IETF Logo Mail Archive

Re: [Pearg] [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?

Vittorio Bertola <vittorio.bertola@open-xchange.com> Thu, 05 January 2023 10:05 UTC

Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91FD7C14CF16; Thu, 5 Jan 2023 02:05:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dm0oxI9poFI6; Thu, 5 Jan 2023 02:05:49 -0800 (PST)
Received: from mx3.open-xchange.com (mx3.open-xchange.com [87.191.57.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2101FC14CF03; Thu, 5 Jan 2023 02:05:48 -0800 (PST)
Received: from imap.open-xchange.com (imap.open-xchange.com [10.20.28.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx3.open-xchange.com (Postfix) with ESMTPSA id D07EC6A0EE; Thu, 5 Jan 2023 11:00:08 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1672912808; bh=gE9Fee5/bCVW3gkJdzpNEBbWvkPk3I2nMFMvPt6Cjo8=; h=Date:From:To:Cc:In-Reply-To:References:Subject:From; b=jqa61u3U8Bbp60l51uLS88bQeAO9ywp3g7TzzT9SJkNUQZIq7BufWVRup8NZLBcic AsqAv5ra3md0lVrSHG0xeiR2zTiZuSpOu2oK6f6ZLGUGsYrLYnbNxwdWFjieaRBI59 ntbv6i/KO8wxtPwUf1QPChFJnU7vqsw5th600DiT2AhU0IoaS9pfADkhT9uUeMjbHv iFSt3V343sNjBIX/ePUjhHX+AfbBbm4LiWUNSUV5zogs4G9k3eFYFuoa/nb+ypLN7L N3X4BtTvcdMLXCDPa1z0C7NnQCTxSmEUWMbnqeCFGqLPNg2lN0xzpMCYPCyYEMLKk7 FGw7T87yQYlkg==
Received: from appsuite-gw2.open-xchange.com ([10.20.28.82]) by imap.open-xchange.com with ESMTPSA id oLyRMaiftmN1IBgA3c6Kzw (envelope-from <vittorio.bertola@open-xchange.com>); Thu, 05 Jan 2023 11:00:08 +0100
Date: Thu, 05 Jan 2023 11:00:08 +0100
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "hrpc@irtf.org" <hrpc@irtf.org>, "pearg@irtf.org" <pearg@irtf.org>, saag <saag@ietf.org>
Message-ID: <9658281.42904.1672912808774@appsuite-gw2.open-xchange.com>
In-Reply-To: <CABcZeBNA_nJ2waQVENUvEXro91wAYOcH0ZxWqbLH4hoKcGkosw@mail.gmail.com>
References: <HE1PR0701MB305098F652DBC34E3C40810B89F49@HE1PR0701MB3050.eurprd07.prod.outlook.com> <764163366.39904.1672842828297@appsuite-gw2.open-xchange.com> <CABcZeBNA_nJ2waQVENUvEXro91wAYOcH0ZxWqbLH4hoKcGkosw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_42902_1266859729.1672912808761"
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.6-Rev34
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/1fzhtC-peQhbW0mYLDEaEsvpTyg>
Subject: Re: [Pearg] [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2023 10:05:53 -0000

 

> Il 04/01/2023 20:33 CET Eric Rescorla <ekr@rtfm.com> ha scritto:
>  
> 
> > I still think this was a big fail; in fact, this implies that counteraction against surveillance capitalism practices can only happen elsewhere, at the regulatory level, as the IETF community either does not know what to do about it, or does not want to do anything about it.
> > 
>  
> I don't think this is true at all.
>  
> First, the IETF *is* working on issues around privacy and preventing various forms of surveillance capitalism. That's in part what initiatives like DoH, QUIC, TLS 1.3, ECH, OHAI, MASQUE etc. are about.
> 
Of course you will disagree with what I am going to say, but here is the common (though not unanimous) viewpoint from the technical policy community of a different part of the world - no offense implied.
 
In Europe, "surveillance capitalism" is basically synonymous with a set of a few very big American companies that happen to be the ones promoting and deploying the standards you mention. So, it will be hard to convince people in Brussels or Berlin that those standards are meant to put the business model of their proponents under check. Actually, they are more likely to lead to the conclusion that the IETF is being used as an instrument to further that business model, and that the encrypted network architecture that it is promoting is meant to disempower end-users and any other party (including European law enforcement and privacy authorities) from checking what the endpoints do, which information they send and who they send it to, facilitating uncontrolled data extraction practices by the private companies that mostly control the endpoints, i.e. the above ones.
 
There is a general feeling that the bigger threats to user privacy are now not in transit, but in or before the endpoints. So, the fact that the IETF does not want to consider threats in the endpoints is seen as additional evidence for the above.
 

--

Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
vittorio.bertola@open-xchange.com mailto:vittorio.bertola@open-xchange.com
Office @ Via Treviso 12, 10144 Torino, Italy

v2.23.0 | Report a Bug | By Email