Re: Identify AI bots in emails at IETF?
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 17 October 2019 13:00 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32ED9120121 for <ietf@ietfa.amsl.com>; Thu, 17 Oct 2019 06:00:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.476
X-Spam-Level:
X-Spam-Status: No, score=-1.476 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.172, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sxhrTGWjUpGY for <ietf@ietfa.amsl.com>; Thu, 17 Oct 2019 06:00:29 -0700 (PDT)
Received: from mail-oi1-f178.google.com (mail-oi1-f178.google.com [209.85.167.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 263CB1200D8 for <ietf@ietf.org>; Thu, 17 Oct 2019 06:00:29 -0700 (PDT)
Received: by mail-oi1-f178.google.com with SMTP id i185so2029149oif.9 for <ietf@ietf.org>; Thu, 17 Oct 2019 06:00:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=m8OOci/z/ALMmiI1hNP5RXtbbJjKvCuNIMhKH6mxQ+I=; b=b5J/pAG96hp1DKxXGaXQBjk616wH45wvLJt4iSDaBo5Wvny7+G0aPVEyjEmfoOe4lI 95aISFwWvVcVCLEN4jHDIlHvZGL8mR0wRTZqlngZ3D0187ypDgkvOgA0en/+cNvlqrpV KqV75rCRey7Drd1ZhFNjcAUOAagA0EhPqdeFrBs5dxM6Oh8HC2hmjiswRdneDi/JMl0u I6lJuislPI6OYLvxQS56BVAUqWxY+7dBTBaORZu8m6F3h4aD6IawS1xr1ttnCZTLqLaA oKb+F6v8UyBFU18HZHhqve1vt2b79VFZ2/HUoywYgwwejOh+CQ4Xsve+wjo1+ImmxM09 2Bwg==
X-Gm-Message-State: APjAAAXP8vFFB1Lcy+SQo4OFqP5Um6RBBiIdqWzpQ44Ysf3fJIRFPYRs jiiUW7mMQQ2LYAn1hpyrUlLcmb5vOLn/G699f10=
X-Google-Smtp-Source: APXvYqyWOuI8yMIkaGP3uFMIo254Dh/igRPUEt4NFZiJwrUYd+WlyWM7xmK6Y57UVVBDjGou2ljttG/s8yf1kXbTMOQ=
X-Received: by 2002:aca:7543:: with SMTP id q64mr3159938oic.95.1571317228177; Thu, 17 Oct 2019 06:00:28 -0700 (PDT)
MIME-Version: 1.0
References: <91c56549-23f7-ab70-fb6a-02368fbb3e9f@gmail.com> <424B598D-34C4-44ED-AA8C-BBECD4D5C4F2@cisco.com>
In-Reply-To: <424B598D-34C4-44ED-AA8C-BBECD4D5C4F2@cisco.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 17 Oct 2019 09:00:15 -0400
Message-ID: <CAMm+Lwh+Gb82vO8S+rSudLje77H+z7e2+uqCdjNq_tevPTAcyA@mail.gmail.com>
Subject: Re: Identify AI bots in emails at IETF?
To: Eliot Lear <lear@cisco.com>
Cc: Alexandre Petrescu <alexandre.petrescu@gmail.com>, IETF Discussion <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000370f8905951acd74"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/4r6v3W3tfaELtJdHzf2sKI1yxE8>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Oct 2019 13:00:33 -0000
On Mon, Oct 14, 2019 at 6:03 AM Eliot Lear <lear@cisco.com> wrote: > It’s a fun question, and there is (at least to me) an obvious answer. In > the good old days we used to have key signing parties at the IETF, and it > would be possible for people to attest that I am indeed me and you are > indeed you. That way, at least you could see by people’s signatures > whether or not there was someone who signed their key who you knew. > > The problem is that the UX would have to keep up with that. I’m not sure > it’s quite up to the task. > > Eliot > What if we could have an automatic key party when people register? This is not something the Mathematical Mesh currently supports but it is certainly one of the things the infrastructure is designed to support. And as it happens we are having a MATHMESH BOF in Singapore. The goal of the Mesh is to make computers easier to use by making them more secure, which demands a really low level of demand on the attendee. And here the point is not to only provide a feature for IETF use, the point is to provide a mechanism that can support validation of people within a PKI. The TLDR here is: QR Codes, Blockchain, mobile app, kiosk in registration area. Needs graduate students willing to write some code and do integration. I just recorded a video giving an outline of the design but it will be a while before I get round to editing it. Here is a brief summary of the proposal. Objective: Establish that a person attended IETF without necessarily verifying the identity of that person with respect to government issued credentials. 1) Assume that people have a Mesh Client Application on their mobile device which has the ability to scan QR codes. 2) Assume that there is something that looks like a picture frame in the registration area. To claim attendance at the IETF, Alice (the attendee) opens up her Mesh Client App and scans the bar code. She is told if she were successful or some error occurred but that is the extent of the interaction. This interaction is of course merely one particular specialization of a generic interaction for exchanging contact information via a mobile phone 'bump'. This is something we should have established as a standard long ago. One of the major Internet companies got very excited about this a few years back. Unfortunately the excitement took the form of buying a company 'to make it happen', pulling the existing app from the stores and then losing interest. So what happens at the protocol level? 0) The application has a public/private key for signing that is credentialed under Alice's personal Mesh 1) The QR code contains UDF of the form udf://example.com/EDX6-OS5A-D4LO-IPT5-EVOR-4QFW-AZWE-4Q This changes at regular intervals so each attendee will register to a different code. 2) Following the process described in: https://datatracker.ietf.org/doc/draft-hallambaker-mesh-udf/ This is transformed into the following URL and resolved. https://example.com/.well-known/mmm-udf/MDWZ-WDB7-FZLG-46QL-UURR-FQ36-UQ2A-6YIX-BG4T-32A2-QHPE-5UPP-MMKA-3YR2 The returned data is a DARE envelope. This is decrypted using the key EDX6-OS5A-D4LO-IPT5-EVOR-4QFW-AZWE-4Q and the Message Authentication Code verified. 3) The decrypted document is a JSON encoded structure yet to be defined that gives the client a Mesh Service Account identifier, ( registration@example.net), a PIN code (NC6B-EYP6-O3JR-54HY-IE45-FOUU-TIPQ) and an indication this is a notarization event. 4) The Mesh Client makes a contact notarization request to registration@example.net. This is signed by Alice's device key 5) The contact notarization request is enrolled in the example.net notarized log. Which is a DARE Sequence verified by a Merkle Tree. This may or may not be made public. [Optimizations are possible here, the picture frame doesn't actually need network connectivity. When it is turned on the first time, the admin scans a QR code which causes a shared secret to be passed to the example.net service and this is used to generate the QR code and other data via a counter and a KDF.] So what do we get from all this? Assuming that the example.net notarized log is cross notarized with other authorities, the work factor for defection increases to an infeasible level very very quickly. So Alice can establish that her phone 'bumped in' at the registration desk. We can have separate discussion of how public this should be and whether we want to have binding factors, zero knowledge and such (more grad student projects). The amount of validation we get from a single unverified bump in is small. But if we do it every meeting, it can rapidly mount up. Someone who has bumped in at a dozen IETFs... that alone is pretty compelling that there is a person there, not a bot. Someone who have bumped in at a variety of different conferences, RSA and IETF and ICANN, much stronger still. Now assume everyone is using the Mesh, it is a part of the Android and iOS operating systems, etc. We can make bump-in the default means of registration for the conference. Instead of being a standalone display in a picture frame sorta thing, the QR code generators are linked in to the conference reg system so that when I bump in, my badge starts printing or it appears on the console of the person with that box of badges. And one more thing, One of the things that irritates me about public events is that everyone is on their phone taking not very good pictures. And they only get one set of pictures from one angle at best. What if we could share and it was painless to do so? When I bump-in, I could collect a URL for a Web site with photos for that event that people have uploaded. And I can upload my own (if I choose). So we get the gift exchange going. And of course, since it is the Mesh underneath, we can exchange encrypted documents. I have been thinking a lot about the 'revenge porn' issue of late and think I have some answers there.
- Identify AI bots in emails at IETF? Alexandre Petrescu
- Re: Identify AI bots in emails at IETF? Eliot Lear
- Re: Identify AI bots in emails at IETF? Masataka Ohta
- Re: Identify AI bots in emails at IETF? Phillip Hallam-Baker