Re: [Pearg] [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?

Ted Hardie <ted.ietf@gmail.com> Thu, 05 January 2023 10:35 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7445AC15258A; Thu, 5 Jan 2023 02:35:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vcO-C4KFT2Yx; Thu, 5 Jan 2023 02:35:44 -0800 (PST)
Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4AAFC14CE51; Thu, 5 Jan 2023 02:35:44 -0800 (PST)
Received: by mail-ed1-x532.google.com with SMTP id c17so52201745edj.13; Thu, 05 Jan 2023 02:35:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=rTYzOy7tw8U3qOHNa6KRvBL6xfic1bynrtyQ5vlOI3w=; b=RRjhYYnbQ5MqAlDXLfZWJzTVxZ1I2IdOrrx5W4N53EdFtvgJ+UaeKlMtRVlNra6Ptv h9gQER5d3EynXu2585NkgAbMiZK2uIMh0/qzz9rSKuy51LiMHwxJ2jg9kA1q0W5i8BYC 7YC1oSwMfPN8r7eBvlYD+I4I8OO2YSkXZX9SBhXkFD1tKL4SEDH1jSiRtgSr8yBY1a0U MT+0RwTszRG0e2dmghEYPJgYPTReK86YplgUbNtJu+b9osZ508OGNpyIoxS0n0Eks4xT +7mBSq7os4m97jic0/qglm/EBXF67AuxGSAvi3JY4KlD7Qov8ndCasUvgtalR6dsjJoM 84zA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rTYzOy7tw8U3qOHNa6KRvBL6xfic1bynrtyQ5vlOI3w=; b=cP8UPqs7B5jv59xBH211UZkei0TAL0JIxcew+q8Vt3x6AOtHEtgnFuvj+jl+evEqB1 o7G6C0RlEg86ljUPafBS1tlaCPpo6TBcgiNzs7qR686A0YlxYXEFr0kvbfodJzgo0njo lrqIMGY/JFVbZnRtwKqY51xxWxvoCcBRQrQMQH3qp5eUx96B0iYjm2rRUUZ1Nai7v3BM TWRyZjXMhaYYzcN65nob+emfk8T25eHSXoqzMse23Hsl7aIuPJX8SSGziJAdeMp3iz0/ nzw+a5JmuV6MBzL3aPMP2mr6RJy2uqJ+36BJSUl132l1pPDogp8MRyVWafrUcMyYnB47 ld3w==
X-Gm-Message-State: AFqh2kr+iXkl0oofJp0oAmquX94ob2yytHTCPvJCv4xIh7zxZ67m6qj9 mNPhNpVS0Ou2w+PR4TZ7Kko4mah/AMpCsWe+QokXQBsZ
X-Google-Smtp-Source: AMrXdXsgmQnQ67a9Gbv5kyscWdvnmPlTRE4oeLtCr2xNY3GpDOq2wRwYfxjxP4apYBaHiJf2bktptzV4n078rxc8rpw=
X-Received: by 2002:aa7:cd62:0:b0:472:c7fd:ccfa with SMTP id ca2-20020aa7cd62000000b00472c7fdccfamr4542612edb.356.1672914943389; Thu, 05 Jan 2023 02:35:43 -0800 (PST)
MIME-Version: 1.0
References: <HE1PR0701MB305098F652DBC34E3C40810B89F49@HE1PR0701MB3050.eurprd07.prod.outlook.com> <764163366.39904.1672842828297@appsuite-gw2.open-xchange.com> <CABcZeBNA_nJ2waQVENUvEXro91wAYOcH0ZxWqbLH4hoKcGkosw@mail.gmail.com> <9658281.42904.1672912808774@appsuite-gw2.open-xchange.com>
In-Reply-To: <9658281.42904.1672912808774@appsuite-gw2.open-xchange.com>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Thu, 05 Jan 2023 10:35:16 +0000
Message-ID: <CA+9kkMBLiijcAyLYn_6h8z3N00EDaxdP=f7P2-qUt4Bn1iSWEg@mail.gmail.com>
To: Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>
Cc: Eric Rescorla <ekr@rtfm.com>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "hrpc@irtf.org" <hrpc@irtf.org>, "pearg@irtf.org" <pearg@irtf.org>, saag <saag@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f0b3e905f181dcf6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/ilGxw1vo3Iiix1g1jilUerO8ZkI>
Subject: Re: [Pearg] [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2023 10:35:45 -0000

A quick response in-line.

On Thu, Jan 5, 2023 at 10:00 AM Vittorio Bertola <vittorio.bertola=
40open-xchange.com@dmarc.ietf.org> wrote:

>
>
> Il 04/01/2023 20:33 CET Eric Rescorla <ekr@rtfm.com> ha scritto:
>
>
> I still think this was a big fail; in fact, this implies that
> counteraction against surveillance capitalism practices can only happen
> elsewhere, at the regulatory level, as the IETF community either does not
> know what to do about it, or does not want to do anything about it.
>
>
> I don't think this is true at all.
>
> First, the IETF *is* working on issues around privacy and preventing
> various forms of surveillance capitalism. That's in part what initiatives
> like DoH, QUIC, TLS 1.3, ECH, OHAI, MASQUE etc. are about.
>
> Of course you will disagree with what I am going to say, but here is the
> common (though not unanimous) viewpoint from the technical policy community
> of a different part of the world - no offense implied.
>
> In Europe, "surveillance capitalism" is basically synonymous with a set of
> a few very big American companies that happen to be the ones promoting and
> deploying the standards you mention.
>

First, I'm not sure that it is reasonable to assume that there is a single
European position on anything.  Brussels is not Lisbon and neither is Oslo
or Budapest.  And within each of those, academics, regulators, and civil
society may have different opinions.  As in the US, there are folks
cheering for DoH and people opposed; there are people delighted with OHAI
and folks depressed about it.

Second, I think we have to be careful to talk as if there is a single
threat model here.  At least one of the threat models is truly about
pervasive surveillance, which reflects an updated understanding that an
attacker may be omnipresent across the network and thus able to correlate
activities that a sender or receiver previously assumed could not be
linked.  That's what RFC 7624, Section 5 described.   Many of the key
characteristics of protocols like QUIC were designed with this threat model
in mind; they provide increased confidentiality on the wire.  Because that
threat model is focused on observation, rather than the capabilities of the
parties, it has little to do with concerns that a small set of players is a
party to many different sorts of communications.  That's a different
threat, and some of the work to address it, like OHAI, starts from very
different principles as a result.

Both amongst ourselves and when talking to those working in policy circles,
I think it is very important to be clear on what threat we perceive and
what responses target that.   Lumping all the threats and all the responses
together makes it difficult to see the progress that has been achieved and
even more difficult to identify where work still needs to be done.

Just my personal opinion, of course,

regards,

Ted Hardie

So, it will be hard to convince people in Brussels or Berlin that those
> standards are meant to put the business model of their proponents under
> check. Actually, they are more likely to lead to the conclusion that the
> IETF is being used as an instrument to further that business model, and
> that the encrypted network architecture that it is promoting is meant to
> disempower end-users and any other party (including European law
> enforcement and privacy authorities) from checking what the endpoints do,
> which information they send and who they send it to, facilitating
> uncontrolled data extraction practices by the private companies that mostly
> control the endpoints, i.e. the above ones.
>
> There is a general feeling that the bigger threats to user privacy are now
> not in transit, but in or before the endpoints. So, the fact that the IETF
> does not want to consider threats in the endpoints is seen as additional
> evidence for the above.
>
>
> --
>
> Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
> vittorio.bertola@open-xchange.com
> Office @ Via Treviso 12, 10144 Torino, Italy
>
>