IETF Logo Mail Archive

Re: [Pearg] [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?

Brad Chen <bradchen@google.com> Thu, 05 January 2023 14:01 UTC

Return-Path: <bradchen@google.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D080FC157908 for <ietf@ietfa.amsl.com>; Thu, 5 Jan 2023 06:01:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.597
X-Spam-Level:
X-Spam-Status: No, score=-17.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8GvvgrGSjoi4 for <ietf@ietfa.amsl.com>; Thu, 5 Jan 2023 06:01:29 -0800 (PST)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63A05C151703 for <ietf@ietf.org>; Thu, 5 Jan 2023 06:01:11 -0800 (PST)
Received: by mail-lf1-x129.google.com with SMTP id j17so45671914lfr.3 for <ietf@ietf.org>; Thu, 05 Jan 2023 06:01:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=hRlLCB60/GkInI2TSi2MRRh3E5TLBpi9xM/+oPBIk1s=; b=YV4rje0Y9TsdfY35JJQ7C2ncCNsI7ZZjpY2STx05Kz0f57hgn3RnmXdyaCH4YI5BgM vAvn2XNqPf68JUZ+Ir90wGFTkfx8L+y3DdqN0nQDIMuAMLBUFiaoxuHTO93YonuJ6ooI EZZGzqgWXECgMb3cBYwecZZZOj1MbABu8apUoCaBoGEa/Rdr8SALpJJIyGgYSc5Kz7Xv lgJuJ7PemSWnTI09tt3g4Us+qEabseqruT42KGDW7eVQ4/HlYVQFPJhSic0EK1Wlh+sN mRMaUcXiWZXWjXDYvg2TDDMkfGzfmqLzjYXVr8cq/afSziPM1HzrTi5XqOlTQWdwLSsv gq/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=hRlLCB60/GkInI2TSi2MRRh3E5TLBpi9xM/+oPBIk1s=; b=G5a05z61+XC3ADANIf3uNsYZBAy/7YGLwrJcSFIrGp738z/lm7ZWBcXIcoge0ZvYuF u690Cwxye+x0hL3IzLyxh2VS2zoXGHUvqK+eyeSTL7OyS5KcGlK2QKQ4z/0XnkAlTOE3 iwofv7aXC8E0Aqz0pw16BsWsAkAaIoRPmfgiG+ElscEvuecpnY1COr1lGrEO570MsVUB bo7tmbB6e6RWHkS7319VB/mBPt9mueABnOUDSBRw4TPT2t+y84u0V8VEZ6FwvesWtNit F/+XXDyUg6Bdcwes5B3CCp6pHx0TJddQUdzKbu0+gClAD3lgPAcZs/yyWSUZ8qdYUMdU ihgg==
X-Gm-Message-State: AFqh2kpY/mikhAef/W64k3gNLMMVj/7ZwEU7VpAyXI5LIgx+wdmrcGE1 lzSBVfZW3QSSi/m6j9Cv/latG50n48Fjqich5kB+YA==
X-Google-Smtp-Source: AMrXdXvnxwk+ifABo/bHXMETzQLlwxtrrHYOuiwoCUeCGlCO43EzZHTRE/l1JOlAgKDrEBlC6QQsuQ09yRTpfjEHJ6k=
X-Received: by 2002:ac2:46dc:0:b0:4cb:42e0:5b65 with SMTP id p28-20020ac246dc000000b004cb42e05b65mr365185lfo.689.1672927267752; Thu, 05 Jan 2023 06:01:07 -0800 (PST)
MIME-Version: 1.0
References: <HE1PR0701MB305098F652DBC34E3C40810B89F49@HE1PR0701MB3050.eurprd07.prod.outlook.com> <764163366.39904.1672842828297@appsuite-gw2.open-xchange.com> <CABcZeBNA_nJ2waQVENUvEXro91wAYOcH0ZxWqbLH4hoKcGkosw@mail.gmail.com> <9658281.42904.1672912808774@appsuite-gw2.open-xchange.com> <CA+9kkMBLiijcAyLYn_6h8z3N00EDaxdP=f7P2-qUt4Bn1iSWEg@mail.gmail.com> <HE1PR0701MB30505DC24A725E014D60FE0189FA9@HE1PR0701MB3050.eurprd07.prod.outlook.com> <560fae4b-8624-f4ff-63a9-78e4362a5939@netmagic.com> <CAFzihuVwNEhW0trz6UP-KC6YNOFp+puvUcDkroVJkPXjSe8drQ@mail.gmail.com> <4849a9e151a84a0fadd933da495947eb@huawei.com>
In-Reply-To: <4849a9e151a84a0fadd933da495947eb@huawei.com>
Reply-To: bradchen@google.com
From: Brad Chen <bradchen@google.com>
Date: Thu, 05 Jan 2023 06:00:49 -0800
Message-ID: <CAFzihuWZ6CC+KcBuNibr1NSpQGM4O5rkJveE4LQZXJn12wbX+g@mail.gmail.com>
Subject: Re: [Pearg] [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
To: Antoine FRESSANCOURT <antoine.fressancourt@huawei.com>
Cc: "trutkowski@netmagic.com" <trutkowski@netmagic.com>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, Ted Hardie <ted.ietf@gmail.com>, Vittorio Bertola <vittorio.bertola@open-xchange.com>, saag <saag@ietf.org>, "pearg@irtf.org" <pearg@irtf.org>, "ietf@ietf.org" <ietf@ietf.org>, "hrpc@irtf.org" <hrpc@irtf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000a690fd05f184bbee"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/A-A2W7VjR1TtEw7UaOoaKr6r9Lc>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IETF-Discussion. This is the most general IETF mailing list, intended for discussion of technical, procedural, operational, and other topics for which no dedicated mailing lists exist." <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2023 14:01:34 -0000

On Thu, Jan 5, 2023 at 5:50 AM Antoine FRESSANCOURT <
antoine.fressancourt@huawei.com> wrote:

> Hello,
>
>
>
> I agree with most of what you mention about the right to privacy not being
> absolute, or about the fact that technical solutions that are designed and
> published by the IETF should conform to what the broader society and
> regulations around the globe need.
>
>
>
> My concern with the current state of affairs is that for privacy to be a
> purely philosophical or policy matter, we need to provide society (the
> user, regulators, involved parties) with the tools it needs to communicate
> the way it needs or want. In my view (that might be biased by my western
> philosophical background) it means that individuals need to be completely
> in control of what they use, and who they consent to communicate
> information with. Right now, in some aspects of our communications on the
> Internet, we are unconsciously leaking (meta)data on which we have little
> control, and that are accessible to a variety of parties that have a wide
> variety of reasons for de-anonymizing our communications. When we will be
> in a situation in which identifying the parties of a communication is a
> controlled process rather than the byproduct of unconscious design
> decisions, then we will be in a situation where we are in front of a
> philosophical dilemma, not before.
>
I agree on our charter to deliver the tools, in as much as the tools are
possible. Some are not. I would also point out that we can ameliorate the
situation without developing new technology, by developing understanding
and transparency about the technologies already in people's hands.

>
>
> Best regards,
>
>
>
> Antoine Fressancourt
>
>
>
> *From:* Pearg <pearg-bounces@irtf.org> *On Behalf Of * Brad Chen
> *Sent:* jeudi 5 janvier 2023 14:19
> *To:* trutkowski@netmagic.com
> *Cc:* John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>; Ted
> Hardie <ted.ietf@gmail.com>; Vittorio Bertola <
> vittorio.bertola@open-xchange.com>; saag <saag@ietf.org>; pearg@irtf.org;
> ietf@ietf.org; hrpc@irtf.org
> *Subject:* Re: [Pearg] [saag] Ten years after Snowden (2013 - 2023), is
> IETF keeping its promises?
>
>
>
> I question whether the IETF has the competence to unilaterally determine
> policy in this space. Recent comments on this thread reassure me that some
> of us are at least equipped to recognize the limits of our competence and
> to recognize the discretion that the IETF needs to exercise in how we
> impact policy.
>
>
>
> The right to privacy has never been absolute. The tension between privacy,
> free expression and the public right to know represents some of the most
> challenging questions in moral philosophy and law. When we pretend we can
> unilaterally establish policy through technology, we demonstrate our
> incompetence with regards to disciplines like law and moral philosophy.
>
>
>
> For people interested in the legal and historical background on the right
> to privacy, Amy Gajda's book "Seek and Hide" is excellent. Regarding the
> philosophical foundations of rights and responsibilities, Onora O'Neill has
> published a book "A Philosopher Looks at Digital Communications" that
> provides a gentle introduction to the basics, with some more thorough
> treatment in her book "Justice without Boundaries." A foundational source
> is Immanuel Kant's "Groundwork for the Metaphysics of Morals" which is not
> for the meek.
>
>
>
> The direction explored on this thread represents a tremendous and
> important task. I'm pretty sure the way to fail is for engineers to go it
> alone. To be competent, we need to figure out how to recognize the
> relevance of disciplines like law and philosophy and history, and how to
> benefit from their perspective on these issues.
>
>
>
> Brad
>
>
>
>
>
> On Thu, Jan 5, 2023 at 3:59 AM Tony Rutkowski <
> trutkowski.netmagic@gmail.com> wrote:
>
> With NIS2 coming now coming into force, and the CRA being finalized,
> sorting out some of the threats is underway, although there are now 50
> relevant EU Directives and 55 EU Regulations in force with 16 coming into
> force in 2023 at present count...plus an assortment of Decisions and
> Resolutions that all effect electronic communication mandates.  Most of
> them have extraterritorial application.  In the real world, there are many
> competing requirements, and as Meta recently found out, with significant
> adverse consequences for non-compliance.  It is worth noting that while
> this list resides in the IETF domain, there are several hundred standards
> bodies - many of which are far larger, encompassing more of industry, and
> more relevant than the IETF.  So to borrow a Clint Eastwood phrase, a venue
> has got to know its limitations.
>
> --tony r
>
> On 1/5/2023 6:13 AM, John Mattsson wrote:
>
> Agree that there is not a single threat, and I don’t think it is so
> important to determine which one of the threats that are the biggest. The
> last 10 years IETF has been quite good at securing transit (which is great
> and something we should celebrate) while at the same time mostly ignoring
> endpoint threats. As Vittorio writes, this poses a risk to damage IETF’s
> reputation. Assuming that endpoints are not compromised, not malicious, and
> that the interests align with the interests of the end-users feels quite
> outdated with today’s zero trust principles.
>
> Cheers,
> John
>
> *From: *Ted Hardie <ted.ietf@gmail.com> <ted.ietf@gmail.com>
> *Date: *Thursday, 5 January 2023 at 11:36
> *To: *Vittorio Bertola <vittorio.bertola@open-xchange.com>
> <vittorio.bertola@open-xchange.com>
> *Cc: *Eric Rescorla <ekr@rtfm.com> <ekr@rtfm.com>, John Mattsson
> <john.mattsson@ericsson.com> <john.mattsson@ericsson.com>, ietf@ietf.org
> <ietf@ietf.org> <ietf@ietf.org>, hrpc@irtf.org <hrpc@irtf.org>
> <hrpc@irtf.org>, pearg@irtf.org <pearg@irtf.org> <pearg@irtf.org>, saag
> <saag@ietf.org> <saag@ietf.org>
> *Subject: *Re: [Pearg] [saag] Ten years after Snowden (2013 - 2023), is
> IETF keeping its promises?
>
> A quick response in-line.
>
>
>
> On Thu, Jan 5, 2023 at 10:00 AM Vittorio Bertola <vittorio.bertola=
> 40open-xchange.com@dmarc.ietf.org> wrote:
>
>
>
> Il 04/01/2023 20:33 CET Eric Rescorla <ekr@rtfm.com> ha scritto:
>
>
>
> I still think this was a big fail; in fact, this implies that
> counteraction against surveillance capitalism practices can only happen
> elsewhere, at the regulatory level, as the IETF community either does not
> know what to do about it, or does not want to do anything about it.
>
>
>
> I don't think this is true at all.
>
>
>
> First, the IETF *is* working on issues around privacy and preventing
> various forms of surveillance capitalism. That's in part what initiatives
> like DoH, QUIC, TLS 1.3, ECH, OHAI, MASQUE etc. are about.
>
> Of course you will disagree with what I am going to say, but here is the
> common (though not unanimous) viewpoint from the technical policy community
> of a different part of the world - no offense implied.
>
>
>
> In Europe, "surveillance capitalism" is basically synonymous with a set of
> a few very big American companies that happen to be the ones promoting and
> deploying the standards you mention.
>
>
>
> First, I'm not sure that it is reasonable to assume that there is a single
> European position on anything.  Brussels is not Lisbon and neither is Oslo
> or Budapest.  And within each of those, academics, regulators, and civil
> society may have different opinions.  As in the US, there are folks
> cheering for DoH and people opposed; there are people delighted with OHAI
> and folks depressed about it.
>
>
>
> Second, I think we have to be careful to talk as if there is a single
> threat model here.  At least one of the threat models is truly about
> pervasive surveillance, which reflects an updated understanding that an
> attacker may be omnipresent across the network and thus able to correlate
> activities that a sender or receiver previously assumed could not be
> linked.  That's what RFC 7624, Section 5 described.   Many of the key
> characteristics of protocols like QUIC were designed with this threat model
> in mind; they provide increased confidentiality on the wire.  Because that
> threat model is focused on observation, rather than the capabilities of the
> parties, it has little to do with concerns that a small set of players is a
> party to many different sorts of communications.  That's a different
> threat, and some of the work to address it, like OHAI, starts from very
> different principles as a result.
>
>
>
> Both amongst ourselves and when talking to those working in policy
> circles, I think it is very important to be clear on what threat we
> perceive and what responses target that.   Lumping all the threats and all
> the responses together makes it difficult to see the progress that has been
> achieved and even more difficult to identify where work still needs to be
> done.
>
>
>
> Just my personal opinion, of course,
>
>
>
> regards,
>
>
>
> Ted Hardie
>
>
>
> So, it will be hard to convince people in Brussels or Berlin that those
> standards are meant to put the business model of their proponents under
> check. Actually, they are more likely to lead to the conclusion that the
> IETF is being used as an instrument to further that business model, and
> that the encrypted network architecture that it is promoting is meant to
> disempower end-users and any other party (including European law
> enforcement and privacy authorities) from checking what the endpoints do,
> which information they send and who they send it to, facilitating
> uncontrolled data extraction practices by the private companies that mostly
> control the endpoints, i.e. the above ones.
>
>
>
> There is a general feeling that the bigger threats to user privacy are now
> not in transit, but in or before the endpoints. So, the fact that the IETF
> does not want to consider threats in the endpoints is seen as additional
> evidence for the above.
>
>
>
> --
>
> Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
>
> vittorio.bertola@open-xchange.com
>
> Office @ Via Treviso 12, 10144 Torino, Italy
>
>
>
> _______________________________________________
>
> saag mailing list
>
> saag@ietf.org
>
> https://www.ietf.org/mailman/listinfo/saag
>
> --
> Pearg mailing list
> Pearg@irtf.org
> https://www.irtf.org/mailman/listinfo/pearg
>
>

v2.23.0 | Report a Bug | By Email