IETF Logo Mail Archive

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

Tom Herbert <tom@herbertland.com> Sun, 22 April 2018 20:29 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B40A126D3F for <int-area@ietfa.amsl.com>; Sun, 22 Apr 2018 13:29:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Do6XBYEWqUxQ for <int-area@ietfa.amsl.com>; Sun, 22 Apr 2018 13:29:51 -0700 (PDT)
Received: from mail-qt0-x22d.google.com (mail-qt0-x22d.google.com [IPv6:2607:f8b0:400d:c0d::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 231FB1200F1 for <int-area@ietf.org>; Sun, 22 Apr 2018 13:29:51 -0700 (PDT)
Received: by mail-qt0-x22d.google.com with SMTP id q13-v6so15457316qtl.3 for <int-area@ietf.org>; Sun, 22 Apr 2018 13:29:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=sWRM8gvSvOf80sgOKXEapzRtV0xm8KKv4XkwfR5/e6U=; b=gFjU9452ldQfhd59Bc1xf0uxaV0A2HMORoY1srAMLdcexXc3hzrRVbznCREurlFGTN k08g+Zv3O4LZxzsQBG5+yXrS1joqtnAPpFABs1OUZGv4DdvCCTtyCKjhG76Fj7DBj+os rEtaqd5beVBYHb69QiN5+xopON1lrmd1Tl6gD2eeIUeZvTwYi+qP2SD00tAxZ4pudUZM Zxdc+6BVYKzHa0sDLfVNsB1G+ppEQI6VYVaHH7LWAPmNtFNRWzfsGNvphnAFij3Upxly 4FaY/dTWIv40T9epxCj9HIp274WUg5HYIF8YDWF48x7S7ikUtg6alvielsgw9n435IVV TmKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=sWRM8gvSvOf80sgOKXEapzRtV0xm8KKv4XkwfR5/e6U=; b=KWU8jwjBrW8Wh7yuKLhZ8wdq+knwLCuCXUIAdIWg7U34WCdbu3nBze7jR1veI21df6 5YrKe6BQN6qi6Jmzypu0C8qnny+0y2V9hOInUMCknef5iSZmznU8CculMMsmEKIPDjjD mMpNoyJadlM2YpraN4WQiffH5ZpWuCZVYNkWdaTQaE7zMpektYh/Gg/hdle0yB1OD57L HBLvi+87HG4drwrZ4DFYZJ2LFbbmY9SfCkJzmNL4voso92tXS+ok0QQ895oWaxsHIaIM LNfKodpkm7HyqdWo0oPRvaQfYmbzMHTH+uGd9kKHh+bGTUFprn2w+echfSdkN7M6tOxs HlRA==
X-Gm-Message-State: ALQs6tAOtCw9h6aqgi2ON+mPOZm8rDKoBeVwOJXMr/7SFxxFynCTT/7S YtKo6XVEnxfDVSRbBvsaNwPH5ClxQmTLYb37IQjdX8vX
X-Google-Smtp-Source: AB8JxZrsbSgMILq67zNd52aaSo1Z3MezFNgY0ve5Jzjqc+2N1Mc8jIWkJVw3DowU15bAJnH3yfOqcYgRajbfQl1EL0Q=
X-Received: by 2002:ac8:2998:: with SMTP id 24-v6mr20431429qts.197.1524428989831; Sun, 22 Apr 2018 13:29:49 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.48.35 with HTTP; Sun, 22 Apr 2018 13:29:49 -0700 (PDT)
In-Reply-To: <CC5D38CE-5AB8-4273-B4AD-8A8372F918D4@daveor.com>
References: <a231b336-7e6d-bef1-92ab-001ae05eef0c@cs.tcd.ie> <34138484-94cc-9de8-0221-dfd05f4c05a5@gmail.com> <492a4225-60d3-a3fe-18d7-f44d8deb2825@cs.tcd.ie> <2A16E034-009F-40AD-BF3A-A8DF16456366@fugue.com> <CC5D38CE-5AB8-4273-B4AD-8A8372F918D4@daveor.com>
From: Tom Herbert <tom@herbertland.com>
Date: Sun, 22 Apr 2018 13:29:49 -0700
Message-ID: <CALx6S36M0LMBwF7f_ZDdEwG9q6Vno1_j=Hk4POuQ4-FccUaCDw@mail.gmail.com>
To: Dave O'Reilly <rfc@daveor.com>
Cc: Ted Lemon <mellon@fugue.com>, "int-area@ietf.org" <int-area@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/wVPt9mTNKOy6m8IRjpBgAFh_4fw>
Subject: Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Apr 2018 20:29:54 -0000

On Sun, Apr 22, 2018 at 12:18 PM, Dave O'Reilly <rfc@daveor.com> wrote:
> Dear all,
>
> I hope it’s not inappropriate for me to step into this discussion, but I would like to respond to a few of the points that have been raised so far. For brevity I will incorporate my responses to the various emails into a single email.
>
> The main point people are making:
> ———————————————————————
>
> There are several objections to the document scope (by Stephen Farrell, Brian E Carpenter and Ted Lemon - quotations are not necessary, I trust).
>
> In response I only point out that the intarea working group has already adopted a document making recommendations that logging of source port should be done (RFC6302/BCP162). The point I’m making in this document is that:
>
> 1. source port logging is not routine, despite publication of RFC6302 in 2011 - in other words the document has not had the hoped for impact
> 2. what are the reasons for this
> 3. what additional recommendations can be made to move this along
>
> Therefore I’m a little surprised by this response to a relatively minor movement in an already published intarea position.
>
> However, if people are irreconcilably opposed to the scope of the current document, then I propose as follows:
>
> a. Reject the call for adoption by the working group and move the document back to the independent submission stream. I believe the conflict review comments have already been adequately addressed in draft -04 and publication will hopefully be possible there.
> b. Begin a discussion here (or in whatever forum might be more appropriate) on what would be an appropriate scope for a separate document to consider the broader issues that are being raised by the various commenters and see what sort of consensus can be reached. I offer to contribute my opinion to that discussion.
>
> Other additional points:
> ———————————————
>
> From Stephen Farrell:
>
>> I do support consideration of how law enforcement investigations can be carried out, but not without a similar level of consideration of the real trade-offs between assisting law enforcement and commercial or other surveillance. At present, the draft is nowhere near sufficient in this respect. (Despite saying that "Clearly a balance needs to be struck between individual right to privacy and law enforcement access to data during criminal investigations" the draft is anything but balanced in that respect.)
>
> The document is not supposed to be an analysis of the privacy implications of law enforcement access to data in general and, by the way, nobody is talking about “assisting law enforcement and commercial or other surveillance” - that’s a straw man. I do address in section 9 the privacy implications of the specific proposal (source port logging) as a solution to a specific problem (carrier grade NAT and similar technologies) - a proposal that has already been accepted by the intarea group in RFC6302/BCP162.
>
> However, I agree with you that a broader discussion within the IETF of the balance between privacy and the societal need for law enforcement access to data is certainly required. From what I can see in my research so far, the philosophy within the IETF appears to heavily favour privacy over other issues (such as societal rights or rights of victims of crime - represented in this case by law enforcement access to data). I cite as just two examples of this (and believe me I can provide many more):
>
Dave,

I think the term "societal need for law enforcement" is euphemistic.
That seems to presume that the laws are universally just in the first
place, and that access to the information is always controlled by a
reasonable legal process like warrants. That is not reality. There are
hundreds of legal jurisdictions in the world each with their own
concept of what constitutes a crime. Yes, there are clearly cases
where the information is warranted when a serious crime has been
committed for which a reasonable person would say the law enforcement
access to the information is warranted. However, we've also seen many
case where the information is be used to investigate "crimes" that
many reasonable people would not consider meritable to allow access.
For example, in many regions of the world it is considered a crime
speaking out against an unjust government. To a lot of people that is
considered a violation of human rights and such laws are considered
unjust. I would expect that any proposal that enables governments to
crack down on freedom of speech, even if the proposal is otherwise
beneficial, will get a lot of push back in IETF!

Tom


> - RFC4941 (Privacy extensions for stateless address auto configuration in IPv6) - “by design” obfuscation of the source of network traffic with no consideration of the crime attribution implications
> - RFC6742 (Default address selection for Internet Protocol version 6 (IPv6)) - recommending selection of temporary addresses generated using RFC4941 over other options
>
> I think a discussion of the broader issue requires robust and vocal representation of both sides and I am willing to adopt for the purposes of such a discussion the, apparently unpopular, position that while the right to privacy is very important it is not the only right and a more nuanced consideration of the situation might be worthwhile.
>
> From Brian E Carpenter:
>
>> I do have another comment about adoption. This is an IPv4 technology. Do we really want to spent IETF cycles on it? I'd prefer that we adopt https://tools.ietf.org/html/draft-george-ipv6-support-03 .
>
> I agree with you that this is an IPv4 problem. I mention in the document (last paragraph of section 1) that migration to IPv6 would make this problem go away but also I would like to emphasise that this is a real problem being faced right now and it is something that can’t be put off until IPv6 migration is complete. Whether or not the IETF is the correct forum is not for me to say - all I’m trying to do is make sure that at least the conversation takes place.
>
> Regards,
> daveor
>
> _______________________________________________
> Int-area mailing list
> Int-area@ietf.org
> https://www.ietf.org/mailman/listinfo/int-area

v2.23.0 | Report a Bug | By Email