Re: [Pearg] IRTF Chair review of draft-irtf-pearg-censorship-06
Mallory Knodel <mknodel@cdt.org> Thu, 15 December 2022 17:41 UTC
Return-Path: <mknodel@cdt.org>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81B43C1516FC for <pearg@ietfa.amsl.com>; Thu, 15 Dec 2022 09:41:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QTuZa7StmENc for <pearg@ietfa.amsl.com>; Thu, 15 Dec 2022 09:41:29 -0800 (PST)
Received: from mail-qt1-x835.google.com (mail-qt1-x835.google.com [IPv6:2607:f8b0:4864:20::835]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1598CC1524B5 for <pearg@irtf.org>; Thu, 15 Dec 2022 09:40:39 -0800 (PST)
Received: by mail-qt1-x835.google.com with SMTP id a16so95095qtw.10 for <pearg@irtf.org>; Thu, 15 Dec 2022 09:40:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=vDyad2jiWvCvJS7zES2EZXSkMYnurT3kA2r+Lv1tjbY=; b=oCfz+YIVFTY2GM42j8saz6P9+huRmCoBBj6wt8D7kHXTb6/oUsFoQA1gpSq3xQ8H3d 54FZfpT7B1ywTpS9f5UCdzkeLh7+Qb/Pf8nvAYthcQxDbl2eKqJAzZl/bAPaqNPXZsad rBEQ8i4tsM1CJJJ6XWn471HyDD3/Px51T1vIw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vDyad2jiWvCvJS7zES2EZXSkMYnurT3kA2r+Lv1tjbY=; b=FZ+US92i/AM/fc7QdMhbox0lx03FqMHFnnSRL/xeqn6rYyiDclWr1kSbd5HfD3gYCH KbquZEBk0tgNmuAPFzFPUYcdQzrJlpCaqtTwJ/OFUfuGbVeLd6Rpd1qXBUxuImx4BSzH qudbGy5lF+QsfO2MC/qN0tB1t9z+7Hkr6IMXU1rc2yRnePDGonzZAG+ZnYO125EEJU0z oowPDvShMIObWfOvX7kGeTH2anKaNkyEs8MfiEk9yvIRVBhiPVuxRmVQ0vVQGu/CI1NS XlR3av93j2qdhs+t7RrkYFdI3+ocHuc2x+xGeOaTtVhBlUC8OUSNLGp5q8U28hBzoal0 elCQ==
X-Gm-Message-State: ANoB5pnRbmXNWass3CrAU/sHww6ICPjD1dF3dsjQ6WgHv+c62X0iu+X3 +LXia4ON+YuB/NOdXjC6758QBA==
X-Google-Smtp-Source: AA0mqf7OYcAcyEjaC36uL3YfN+p0wq+oumGTiWzhJPbQsY6EYp36l6zB2p5eP8nvfH0z5R8mRIvOtw==
X-Received: by 2002:a05:622a:8c7:b0:3a6:8ece:9f03 with SMTP id i7-20020a05622a08c700b003a68ece9f03mr42913446qte.42.1671126038451; Thu, 15 Dec 2022 09:40:38 -0800 (PST)
Received: from ?IPV6:2600:4040:2531:df00:28da:2263:a91a:906? ([2600:4040:2531:df00:28da:2263:a91a:906]) by smtp.gmail.com with ESMTPSA id p13-20020a05620a112d00b006f87d28ea3asm11956600qkk.54.2022.12.15.09.40.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 15 Dec 2022 09:40:37 -0800 (PST)
Message-ID: <3e99a9e7-bf20-dada-d04f-8341217fdb01@cdt.org>
Date: Thu, 15 Dec 2022 12:40:32 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:106.0) Gecko/20100101 Thunderbird/106.0
Content-Language: en-US
To: Colin Perkins <csp@csperkins.org>, pearg@irtf.org
Cc: pearg-chairs@ietf.org, draft-irtf-pearg-censorship@ietf.org
References: <EEB94C0D-88B8-4AE2-BF71-93E370D4A3C8@csperkins.org>
From: Mallory Knodel <mknodel@cdt.org>
In-Reply-To: <EEB94C0D-88B8-4AE2-BF71-93E370D4A3C8@csperkins.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/cyYJgU3y_iFtX9m6wczk0Pwxxd0>
Subject: Re: [Pearg] IRTF Chair review of draft-irtf-pearg-censorship-06
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2022 17:41:33 -0000
Hi Colin and all, I made some changes in the new version thusly: On 12/2/22 12:29 PM, Colin Perkins wrote: > RFC 5743 compliance: The draft does not follow the guidelines in RFC 5743 Fixed. > There are two places where specific censorship products are mentioned, along with citations of their use (SmartFilter in §3 and §4.2.1, NetSweeper in §4.2.1). Given that the set of such products changes over time, and is likely to become rapidly obsolete, I wonder if the draft might better just list the classes of products and leave the specifics to the cited sources? Agree-- and since those sections included enough description of those technologies it was easy to remove them. However I did have to change the citation for NarusInsight because the former citation (directly to the EFF blog post about the AT&T lawsuit) didn't mention it. I use the Wikipedia article about the lawsuit instead, which gives a better overview of the techniques in question. > §4.2.3: “Note that TLS 1.3 acts as a security component of QUIC” – do the differences in the way TLS integrates with QUIC affect censorship as described in this draft? My interpretation of the intention of this sentence is to point out that various parts of TLS 1.3 are used for blocking, but that each of these parts then can be used to block QUIC in the same way. So rather than having a QUIC subsection, they are combined. I checked the subsequent sections and have confirmed that the subsections where relevant indicate where QUIC can be blocked or where QUIC cannot be blocked with the same method given that it is, still, different from TLS. Additional note! Another major change that I should note here is that I've now added some text throughout about image hash matching. Essentially anywhere keyword or URL blocklist is mentioned in a way that is adjacent to content filtering, I felt it appropriate to note the way that images and videos can also be detected and actioned with removal. The very brief text is cited to an excellent description of Apple's proposed NeuralHash scheme written up by ekr, and can be found under 3.0. Technical prescription and 4.2.4. Instrumenting Content Distributors. Thanks for the review, Colin, -Mallory -- Mallory Knodel CTO, Center for Democracy and Technology gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
- [Pearg] IRTF Chair review of draft-irtf-pearg-cen… Colin Perkins
- Re: [Pearg] IRTF Chair review of draft-irtf-pearg… Dr. Joseph Lorenzo Hall
- Re: [Pearg] IRTF Chair review of draft-irtf-pearg… Colin Perkins
- Re: [Pearg] IRTF Chair review of draft-irtf-pearg… Dr. Joseph Lorenzo Hall
- Re: [Pearg] IRTF Chair review of draft-irtf-pearg… Mallory Knodel
- Re: [Pearg] IRTF Chair review of draft-irtf-pearg… Colin Perkins
- Re: [Pearg] IRTF Chair review of draft-irtf-pearg… Eric Rescorla
- Re: [Pearg] IRTF Chair review of draft-irtf-pearg… Colin Perkins