:11 AM, Robert Moskowitz wrote:
>
> On 10/11/2017 11:20 AM, Stephen Farrell wrote:
>
>
> On 11/10/17 16:12, Robert Moskowitz wrote:
>
> And interesting that it seems there have been no major breachs of things
> like SIM databases but ones with extensive PII have.
>
> https://www.theguardian.com/us-news/2015/feb/19/nsa-gchq-sim
> -card-billions-cellphones-hacking
>
> Admittedly quite a sophisticated attacker.
>
>
> Well, that is a horse of a different color.
>
>
> Don't forget that what the spooks can do today, the gangsters will do
> tomorrow, and the high school kids not so long after that...
>

If we (community of IETF) decide no work should be done unless we have an
absolute fool-proof system against insider attacks (which I do not believe
we have an answer to that) or correlation by transitivity to humans then I
would like to have some clarifications.

The need for privacy is a given and no one is disputing that but where I
struggle is in what context?

(1) Discovery vs tracking
What is considered discovery and what is considered tracking?
If you can discover then you can track? So the only way is to access
control the discovery and this is what this proposal is about!

(2) Type of data, transitivity to human
What type of data are we talking about here? Do we believe that having
careful applications where encrypted sensitive data are not colocated with
location information so that attacks will require multi-level attacks on
multiple systems and cross-referencing a deterrent and good enough? If on
top of that we have sensitive information (human) encrypted database with
one way communications and changing identifiers etc etc as discussed.... is
that a good start or not even close?

(3) Tracking as a business model
How about companies specialized with services of tracking and discovering
things?
Pet tracking ? How about the truck driver with assisted driving?  Asset
tracking as in bikes where people swipe a wireless card? How would this
business model even work if they cannot recover their assets because we can
track a person through transitivity?

(4) Tracking who and by whom
More concerning to me is that privacy is tricky, depending on the
perspective...
We want to protect the "good" guys but isn't that also enabling the privacy
of the "bad" guys?
Should the individual behind mirai bonnet attacks or gansters be entitled
to privacy and non tracking?

(5) Tracking is all evil?
BUT then there is this annoying question that comes back to my mind .. do
we EVER consider that human tracking is needed or beneficial?
What about disaster recovery scenarios or emergency services or people who
willingly want to participate in such a service?

For example with an aging population, assisted living with monitoring
health devices is a trend in the industry. These devices can be mobile. Not
everyone can afford a caregiver full time ... So is it just going to be "no
sorry ma'am someone may use this technology to do bad things with it?" It
might be a matter of life and death to be able to track a person.

The truth is that these services exist today outside of IETF technology and
people are willingly subscribing to it because their priorities are
different.


While I completely agree we should be careful in what we do.

Disclaimer trying to clarify how/where ideas is situated in all that?
1. It was not aimed for a wide scale deployed on the internet but it may be
large enterprises.
2. It had no human info but it has been inferred this may be possible
through transitivity
3. It has changing identifiers

So we need protection  - again no one disputes that ... if we have better
technology let's integrate it.

Let's not through the baby with the bathwater ...



Padma

-- 
> Christian Huitema
>
>