IETF Logo Mail Archive

Re: [Pearg] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?

Dave Taht <dave.taht@gmail.com> Wed, 04 January 2023 14:59 UTC

Return-Path: <dave.taht@gmail.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 878EFC136155; Wed, 4 Jan 2023 06:59:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9XNGtFHSopM3; Wed, 4 Jan 2023 06:59:28 -0800 (PST)
Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A826C136153; Wed, 4 Jan 2023 06:59:28 -0800 (PST)
Received: by mail-wr1-x432.google.com with SMTP id co23so33277059wrb.4; Wed, 04 Jan 2023 06:59:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=bjaGX1iOWK7j6ljxBccyAmkkrCT26ZQ9hM/FgsebLF4=; b=W1wau27Kg5rwfrWgHIfmYF4qxx60alcCumAXRr5wZMbps8A6EgvmBbAVPzFWccSL9Y EICIyu+jXRcAGH7zzwAq0eq+aETs/mHpgPclB/ie2Rnq11DTswsM54YJzyf80Tm1r1Sa f5y8k/3qL1wiW18fySwEeNX/Eb/AOvH1XvqTMN79LkZOezUsZHCDWbq/SRVbvni3OQbS h+SaEtNyiPeBha3tlioGSz/zrJB37okZTb83zWACHiYFdZwZAKdb7JpdgrhXorxypdzV /27PE4t+KpsBzMYV0wxo41HtORMRB6Z5VDog+u7LRYw6UVZZoF+zRc6cziFkYtRiefN9 mW/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bjaGX1iOWK7j6ljxBccyAmkkrCT26ZQ9hM/FgsebLF4=; b=WDbzzOjzek4xVj0n4SM8xFt+ufCwkdLIKuZSkm/hD4tzGg+AOgRH7FFVGsN535gBz+ I8xuKIfJ2YgsbkXfpaC+1w7p6ICKm2fo0f6elleW3NpQ0PMlyAW1qNhK3Gd/5u2JW2sI iXnS529CsoZNIYUG00XyTGMlxBH52w7sp1vyTOm/YS1+GSYjqN/pu7khvu7y3/VFsrT6 vM8mJMi+uJMVbMEfKnf/R/T78Ii8Kuq5noz4q85OAtikfW2KIGhKR64kYTCjVflorSsP u/WZ3aOVcqYSGs5+FPn6eymW8ZH1hserBAk2pSRpNK5BRLutlhp5CnIxOoGLVbTVVGvz P+Jg==
X-Gm-Message-State: AFqh2krOfI7E0cq2JFaQf0kXdSMCsB2SiiP9bh/2SWuE58WbBUkf5xxd mN3m+LOWd5jxOWbokduGc7JUbyC80hDo6RGfRy8=
X-Google-Smtp-Source: AMrXdXtpoXSzXsvOz47FCTCZCxfzD22FnUEn3Apiccf7cJm2VWYZDEdV2kpc/e/k4O1MiAsihHh7QKL3aE0e0fnHTvQ=
X-Received: by 2002:a5d:590c:0:b0:27c:33bc:5879 with SMTP id v12-20020a5d590c000000b0027c33bc5879mr1365552wrd.500.1672844366531; Wed, 04 Jan 2023 06:59:26 -0800 (PST)
MIME-Version: 1.0
References: <HE1PR0701MB305098F652DBC34E3C40810B89F49@HE1PR0701MB3050.eurprd07.prod.outlook.com> <764163366.39904.1672842828297@appsuite-gw2.open-xchange.com>
In-Reply-To: <764163366.39904.1672842828297@appsuite-gw2.open-xchange.com>
From: Dave Taht <dave.taht@gmail.com>
Date: Wed, 04 Jan 2023 06:59:16 -0800
Message-ID: <CAA93jw4gsZxs_WzNTr5e9TdvV9q9mQ_Ey_47qSEdE4nLktHMHw@mail.gmail.com>
To: Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>
Cc: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "hrpc@irtf.org" <hrpc@irtf.org>, "pearg@irtf.org" <pearg@irtf.org>, saag <saag@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/rIND568L9NlDsflsU3L7bg74sGI>
Subject: Re: [Pearg] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2023 14:59:28 -0000

On Wed, Jan 4, 2023 at 6:34 AM Vittorio Bertola
<vittorio.bertola=40open-xchange.com@dmarc.ietf.org> wrote:
>
>
>
> Il 03/01/2023 11:27 CET John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org> ha scritto:
>
> - Threat Model: The IETF has failed to update the Internet Threat Model to include compromised endpoints, misbehaving endpoints, and large centralized information sources. This is very disappointing as these things were, and still are major enablers for pervasive monitoring. Assuming compromise is an essential zero trust principle. The excellent IAB document RFC 7624 that talks about compromise and exfiltration deserve much more citations.
>
> There were attempts to do this, and even a dedicated IAB program and mailing list, which was wrapped up without results just a few months ago. I still think this was a big fail; in fact, this implies that counteraction against surveillance capitalism practices can only happen elsewhere, at the regulatory level, as the IETF community either does not know what to do about it, or does not want to do anything about it.

What bothers me most today are that "modern" OSes, like chromebooks,
android, ios, have no way to do a packet capture of "their side" of
your computer. Not even being able to know what IPs my own device is
talking to (or blocking some) makes me a tad... paranoid.

Privacy and control for whom?

> --
>
> Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
> vittorio.bertola@open-xchange.com
> Office @ Via Treviso 12, 10144 Torino, Italy



-- 
This song goes out to all the folk that thought Stadia would work:
https://www.linkedin.com/posts/dtaht_the-mushroom-song-activity-6981366665607352320-FXtz
Dave Täht CEO, TekLibre, LLC

v2.23.0 | Report a Bug | By Email