Re: [Pearg] Research Group Last Call for "A Survey of Worldwide Censorship Techniques"
Joseph Lorenzo Hall <hall@isoc.org> Fri, 29 May 2020 17:37 UTC
Return-Path: <hall@isoc.org>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 460FB3A0EF1 for <pearg@ietfa.amsl.com>; Fri, 29 May 2020 10:37:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, TRACKER_ID=0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isoc.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DlFbz6WQFZNH for <pearg@ietfa.amsl.com>; Fri, 29 May 2020 10:37:03 -0700 (PDT)
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2062.outbound.protection.outlook.com [40.107.243.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE1553A0EBC for <pearg@irtf.org>; Fri, 29 May 2020 10:37:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nLvqyDBbPaLyK5Capsumdf9ze7/qDuqNPK0weGwF3I2D38U1wNkjvv+k22myRT+clRW9HT+BA97oMc/y5DMqCFW5vb/F6ZbC/qRGz7NzB1/qGqUNY+8t/9rphjjqgCHr7RxLWzT/WmaIkIYp36HPmx8tera6/6dkZ32n9TD3BebA39knP+O3njr1j6v6HL1Xdoo3EN9UQx1tQuUj5M3TCM6Nl2xX6UziyM+O1LBhgKfdaLh998QqCkMNuxr+dq1baTk5MYisPUgfVY/78lYpsPoxTGZNGnMNoOBe6vxuSaLuA5NDBepEUASQ8pT8fksgkLZbjo3b9CIbhVPaLTXzMQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3+Icodn97TIc5VXQ/SZUL+kRo8f5ZuWLNhQZVz1hNqA=; b=P8hHcW1HnlYyKrA6Y5if7JxYtRFT6nZfHZA0wz5IRsK9sjCVFAewx/vZX0+IHZwqQJW5Inhs8ksGCqQxFhYLfOvyVf2UBVHH5aZGgkYqMw2cEM72SPDLRmrnz6IIIvWbwGTij79vtXkmocMYHYm2tJ0phInin72//0mll/j7xkCoQ086duTSn+WQUaqJhNzojxG/K1wbYSdtl+U7w9q8CT+vCeHhXa0rzFbtQ6INWF55Dtejk+KzW/dyz03fEomdZm/pjOdRIWI/yc8XoHruGCimuMjJPq+z5xcW1mSqE1C5UpSCisbtsnwNueMgg4ymlsSDItWhzYD6GpZ5ED0xPA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=isoc.org; dmarc=pass action=none header.from=isoc.org; dkim=pass header.d=isoc.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isoc.org; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3+Icodn97TIc5VXQ/SZUL+kRo8f5ZuWLNhQZVz1hNqA=; b=B0af6iVoGI/nL0OajmFPnAbnC859Eybnj916jAb/zBoMGN4MSF9bG1Qf/jbbzpjxmzPaJODnhrhOy7oL7ki20+QqzQk0Gjapf5HwLOhKImUJQU7CUV2gvsS+eCxhfCS+ebLLZ6GnUx9uXGZG3bmHdkxjlgdkKprbdiGMjkRTkbc=
Received: from BY5PR06MB6451.namprd06.prod.outlook.com (2603:10b6:a03:21e::20) by BY5PR06MB6690.namprd06.prod.outlook.com (2603:10b6:a03:23b::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.23; Fri, 29 May 2020 17:36:58 +0000
Received: from BY5PR06MB6451.namprd06.prod.outlook.com ([fe80::b9b7:f0a7:b076:d5d5]) by BY5PR06MB6451.namprd06.prod.outlook.com ([fe80::b9b7:f0a7:b076:d5d5%5]) with mapi id 15.20.3045.018; Fri, 29 May 2020 17:36:58 +0000
From: Joseph Lorenzo Hall <hall@isoc.org>
To: Eric Rescorla <ekr@rtfm.com>, Christopher Wood <caw@heapingbits.net>
CC: "pearg@irtf.org" <pearg@irtf.org>
Thread-Topic: [Pearg] Research Group Last Call for "A Survey of Worldwide Censorship Techniques"
Thread-Index: AQHWLsgqnBPhO5w6N0yNNHBtsaHVYqi/X7WAgAACC+s=
Date: Fri, 29 May 2020 17:36:58 +0000
Message-ID: <BY5PR06MB645145AE6485535418D4B9EFB18F0@BY5PR06MB6451.namprd06.prod.outlook.com>
References: <08f43a37-2b7b-418e-95a8-ed57484c66be@www.fastmail.com>, <CABcZeBMzdOQw6ZhR_XT49+u3cpu28p7EQAxQ8DXBiMHi7uUF2g@mail.gmail.com>
In-Reply-To: <CABcZeBMzdOQw6ZhR_XT49+u3cpu28p7EQAxQ8DXBiMHi7uUF2g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: rtfm.com; dkim=none (message not signed) header.d=none;rtfm.com; dmarc=none action=none header.from=isoc.org;
x-originating-ip: [108.28.51.147]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 385e1535-83c5-4894-16a7-08d803f6e343
x-ms-traffictypediagnostic: BY5PR06MB6690:
x-microsoft-antispam-prvs: <BY5PR06MB66909D08BFD1343CF98002CDB18F0@BY5PR06MB6690.namprd06.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 04180B6720
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 5ovf7BhnmoWjGDE2r0FPLWn1ueoci2CwNyDFyVOnCMC1f21jQt3IdS0SKzdxGnNYMT+pCKEj+sOCyIQuTpM2aKyQyIMVipioInswNI7uMKGgDLuXZWWaALzFdfSsSUSfUGtygezZX5FG0TjtDUD/b2KU+cxSCmamvCgOjxxne+Z8QQkIcwC4wjtCSVx71lT6GF4vFWKHfzzbQCL97COG84b4qrKfqk5yGOQ7VqaUP290IxsmgwS+sweELhdkHOZLKkkRjyYqJyvIZRbD2XpwJ3VSYIW67Oi3mxv/HRL/vRm/p9b8itxqG7TCdZOuBD9N2klUOfh7nWqrp9VQjHm01EtUtroiGpCNnMURJlLJeM5bbs8usDlqKpwING0BRu+s7F0XJmfnrq4pKpEhnggw1g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR06MB6451.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(396003)(366004)(376002)(346002)(39840400004)(136003)(55016002)(966005)(166002)(66556008)(6506007)(66476007)(33656002)(53546011)(66446008)(76116006)(66946007)(64756008)(7696005)(2906002)(4326008)(8936002)(186003)(8676002)(26005)(83080400001)(66574014)(71200400001)(86362001)(110136005)(9686003)(478600001)(5660300002)(15974865002)(52536014)(83380400001)(316002)(30864003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: Bp+vf0/JuLl11IXawsAbAU53Zpevl8RJ2SATtHfoUWwWr+ZGOnX8qPmrU1HXDLvT/e1JDtLMxuVYK90cfRGrq3jBMDqmWSvUGYEtf3c/rk+I3yMaZZRYluCOGBY+EVwkYZEb8gtq0BQkq+1gPEKCwQWnLeld/UJGSnrRmtRbXu9lZF2BkdV8PFrNVtMBlWFUlNDdN/Nhoy1x0Wc+zWViEnaxBH4l9Yo8o+aUQCSkpHzly8roNSWwFIyik5eujl4N26M8plyC6tR8yf9/eHx4hVwtR6NeZJmp1jFTbBKi09bT48yLfo59HCV8vkSJjtfGh6f4RtMpwz67QYGismT7zqcDBzAbHggib+eOqFmw1tV1JVqoFHeISUzTSmg3Xgtf3LbZl4N2Mv4TiusDocv14ER6vtb71aQ3mVtk8Eo86vxOiHNQ9ZVD5n+YCQ556FNBE2bv2SgD+D7VEHmwBTB+Lgu4513UXitKb/APovGwA99Sh0fWGSpQxzX62E1oEpoA
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BY5PR06MB645145AE6485535418D4B9EFB18F0BY5PR06MB6451namp_"
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
X-MS-Exchange-CrossTenant-Network-Message-Id: 385e1535-83c5-4894-16a7-08d803f6e343
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 May 2020 17:36:58.2179 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: zX8LZ3+3068OsNZfMUX47FKo7CD6X7Iqngqbj90nlrd6txlvjl8xwb9GltaxBZy1
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR06MB6690
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/En_twM216n4mO8ZyejYcok1H_n0>
Subject: Re: [Pearg] Research Group Last Call for "A Survey of Worldwide Censorship Techniques"
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 May 2020 17:37:14 -0000
Thank you for the review, EKR. I'll work through these and put them in issues in the repo as I do, likely not until next week. -- Joseph Lorenzo Hall, Senior Vice President, Strong Internet hall@isoc.org | +1-703-483-9504 internetsociety.org | @internetsociety pgp: https://josephhall.org/gpg-key 3CA28D7B9F6DDBD34B1016075F86698740A9A871 ________________________________ From: Pearg <pearg-bounces@irtf.org> on behalf of Eric Rescorla <ekr@rtfm.com> Sent: Friday, May 29, 2020 1:28:59 PM To: Christopher Wood <caw@heapingbits.net> Cc: pearg@irtf.org <pearg@irtf.org> Subject: Re: [Pearg] Research Group Last Call for "A Survey of Worldwide Censorship Techniques" Document: draft-irtf-pearg-censorship-03.txt S 2. We describe three elements of Internet censorship: prescription, identification, and interference. The document contains three major sections, each corresponding to one of these elements. Prescription is the process by which censors determine what types of material they should block, i.e., deciding to block a list of pornographic websites. Identification is the process by which censors classify specific traffic to be blocked or impaired, i.e., blocking or impairing all webpages containing "sex" in the title or traffic to www.sex.example. Interference is the process by which censors I'm not finding this distinction super clear. It seems to me like deciding to block www.sex.example and "impairing...traffic to www.sex.example" are pretty similar. Not trying to force a new model on you, but I tend to think of this process as: 1. Decide what kind of material you want to block (e.g., material about sex). [This is what I expected prescription to be] 2. Determine what the conceptual indicia of that material are (this might be "contains the string sex" or "is one of these websites A, B, C") 3. Determine precisely how you identify the indicia on the network (DNS, SNI, etc.) 4. Determine how to block the communications once identified. S 3.1. Internet censorship necessarily takes place over a network. Network You say this but then later you give an example of endpoint censorship. I feel like this section might be better if it tried to impose some hierarchy here. From my perspective, there are four main categories of control points: - The network itself [ISPs, Backbone, Institutional ISPs] - The services side of communications [hosting providers, cloud providers, CDNs, etc.] - Services which are necessary to communicate but not really part of it [CAs, DNS, etc.] - The client endpoint side That might make this easier to read o Certificate Authorities for Public-Key Infrastructures (PKIs): Authorities that issue cryptographically secured resources can be a significant point of control. Certificate Authorities that issue certificates to domain holders for TLS/HTTPS (the Web PKI) or Regional/Local Internet Registries (RIRs) that issue Route Origination Authorizations (ROAs) to BGP operators can be forced to issue rogue certificates that may allow compromise, i.e.., by allowing censorship software to engage in identification and interference where not possible before. This may allow, for example, adversarial traffic routing or TLS interception. This is true, though CT is intended to make this much harder. I would add that CAs can be forced to revoke certificates, which is a threat that CT does not attempt to prevent. o Services: Application service providers can be pressured, coerced, or legally required to censor specific content or data flows. Service providers naturally face incentives to maximize their potential customer base and potential service shutdowns or legal liability due to censorship efforts may seem much less attractive than potentially excluding content, users, or uses of their service. Services have increasingly become focal points of censorship discussions, as well as the focus of discussions of moral imperatives to use censorship tools. It's a little hard to know if this text is talking about Facebook or AWS. Maybe split? At all levels of the network hierarchy, the filtration mechanisms used to detect undesirable traffic are essentially the same: a censor either directly sniffs transmitting packets and identifies undesirable content, and then uses a blocking or shaping mechanism to prevent or impair access, or requests that an actor ancillary to the censor, such as a private entity, perform these functions. I don't think this claim is right. For instance where do registry takedowns or DNS blacklists fit in. Neither of them "directly sniffs transmitting packets" (a weird phrase as-is). S 3.2.1. Tradeoffs: Request Identification is a technically straight-forward identification method that can be easily implemented at the Backbone or ISP level. The hardware needed for this sort of identification is cheap and easy-to-acquire, making it desirable when budget and scope are a concern. HTTPS will encrypt the relevant request and response fields, so pairing with transport identification (see Section 3.3.1) is necessary for HTTPS filtering. However, some countermeasures such I think you just want to remove "such" can trivially defeat simple forms of HTTP Request Header Identification. For example, two cooperating endpoints - an instrumented web server and client - could encrypt or otherwise obfuscate the "host" header in a request, potentially thwarting techniques that match against "host" header values. This is true, but seems kinda limited. 3.2.4.1. In encrypted connections using Transport Layer Security (TLS), there may be servers that host multiple "virtual servers" at a given network address, and the client will need to specify in the (unencrypted) Client Hello message which domain name it seeks to connect to (so that the server can respond with the appropriate TLS certificate) using the Server Name Indication (SNI) TLS extension [RFC6066]. Since SNI is often sent in the clear, censors and I understand that the cert field is also used for blocking. Domain fronting has been one popular way to avoid identification by censors [Fifield-2015]. To avoid identification by censors, applications using domain fronting put a different domain name in the SNI extension than the one encrypted by HTTPS. The visible SNI would indicate an unblocked domain, while the blocked domain remains hidden I would say "than in the Host: header, which is protected by HTTPS" S 3.3.1. Of the various shallow packet inspection methods, Transport Header Identification is the most pervasive, reliable, and predictable type of identification. Transport headers in TCP/IP or QUIC contain a few invaluable pieces of information that must be transparent for traffic to be successfully routed: destination and source IP address and port. Destination and Source IP are doubly useful, as not only does it allow a censor to block undesirable content via IP blocklisting, Saying "TCP/IP or QUIC" is weird as QUIC runs over UDP. And of course UDP has its own headers, as does RTP. I would just say "Transport headers" Header identification is trivial to implement, but is difficult to implement in backbone or ISP routers at scale, and is therefore typically implemented with DPI. Blocklisting an IP is equivalent to Does this mean "using DPI" or "along with DPI" Header identification is trivial to implement, but is difficult to implement in backbone or ISP routers at scale, and is therefore typically implemented with DPI. Blocklisting an IP is equivalent to installing a /32 route on a router. However, due to limited flow The IPv6 people will be mad. Port-blocking is generally not useful because many types of content share the same port and it is possible for censored applications to change their port. For example, most HTTP traffic goes over port 80, so the censor cannot differentiate between restricted and allowed web content solely on the basis of port. Another example is HTTPS port 443, which in addition to handling secure web traffic now also carries DNS-over-HTTPS [RFC8484] traffic; this can frustrate techniques that rely on cleartext DNS over port 53 for censorship, parental control, and other uses [SSAC-109-2020]. Port allowlisting True, but I feel like this is actually a different category of thing, because *this* section is about shallow blocking, whereas DNS-based blocking of specific domains is definitely not shallow. conjunction with other identification mechanisms. For example, a censor could block the default HTTPS port, port 443, thereby forcing most users to fall back to HTTP. An important counter-example is that port 25 (SMTP) has long been blocked on residential ISPs' networks, ostensibly to reduce the potential for email spam, but also prohibiting residential ISP customers to run their own email servers. This "ostensibly" seems unnecessarily sarcastic. It's not clear why ISPs would care that much (price discrimination?). Anyway, if you want to make this point, I think you could say something more netural which had the same impact. S 3.3.2. I'm having trouble with your taxonomy here because a lot of the protocol identification work seems like it's more application layer than transport layer, but you have it in 3.3. S 4.1.1. There is some good text in this section, but I feel like it's not doing a good job of distinguishing three attack modalities: - Lying by the nameserver - On-path interception by an attacker - off-path cache poisoning This has been such a persistent point of confusion with DoH that I think it's worth clarifying. > than ideal censorship mechanism. Additionally, the above mechanisms > rely on DNSSEC not being deployed or DNSSEC validation not being > active on the client or recursive resolver (neither of which are hard > to imagine given limited deployment of DNSSEC and limited client > support for DNSSEC validation). This is not quite correct. If you want to redirect a user then you need to content with DNSSEC, but if you just want to block them, then you can just provide a record which won't validate and that will have the same effect. S 4.2.2. I note that packet dropping is often how you implement traffic shaping. S 4.2.3. Packet injection, generally, refers to a man-in-the-middle (MITM) network interference technique that spoofs packets in an established traffic stream. RST packets are normally used to let one side of TCP connection know the other side has stopped sending information, and thus the receiver should close the connection. RST Packet Injection is a specific type of packet injection attack that is used to interrupt an established stream by sending RST packets to both sides of a TCP connection; as each receiver thinks the other has dropped the connection, the session is terminated. QUIC is not vulnerable to these types of injection attacks (See [I-D.ietf-quic-transport] for more details). This isn't totally true. QUIC is not vulnerable to this once the connection is set up, but it *is* vulnerable during setup. The two paragraphs in Trade-offs are confusing because you don't start out with the threat model. There are three threat models here: - On-path and fast - On-path and slow - Off-path In general, the argument you seem to be making is that on-path and fast is expensive but on-path and slow is cheap. I'm not sure the Blind injection stuff is that relevant: you would need to know the host/port coordinates which are fairly expensive to obtain. Do we know if anyone uses totally blind RSTs for censorship? My impression is that it's primarily useful for long running connectons like BGP. S 4.3.2. Trade-offs: The impact to a network disconnection in a region is huge and absolute; the censor pays for absolute control over digital information with all the benefits the Internet brings; This seems backwards. You pay by losing all the benefits. this is never a long-term solution for any rational censor and is normally only used as a last resort in times of substantial unrest. This seems unnecessarily judgemental. What's rational depends on incentives. Also, this section seems weird because it doesn't talk about fake BGP announcements for *other* sites, which we know is common and doesn't have anywhere near the impact yoou discuss here. S 6. I would remove this entirely. I don't think it really belongs -Ekr On Wed, May 20, 2020 at 10:00 AM Christopher Wood <caw@heapingbits.net<mailto:caw@heapingbits.net>> wrote: This is the research group last call for the "A Survey of Worldwide Censorship Techniques" (draft-irtf-pearg-censorship) draft available here: https://datatracker.ietf.org/doc/draft-irtf-pearg-censorship/ Please review the document and send your comments to the list by June 5, 2020. Feedback may also be sent to the GitHub repository located here: https://github.com/IRTF-PEARG/rfc-censorship-tech Thanks, Chris, on behalf of the chairs -- Pearg mailing list Pearg@irtf.org<mailto:Pearg@irtf.org> https://www.irtf.org/mailman/listinfo/pearg
- [Pearg] Research Group Last Call for "A Survey of… Christopher Wood
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Mallory Knodel
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Mallory Knodel
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Gurshabad Grover
- Re: [Pearg] Research Group Last Call for "A Surve… Amelia Andersdotter
- Re: [Pearg] Research Group Last Call for "A Surve… Vittorio Bertola
- Re: [Pearg] Research Group Last Call for "A Surve… Niels ten Oever
- Re: [Pearg] Research Group Last Call for "A Surve… Vittorio Bertola
- Re: [Pearg] Research Group Last Call for "A Surve… Niels ten Oever
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Mallory Knodel
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Christopher Wood
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Niels ten Oever
- Re: [Pearg] Research Group Last Call for "A Surve… Lars Eggert
- Re: [Pearg] Research Group Last Call for "A Surve… Niels ten Oever
- Re: [Pearg] Research Group Last Call for "A Surve… Vittorio Bertola
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Christopher Wood
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… Eric Rescorla
- Re: [Pearg] Research Group Last Call for "A Surve… Eric Rescorla
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Mallory Knodel
- Re: [Pearg] Research Group Last Call for "A Surve… Eric Rescorla
- Re: [Pearg] Research Group Last Call for "A Surve… Mallory Knodel
- Re: [Pearg] Research Group Last Call for "A Surve… Eric Rescorla
- Re: [Pearg] Research Group Last Call for "A Surve… Carsten Bormann
- Re: [Pearg] Research Group Last Call for "A Surve… Eliot Lear
- Re: [Pearg] Research Group Last Call for "A Surve… David Oliver
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Chelsea Komlo
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… David Oliver
- Re: [Pearg] Research Group Last Call for "A Surve… Chelsea Komlo
- Re: [Pearg] Research Group Last Call for "A Surve… Amelia Andersdotter
- Re: [Pearg] Research Group Last Call for "A Surve… Eric Rescorla
- Re: [Pearg] Research Group Last Call for "A Surve… Christopher Wood
- Re: [Pearg] Research Group Last Call for "A Surve… Christopher Wood
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Chelsea Komlo
- Re: [Pearg] Research Group Last Call for "A Surve… S. Moonesamy
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… S. Moonesamy
- Re: [Pearg] Research Group Last Call for "A Surve… S. Moonesamy
- Re: [Pearg] Research Group Last Call for "A Surve… Joseph Lorenzo Hall
- Re: [Pearg] Research Group Last Call for "A Surve… S. Moonesamy