Re: COVID-19 contacts tracker (Re: a brief pondering)
"Joel M. Halpern" <jmh@joelhalpern.com> Wed, 15 April 2020 19:05 UTC
Return-Path: <jmh@joelhalpern.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C7E43A0768 for <ietf@ietfa.amsl.com>; Wed, 15 Apr 2020 12:05:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.099
X-Spam-Level:
X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MISSING_HEADERS=1.021, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CYvJWjXnBW1P for <ietf@ietfa.amsl.com>; Wed, 15 Apr 2020 12:04:59 -0700 (PDT)
Received: from mailb2.tigertech.net (mailb2.tigertech.net [208.80.4.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E06683A0766 for <ietf@ietf.org>; Wed, 15 Apr 2020 12:04:58 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mailb2.tigertech.net (Postfix) with ESMTP id 492Wy24pRyz1p1sm for <ietf@ietf.org>; Wed, 15 Apr 2020 12:04:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1586977498; bh=lRBfD96xTLgYUQ4T3rE0o9wfFA5Bu4L6ppGjLqhpyhQ=; h=Subject:Cc:References:From:Date:In-Reply-To:From; b=X+LMGO6C+mI3KLi3OkdA7BpgWmPZVnYCI61+w4TbcrO9IN8sArFhoKGgkG3QPr4i+ 9NlzLNqMGL2wMw/T4Xdl0clapq/Ff2N7MoGS4J+MXy6li/AfQK44BVa+3kioR9Gl0B WBxHcy5fPQl8UFDn3z47e3y/8koVueB0+F9W9G0w=
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from [192.168.128.43] (209-255-163-147.ip.mcleodusa.net [209.255.163.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id 492Wy21m4Cz1p1sR for <ietf@ietf.org>; Wed, 15 Apr 2020 12:04:58 -0700 (PDT)
Subject: Re: COVID-19 contacts tracker (Re: a brief pondering)
Cc: ietf@ietf.org
References: <fd6b7ee2-cdbe-14a1-0087-ce61282b22f6@lear.ch> <29D0DCA7-1D72-428F-A6DD-05511D90C039@cable.comcast.com> <2fa6a8c8-7639-a378-2ff1-3f8697556b66@cisco.com> <24cd67ab-df5a-cc2f-745f-ace19d5325ea@network-heretics.com> <FD9C31D9-7113-40D7-8AB1-E581458DB02F@webweaving.org>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <655c6228-d327-9659-7418-80a3b45f8bf4@joelhalpern.com>
Date: Wed, 15 Apr 2020 15:04:48 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
MIME-Version: 1.0
In-Reply-To: <FD9C31D9-7113-40D7-8AB1-E581458DB02F@webweaving.org>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/xvQ42nI_le2FW5XKhyCwGcVuXGk>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2020 19:05:01 -0000
I am either misunderstanding the context of this thread, or I am missing an important technical point. I get the potential value and complexity (in many dimensions including privacy) of Covid-19 trackers. If the thread is intended to encourage folks as individuals to help with ongoing efforts to build such things, then okay, I can understand that. (Although that is not what I thought I read.) If the goal is for the IETF to do something, I am missing the technical point. I do not see a protocol development or specification issue. The task has lots of hard parts. Most in the application space and in the data crunching spaces. (And probably other aspects that I am not noticing, but that are also not protocol issues.) What is the IETF task that is being asked for? Yours, Joel On 4/15/2020 2:46 PM, Dirk-Willem van Gulik wrote: > > On 15 Apr 2020, at 18:42, Keith Moore <moore@network-heretics.com > <mailto:moore@network-heretics.com>> wrote: >> On 4/15/20 12:07 PM, Benoit Claise wrote: >> >>> Hi, >>>> >>>> Which leads me to a question: what can this community (and >>>> similar/adjacent ones) do productively together to help? What new >>>> things are happening on the network from which we can learn and >>>> quickly adapt/improve? >>>> >>> In my wish list, I would see this community helping with a COVID-19 >>> contacts tracker: >>> - with clear specifications >>> - that respects the privacy concerns, for all parties >> >> I don't think it's possible. Anything that can be used to trace >> contacts for medical purposes can be used to trace contacts for >> political purposes. > > I would beg to differ, though by no means perfect or yet there, the EU > recommendations: > > https://ec.europa.eu/info/files/recommendation-apps-contact-tracing_en > > set out quite a 'hard' set of requirements; that by and large match the > manifest/expectations of the CCC, de Waag and similar more > activist/vigilant privacy groups: > > https://www.ccc.de/en/updates/2020/contact-tracing-requirements > > (I picked the DE one, as I could not find english version of the > substancially similar NL, FR, SE and DK versions) and designs such as de > DP3T design (with a few nits and warts) by and large meet those > requirements. > > https://github.com/DP-3T/documents/blob/master/DP3T%20White%20Paper.pdf > <https://github.com/DP-3T/documents/blob/master/DP3T White Paper.pdf> > > This is done by de-centralizing; and essentially constructing the > cryptography such that only 'on' the phone is it possible to reconstruct > 'has there been a contact' and limiting the scope/purpose to exactly > that - have I been close. So no location, no tracking, no recording of > position, etc. And with sufficient means for an outside observer to > verify this. > > The apple/google proposals are very similar - but are not as limited in > `time and place'; potentially more generic. > > Now obviously - there is nothing stopping someone of using the very same > spec to accomplish something different; to spike the app, put hidden > code in it, etc, etc. But that is something that we have any way - > those that control the phone in your pocket can put a spy in your pocket. > > Dw > > >
- Re: a brief pondering Livingood, Jason
- a brief pondering Eliot Lear
- Re: a brief pondering Narelle Clark
- Re: a brief pondering Carsten Bormann
- Re: a brief pondering Michael Tuexen
- Re: a brief pondering Nick Hilliard
- Re: a brief pondering Carsten Bormann
- Re: a brief pondering Spencer Dawkins at IETF
- Re: a brief pondering Michael Tuexen
- Re: a brief pondering Adam Roach
- Re: a brief pondering Adam Roach
- WebRTC (Re: a brief pondering) Harald Alvestrand
- Re: a brief pondering Michael Richardson
- Re: a brief pondering Phillip Hallam-Baker
- Re: a brief pondering Narelle Clark
- Re: a brief pondering Toerless Eckert
- Re: a brief pondering Nick Hilliard
- Off-topic: making WebRTC work in practice (Re: a … Carsten Bormann
- Re: Off-topic: making WebRTC work in practice (Re… Spencer Dawkins at IETF
- Re: Off-topic: making WebRTC work in practice (Re… Carsten Bormann
- Re: Off-topic: making WebRTC work in practice (Re… Philipp Hancke
- Re: Off-topic: making WebRTC work in practice (Re… Cullen Jennings
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Benjamin Kaduk
- Re: Off-topic: making WebRTC work in practice (Re… Bob Hinden
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- RE: Off-topic: making WebRTC work in practice (Re… Larry Masinter
- Re: Off-topic: making WebRTC work in practice (Re… Keith Moore
- Re: Off-topic: making WebRTC work in practice (Re… Phillip Hallam-Baker
- Re: Off-topic: making WebRTC work in practice (Re… Michael Richardson
- Re: Off-topic: making WebRTC work in practice (Re… Eric Rescorla
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Peter Saint-Andre
- Re: Off-topic: making WebRTC work in practice (Re… Nico Williams
- Re: Off-topic: making WebRTC work in practice (Re… Cullen Jennings
- Re: Off-topic: making WebRTC work in practice (Re… Mary B
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Simon Pietro Romano
- Re: Off-topic: making WebRTC work in practice (Re… Toerless Eckert
- Implementation requirement (Re: Off-topic: making… Harald Alvestrand
- COVID-19 contacts tracker (Re: a brief pondering) Benoit Claise
- Re: COVID-19 contacts tracker (Re: a brief ponder… Carsten Bormann
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Bob Hinden
- Re: COVID-19 contacts tracker (Re: a brief ponder… Dirk-Willem van Gulik
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… Joel M. Halpern
- Re: COVID-19 contacts tracker (Re: a brief ponder… Eric Vyncke (evyncke)
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rob Sayre
- Re: COVID-19 contacts tracker (Re: a brief ponder… Fred Baker
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rich Kulawiec
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… Vittorio Bertola
- Re: COVID-19 contacts tracker (Re: a brief ponder… Stephane Bortzmeyer
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian Huitema
- Re: COVID-19 contacts tracker (Re: a brief ponder… Jeff Tantsura
- Re: COVID-19 contacts tracker (Re: a brief ponder… Robert Raszuk
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rob Sayre
- Re: COVID-19 contacts tracker (Re: a brief ponder… Phillip Hallam-Baker
- Re: COVID-19 contacts tracker (Re: a brief ponder… Harish Pillay
- RE: COVID-19 contacts tracker (Re: a brief ponder… Andrew Campling
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rich Kulawiec
- Re: COVID-19 contacts tracker (Re: a brief ponder… Stephane Bortzmeyer
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian
- Re: WebRTC (Re: a brief pondering) Cullen Jennings