Re: Request to Charter a New Working Group: Oblivious HTTP (OHTTP)
Vittorio Bertola <vittorio.bertola@open-xchange.com> Wed, 09 June 2021 11:05 UTC
Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4512E3A0D73; Wed, 9 Jun 2021 04:05:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.399
X-Spam-Level:
X-Spam-Status: No, score=-4.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6bKug9UN-b_9; Wed, 9 Jun 2021 04:05:11 -0700 (PDT)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 893FB3A0D43; Wed, 9 Jun 2021 04:05:10 -0700 (PDT)
Received: from imap.open-xchange.com (imap.open-xchange.com [10.20.28.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx4.open-xchange.com (Postfix) with ESMTPSA id 455866A0D9; Wed, 9 Jun 2021 13:05:05 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1623236705; bh=/Cvzzx1WETIWhaHMcyPetYx/mSurAff3JhMQmE99wGE=; h=Date:From:To:In-Reply-To:References:Subject:From; b=mj9MUguLxtGnd46fETsjPI4LgXa9usa3J+b1Q2tPMhJj5HQmE7PUBzf1Wh7eFOwbU 7znI4nEwp/f6zIShQi7Z6J+trQPVZEkugNu0WTFc5hjdo8+qO8uqS6VuAfwbUKOqkR H4Bjm7C4ifUb+jQoc2l9IfN1rgbeUAJt+28WPFHK+sB5LegXoK/UZLTRWSXCWWc1nV dAwkHtw2QLKKhbQVYY6Il5LcTzetJFdG85+9doSrcNT2sNQfM074HZ7hOzsJbhdB3m MAtz9/Ty5xSWCtkmNA27Idil2ksX6UqQlsuSTyy+OzoW9iysCxm52Ac70l/c4qqy0Q haL0u1P3ulECg==
Received: from appsuite-gw2.open-xchange.com ([10.20.28.82]) by imap.open-xchange.com with ESMTPSA id d+uvEGGgwGArdQAA3c6Kzw (envelope-from <vittorio.bertola@open-xchange.com>); Wed, 09 Jun 2021 13:05:05 +0200
Date: Wed, 09 Jun 2021 13:05:05 +0200
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, Eliot Lear <lear@lear.ch>, IESG <iesg@ietf.org>, ohttp@ietf.org, ietf <IETF@ietf.org>
Message-ID: <147393241.33139.1623236705218@appsuite-gw2.open-xchange.com>
In-Reply-To: <4800.1623179777@localhost>
References: <162309061157.32548.930649503797136245@ietfa.amsl.com> <d8932acb-397b-25b9-7bab-50c1a313d583@lear.ch> <4800.1623179777@localhost>
Subject: Re: Request to Charter a New Working Group: Oblivious HTTP (OHTTP)
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.5-Rev13
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/W8Xn198OQTcTZhhh_EhwO66Q8Lg>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jun 2021 11:05:16 -0000
> Il 08/06/2021 21:16 Michael Richardson <mcr+ietf@sandelman.ca> ha scritto: > > > Eliot Lear <lear@lear.ch> wrote: > > Is this same service going to further harm clients by making it even more > > difficult to block known malicious web sites? Not only would a local > > deployment not be able to do this, but proxies themselves wouldn't be able to > > spot malware. Combine that with some rather impressive phishing capabilities > > of bad actors, and aren't we just hamstringing our ability to put down > > malware attacks? > > Without taking a position on the fundamental questions you ask, my > understanding is that the proxy would be run by an entity that had a lot of > properties, and that wished to provide pseudonymous access to them. > Candidates that I can think of would include: google, godaddy, azure, ec2, > cloudflare, *.gov, *.gc.ca, wordpress hosting companies, ... and that the target > properties would be configured with some trust in the proxy system. If the same entity controls the proxy and the target, what's the actual gain in privacy? Also, if this were to be the actual deployment model, we would again be building a huge centralization mechanism for the entire web. I am always baffled by how a community that often seems obsessed with potential censorship and surveillance by governments then actively adopts architectures that foster potential censorship and surveillance by private companies, or create new gatekeeping opportunities. More precisely, the risk is that this model would foster the birth of something that I'd call a "RDN" - request delivery network. Let's suppose that, like for CDNs, we end up with very few global providers managing the proxy layer. What happens if one of them goes down? What happens if they agree among themselves, or are forced by external factors, to deny requests from or to specific addresses, networks, or countries? Also, why should someone provide such a service, if they don't find ways to monetize the data? Is this creating economic incentives to attack the very privacy that the new architecture is supposed to offer? Or to ask application developers for money? Or to make certain client applications faster than their competitors by refusing service to the others, or by providing downgraded service to some of them? This may or may not happen, depending on how many proxies will actually be available, but given the degree of consolidation that we're seeing in similar services, I would expect this concern to be recognized and addressed from the start. I didn't see any such consideration in the draft or in the charter. Also, I did not see any requirements taking into account that, after all, there are sources that need to be recognized (e.g. bots) and destinations to be blocked permanently (e.g. illegal content) or depending on who the user is (e.g. parental controls). This should also be addressed explicitly by any proposal. -- Vittorio Bertola | Head of Policy & Innovation, Open-Xchange vittorio.bertola@open-xchange.com Office @ Via Treviso 12, 10144 Torino, Italy
- Re: Request to Charter a New Working Group: Obliv… Eliot Lear
- Re: Request to Charter a New Working Group: Obliv… Michael Richardson
- Re: Request to Charter a New Working Group: Obliv… Christian Huitema
- Re: Request to Charter a New Working Group: Obliv… Michael Richardson
- Re: Request to Charter a New Working Group: Obliv… Vittorio Bertola