Re: IAOC requesting input on (potential) meeting cities

Nico Williams <nico@cryptonector.com> Tue, 04 April 2017 18:15 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39724124281 for <ietf@ietfa.amsl.com>; Tue, 4 Apr 2017 11:15:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.296
X-Spam-Level:
X-Spam-Status: No, score=-4.296 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.796, RCVD_IN_SORBS_SPAM=0.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id twcjEVFA9QiE for <ietf@ietfa.amsl.com>; Tue, 4 Apr 2017 11:15:10 -0700 (PDT)
Received: from homiemail-a106.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2E27120046 for <ietf@ietf.org>; Tue, 4 Apr 2017 11:15:09 -0700 (PDT)
Received: from homiemail-a106.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a106.g.dreamhost.com (Postfix) with ESMTP id 724663000291E; Tue, 4 Apr 2017 11:15:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to:content-transfer-encoding; s= cryptonector.com; bh=u/sE9oPvVx02YUAgQmxVC4hQIlw=; b=dGVPnH+U8Ic u1vIhWpvrQthi0kEc/YLBFFf9c4FKc4HcYFKXWZ7ArruGJ7LswAH4q+rMvQUYdsy 5gyswJQV2BUHDUdgYLUk2V9oYG4iqdLRKESKj+oWHTiTqEs0OigrZIeBVrpAXIhT 5Wg6d/7y0PZPaqdh/l19nEHm49coh/ZI=
Received: from localhost (gzac12-mdf2-1.aoa.twosigma.com [208.77.215.155]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a106.g.dreamhost.com (Postfix) with ESMTPSA id 04E5530002902; Tue, 4 Apr 2017 11:15:08 -0700 (PDT)
Date: Tue, 4 Apr 2017 13:15:07 -0500
From: Nico Williams <nico@cryptonector.com>
To: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
Cc: ietf@ietf.org
Subject: Re: IAOC requesting input on (potential) meeting cities
Message-ID: <20170404181505.GA4004@localhost>
References: <149096990336.4276.3480662759931758139.idtracker@ietfa.amsl.com> <9fee9874-1306-07a2-a84a-4e09381a5336@cisco.com> <E67FDB14-9895-48E0-A334-167172D322DB@nohats.ca> <20170403152624.GA11714@gsp.org> <93404c29-78ba-ff9b-9170-f5f2a5389a31@gmail.com> <E068F01A-B720-4E7A-A60F-AA5BDA22D535@consulintel.es>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <E068F01A-B720-4E7A-A60F-AA5BDA22D535@consulintel.es>
User-Agent: Mutt/1.5.24 (2015-08-30)
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/5G5TiTHliBdhmaayEfjzDuk3BuE>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Apr 2017 18:15:11 -0000

On Mon, Apr 03, 2017 at 06:39:32PM +0200, JORDI PALET MARTINEZ wrote:
> Definitively if that happens to me in EU, I will not provide passwords
> even if I don’t have anything to hide, but just because customer’s
> info confidentiality, signed NDAs, etc. I don’t think that will bring
> me to the jail. However, in US, detention is a fact, right?

It's not.  If you're a U.S. person (citizen, national, or permanent
resident) you cannot be refused entry on account of refusal to provide
passwords to your devices (though, if Customs believes you're carrying
contraband and has sufficient probable cause you might be charged and
arrested, but failure to provide passwords alone is insufficient).  If
you're NOT a U.S. person you may be refused entry, but cannot be
detained indefinitely, and you cannot be refused the right to go home.

The reports of harassment are worrisome, and even more so reports that
lack of devices, or having clean devices, is taken as suspicious.

Employees of many companies simply can't carry non-clean devices if
*credentials* compromise at borders would have negative consequences for
them.  But if carrying clean devices (or no devices) can lead to denial
of entry, then why bother going at all?

All that said, I've been harassed by Customs in Japan and Canada, and I
have heard harassment stories in Argentina (where I hail from) and
elsewhere.  My impression and experience is that Europeans customs are
the least likely to harass visitors.

Nico
--