IETF Logo Mail Archive

Re: [Pearg] comments on draft-irtf-pearg-safe-internet-measurement-08

Craig Partridge <craig.partridge@colostate.edu> Thu, 17 August 2023 17:56 UTC

Return-Path: <Craig.Partridge@colostate.edu>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99D54C151533 for <pearg@ietfa.amsl.com>; Thu, 17 Aug 2023 10:56:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.091, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xjbUs0Uh2Wjc for <pearg@ietfa.amsl.com>; Thu, 17 Aug 2023 10:56:26 -0700 (PDT)
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on20622.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e88::622]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2651AC14F726 for <pearg@irtf.org>; Thu, 17 Aug 2023 10:56:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RalYB9fhEHgNcaeIEeflwMgyF94/izXQr2UTdOI06zbeLMb0HRdNfZfdGOgOPvyN9SsAQeKIeQZq11TnBEyjtOkmofJu56VAA4l3i3YZnR0R/t3WMDa0L2SIp8mDpP4wTXj0TkZEgsdXP5+Faq17gndCFKl1N98nmv+T5bQYoD4pGq6bgBfm0YLVfjgYU+cadEMt1TxPzrS4M7i1yCjcfTpTe0PZ7RsZ867eEdrqEjTMJaf40fYb6xg0QLawYyMn+L33xLepBMTP+r6INXBi0I4IXm0cnUcZsxiUQtBwEtxahRf9aoj+3KZR8RWu91zKBvlQhq568ZRBwgDNucUuRA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uTjKO+s24ta/R8nDv2nGpBqvWcwShc0w83aYDxR9474=; b=URTDidFgvJrj62z8socXsoxTcqpdLqe46XQ2CJ95KLG/fDu/Rdy55yFjAVgsdijsqXFEDVUxgymqPprGN08pfppD56RHdiPMr5ydQx1dHHxWTt/glLQJU01OR5b+A17yjssb5jLe7DZSVZ4poItHkCz8DwWPAnJAZm6jwBA7Tq8xwl6PSWXYqOny8FIQRZkJDHyklHNhj2XilNNM98E+EnkjXhlFJmzVgs3PNBiCDHV6t7Jf1BK9keINWY/NxHSTsiq+gOIguF1wtrVK2cheDPPF9XSnXtr2sx/nDMGD0B97+hgQdAu+EW7ea2ePYuz2UcSb4SE1GAkQ5rPeZLjllw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=colostate.edu; dmarc=pass action=none header.from=colostate.edu; dkim=pass header.d=colostate.edu; arc=none
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=colostate.edu;
Received: from CH3PR07MB9937.namprd07.prod.outlook.com (2603:10b6:610:1bc::17) by CO1PR07MB9017.namprd07.prod.outlook.com (2603:10b6:303:160::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6678.31; Thu, 17 Aug 2023 17:56:22 +0000
Received: from CH3PR07MB9937.namprd07.prod.outlook.com ([fe80::f1c3:55ae:c41d:dca9]) by CH3PR07MB9937.namprd07.prod.outlook.com ([fe80::f1c3:55ae:c41d:dca9%3]) with mapi id 15.20.6678.029; Thu, 17 Aug 2023 17:56:22 +0000
Content-Type: multipart/alternative; boundary="------------x20WEaihWk4OhYdR2lwMLdlm"
Message-ID: <b03708aa-e0f6-4cc6-5ad7-dad1599f48e8@colostate.edu>
Date: Thu, 17 Aug 2023 11:56:20 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.14.0
Content-Language: en-US
To: Vittorio Bertola <vittorio.bertola@open-xchange.com>, pearg@irtf.org
References: <5083db3e-a36b-69ca-300b-5d250a5c6a48@colostate.edu> <794136455.29463.1692262446741@appsuite-gw2.open-xchange.com>
From: Craig Partridge <craig.partridge@colostate.edu>
In-Reply-To: <794136455.29463.1692262446741@appsuite-gw2.open-xchange.com>
X-ClientProxiedBy: CH0PR03CA0005.namprd03.prod.outlook.com (2603:10b6:610:b0::10) To CH3PR07MB9937.namprd07.prod.outlook.com (2603:10b6:610:1bc::17)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CH3PR07MB9937:EE_|CO1PR07MB9017:EE_
X-MS-Office365-Filtering-Correlation-Id: 1c3d81cc-2a47-4fac-b951-08db9f4b449b
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: WnEYak3aI9p5pVTh1ga9NOi+Mj+rin6q7HyEUXkYkkB5CkUy/3ZeavQLvDlNqrGF8NHS/Wh/o+VnVtCCbXBTAbURSK5JvFxZrtUfb0KKWnWKUjzJM+kzo9Ao8mwu1yM7On5zqV0eKN+kRIH2buYEXRmGFnhD08R2ASLdByg1ybhMVDXkSUaFURiJYkQA64x3MDbW0GjD2lGoepw0Op+emKIfmrBDPuZD5l8CqJ6jghMhqt//JqXUYFVyxy3TUB2MeprvHvU0UXQpxVYSAImfITNRpk4Mbl/j395CTkDFq5FgpcIGnpzel245vfoBY0bQ5+cxr/AFg+IoX5o5tBk3ylRc2SYaOWXg9JijUESYoBzu9m7w89kMcFO9GM/M55LqXWZ+cGSq37optLHVg4ihWDvo0JGW+Ts7fez6+PblnLmFHa/d//mckJh8OZ3CxpqEE+an5AptrF35Fdkk941D8PpqzSNC9yCKasU/XBs0WaKFdMdlNS4T7XVkObyu0p4AtBa153xtTX8+a6SoAMPF2DdAP+nzuPQRGv2KPukj3M+txlJUsvJ/Meikun9KXCDc/377zbnLllvVAIF5xktBb4lLzerjMNwRBlrjrBNOfAugv7QfUyGyMs0y03fY9SUgd51QYRJboFGkYOTvu2K9yg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH3PR07MB9937.namprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(396003)(136003)(346002)(39860400002)(366004)(376002)(451199024)(1800799009)(186009)(31686004)(86362001)(31696002)(36756003)(38100700002)(75432002)(2616005)(5660300002)(44832011)(66556008)(478600001)(6506007)(66946007)(66476007)(33964004)(53546011)(6486002)(786003)(316002)(26005)(6512007)(8676002)(41300700001)(8936002)(66574015)(83380400001)(2906002)(43740500002)(45980500001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: ESTrsBQefANuP+9RmorVui3xwMT04wisg6qiOhQy/qZlLx3azT4LtxX4my/LT9IOnVmDm9vjpG2eedW4yXvgt/QwtzMeLvnwPp2+luJ4kjKxbxPleHj/pvujKA0c+cMbOJzFUhHCtXkUVxwMpEjXWowIlEr7pMzczA6T5Rx9dBVOWaaQd/22jm205tGHh2DJkjWhS5pRmVCpHFqmR8RmKZAyWrBXfWVns6+dymaXHqiZZI+K3zLesZb5GwuqhYUW/7CNz/K1ho65+yxS6lvyfmF5BqU42Ac4PqWcGFROLdrLdbjltdO/1Dr6w7nC4TRLoc4g9gDGTf8cmcIPvROh6xvijWRxkuA90Ox3Fv1uNFH8pSNgWwwB4polqbbAXdacKyE86q1QchXB98x/UA9XB7Jj1anUu518sk0K5nW0ErOuzV2I3OcMkFAz2+6u0dxsQZClGAPWReb6ssd05NF5q1KE8IXw+LXvHV08JY5Z1Vc61+fhcO1LcN7rOt7+mBrNAfYxZfiHYCL9t9VI7ORU5Cbg8PuVHo0NZUFGRkZNj6x9E68e1zb7HLRG88pMTNjlfXwARdbxzWObiai0hnBWvsn/ugQDehPLyo80uQRM1n9dqFOjLhb0eD4LjeBucwcw3oWdE8LaewSAB4oM7sE009CUfB9TtHhsBWNuJdZ72T3Anzl1d82wHxfMgoBd7yhJrdvltg969pnfNVAyC4Ui75Dif1rFcOxtIBcdjQIHhNIs8aEM5zL/1/F0ZUeok1uigd0GQSfS613buP8rgbduZP+fkb1Pu8VLvgJiAiyD8RMeX1HbG/3aape+Pne2swvaMxME9bm57zOaoULjjnIofivCFzs6sjuPjicbICfuyJA7BigXEpY9R3iG8WGt73WeX1DeFfax0Ygc7QYylmWF9io8B9gqotWAMWVmMwa32/ivCmECb2LtNLtBQcgIP48q212T3oDcD2r+4JNjweDHMIbS2yIfLdGJuBHu6y/3qkGo+7rER6Y7ypXM64CrS4Ojq5xVsb9SHzRAFaiQIi96yGHab1SIIglJ9r3wvm9AjKX69HUuHvqluLzHM16ycftA9eeR4/I0c5RFP7nKnXsgmSGhIUNxGNFCuC9+bUdcgT51kEfJQnxosBJ2JEj1wbRGdl1goZ2KVG85N3mhFDwA+eDRN4A/dmLfIl/VOlHC3MzfBE9SWg0TKr4tJ2cXTWQXEYxCsX4nyixX/bi6a2NccOcxLJr4/jTuZnV5DA5+hcfAI35NtKr3lAPvrQwVDF2huuwweDInlsb1SOXxsEr91p8ZPq0khznNsBUsM3UiRfJ8QlHUOkz9uqm7e7Q0yAOSBwG5Z0jtmFiSAOqA9krNuFYJQElq+lRNi692fNUmu9GulgmuPF/7Qt1ArvJXyz2cOKCfgq/nPxr7ZVosD8rW+Q75BzH/V/y+w8M8yLno2yyy/WTJ0rRHVdzBoqjP1Ah00WGqQT/pmjvrERGo5EbhbErxLirMPcLt2cr05aSxO41WChHcx7cOzqT6RKLtdvxHK/N/d3NT3xpDOOP/nETUDxOfsIIlNz/lyKHzRCyancppmNHO//YakS7klkqQGHWVT8+3QwzIz/Zzyl/mPgE8nQ==
X-OriginatorOrg: colostate.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: 1c3d81cc-2a47-4fac-b951-08db9f4b449b
X-MS-Exchange-CrossTenant-AuthSource: CH3PR07MB9937.namprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Aug 2023 17:56:22.6357 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: afb58802-ff7a-4bb1-ab21-367ff2ecfc8b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: rUdCnqKiroi5qNcG8h2/j5GzH9z2rgpyfrI9fu5Sd4zzsdODgEa8LL7sOY3ePdI3wQireTigC6paeSuTcwgF+A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR07MB9017
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/iHmJ0bWTRhusmy0oLEFlt91ptaE>
X-Mailman-Approved-At: Mon, 21 Aug 2023 02:07:21 -0700
Subject: Re: [Pearg] comments on draft-irtf-pearg-safe-internet-measurement-08
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Aug 2023 17:56:30 -0000

Yes, but you took my recommendation out of context.  The larger 
paragraph was:

    Second, a lot of the concerns about active measurement center around
    implied consent.  A number of thoughtful observers felt that efforts
    in the mid-2010s to understand censorship systems placed unknown
    individuals at risk (the experiments involved trying to send
    forbidden information to random IP addresses within the censored
    space -- with no knowledge of where those IP addresses were [e.g.
    someone's laptop] and thus the possibility that an individual would
    be flagged by the censorship system as a possible consumer of
    forbidden information). /I think the community still lacks a
    consensus, but perhaps a good starting point is that implied consent
    is not acceptable for active measurements that may cause harm to
    individuals.  This allows active measurement of infrastructure (web
    servers, etc.) but prohibits sending active measurements to
    individual's devices (laptop, phone, smart watch, etc.).  This would
    conform with Kantian edicts not to use a person for your ends
    without their consent./

And so I was suggesting active measurement of devices not linked to a 
person was OK (such as a server) but not devices that could be linked to 
a person.  And since this is /active measurement/, which means you are 
sending the traffic that is being measured (you are not observing 
traffic, which is passive measurement), the chances of harming someone 
are for the most part modest.

Why do I saw /for the most part modest/?  Well, as Mark and I noted in 
the paper I sent, if I chose to send a high bandwidth stream of 
measurement traffic at a server, I might both disable the server [bad 
for its users] but also may cause enough traffic to seriously interfere 
with other traffic on the links - imagine an E911 (or similar emergency 
call) over VOIP that doesn't go through because it was dropped due 
congestion from large volumes of measurement traffic.

But.. in any case, as a researcher, I'm not seeing a person's traffic 
with active measurement and, if we accept the provision to not risk harm 
to an individual, I should not cause a device associated with them to 
accept or transmit traffic that may be harmful

Thanks!

Craig

On 8/17/23 2:54 AM, Vittorio Bertola wrote:
>
>> I
>> think the community still lacks a consensus, but perhaps a good starting
>> point is that implied consent is not acceptable for active measurements
>> that may cause harm to individuals.  This allows active measurement of
>> infrastructure (web servers, etc.) but prohibits sending active
>> measurements to individual's devices (laptop, phone, smart watch,
>> etc.).  This would conform with Kantian edicts not to use a person for
>> your ends without their consent.
> I like this, but the problem is how do you define "harm". To me, the fact that non-anonymized recordings of your personal activity on the Internet, even by purely passive means, exist somewhere is already a harm, as you never know who will (legally or illegally) gain access to that information and for which purpose. If you accept this, you conclude that every measurement activity where data are not immediately aggregated or fully anonymized (as opposed to pseudonymization, which we know doesn't work so well) needs explicit consent by each individual. Both proxy consent (which I doubt could ever be legal in Europe except in very specific conditions) and implied consent would not be acceptable. But I'm sure that many in the browser/application industry would disagree.
>

v2.23.0 | Report a Bug | By Email