Re: [perpass] [dns-privacy] We'll have stakeholders in Great Britain...
Joseph Lorenzo Hall <joe@cdt.org> Thu, 05 November 2015 05:45 UTC
Return-Path: <jhall@cdt.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7D451B39A9 for <perpass@ietfa.amsl.com>; Wed, 4 Nov 2015 21:45:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.378
X-Spam-Level:
X-Spam-Status: No, score=-1.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VPfH1aC5-V5O for <perpass@ietfa.amsl.com>; Wed, 4 Nov 2015 21:45:57 -0800 (PST)
Received: from mail-lb0-x233.google.com (mail-lb0-x233.google.com [IPv6:2a00:1450:4010:c04::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AD131B391B for <perpass@ietf.org>; Wed, 4 Nov 2015 21:45:57 -0800 (PST)
Received: by lbblt2 with SMTP id lt2so8828354lbb.3 for <perpass@ietf.org>; Wed, 04 Nov 2015 21:45:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=SyPtSA4x8dea1l5ctxlGveKoDVZ3+BF+ffvD/UiEF4U=; b=iALZ7DdPc2zX4it6UpNvNochKm8bivCGigLd1lQKtJS1GxYkSuILIJqcwgfwoGrp/k N+RTgJRvXioFxsfC68WuNob2hD3wR0YoxY9vtQFUHnECEO7hlv9U/rn92tDfFs7glCF1 66ByiJcS9nzAFpnjdVxX4No3deEm7mTDolaVc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=SyPtSA4x8dea1l5ctxlGveKoDVZ3+BF+ffvD/UiEF4U=; b=FIVNnGP+SGwtLjeYdL3aMl/qADID8zsN1QvUfLw85KZgnkBE+DkrUWbh0Lfypc2sGF 6o6JlupZP/wrPvsTxCafUxATe6y87iuo8UMuHbHIrtHeCtCpF8gZPHc3e3aH5QN/CFWK yBc99DzGRMpoksu4tAO3Fqir1tci4L+BOIn60KfZZlEoJDPArI4P4Hm6NYbK670Twq8q tOvQlEpOx92GkwDBsetXUVw0j48u/hy3TndD8rFCzJ3d6iKPMtjFLHCUJwm6ATvZpP1M PnFNh1pJtTDpIXW9+ZXmwn6U2YDSQ00x111BxwCTW92Y57NHPRK4U/N7CXAV+VS6Ie/u 3jKQ==
X-Gm-Message-State: ALoCoQnpklxY9eNlZGebmikyaPiUFY9Im5PpFsSJc7xTuJ0kHlXUbzfGZ3ScdvMV251HhNopaKTZ
X-Received: by 10.112.161.168 with SMTP id xt8mr2810237lbb.88.1446702355075; Wed, 04 Nov 2015 21:45:55 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.141.77 with HTTP; Wed, 4 Nov 2015 21:45:35 -0800 (PST)
In-Reply-To: <2F62068C-93EA-4F65-B975-9D9E0534A103@isoc.org>
References: <20151104132852.GA30149@laperouse.bortzmeyer.org> <CABtrr-UBM9xvsPOx8+V5a8s1Y0d8+KmpidvcwZqh81KVyGcW_g@mail.gmail.com> <2F62068C-93EA-4F65-B975-9D9E0534A103@isoc.org>
From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Thu, 05 Nov 2015 14:45:35 +0900
Message-ID: <CABtrr-WpUNKZ4m5p4f0ZR0wNDr=XpQwqBZzQQ-WMJ9VfXcNDig@mail.gmail.com>
To: Robin Wilton <wilton@isoc.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/ACeHTesw5BPLB5Eq3qLbgAV4ATU>
Cc: perpass <perpass@ietf.org>, Stephane Bortzmeyer <bortzmeyer@nic.fr>
Subject: Re: [perpass] [dns-privacy] We'll have stakeholders in Great Britain...
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Nov 2015 05:45:59 -0000
I should also point out, on a different part of the Bill, section 189, "Maintenance of technical capability" requires non-UK providers/companies to provide access to cleartext. e.g., this part reaches non-UK folks: "An obligation specified in regulations under this section may be imposed on, and a technical capability notice given to, persons outside the United Kingdom (and may require things to be done, or not to be done, outside the United Kingdom)" :/ On Thu, Nov 5, 2015 at 2:08 PM, Robin Wilton <wilton@isoc.org> wrote: > It’s very hard to work out exactly what UK policymakers think they are aiming for here… quite possibly because their own understanding is less than perfect. > > In the parliamentary debate yesterday, the Home Secretary repeatedly referred to retention of “the first page or device accessed by a user”. > > I don’t think I know what that means. > > I also wonder, for instance, how that would work in a “portal”-style environment, where a single “landing page” could contain dynamic content elements. > > Nor is it clear to me whether, once I visit a site, my CSP would have to log the “first connection” my browser gets to each embedded third-party-served element on that page (e.g. ads, ssh sessions etc… etc…). > If it does, there’s potential for this measure to result in volumes of data that are so large as to be increasingly unusable. (Obviously, as a privacy-concerned citizen, if the interceptors drown in data, I can see an upside in that ;^) ) > > I will be looking at the detail of the Bill over the coming days, and no doubt ISOC will be publishing some analysis, comments and conclusions. > > Yrs., > Robin > > Robin Wilton > Technical Outreach Director - Identity and Privacy > Internet Society > > email: wilton@isoc.org > Phone: +44 705 005 2931 > Twitter: @futureidentity > > On 5 Nov 2015, at 04:34, Joseph Lorenzo Hall <joe@cdt.org> wrote: > >> (moving a thread from Stephane on dns-privacy here to perpass) >> >> I wanted to highlight for perpass the draft UK Bill [1] that dropped yesterday. >> >> It includes the following language in Section 71(9) that ISPs, on >> notice, will need to retain the following for one year (and, yes, some >> of this is completely crazypants and totally unclear how to map these >> concepts onto technical concepts): >> >> ---- >> >> (9) In this Part “relevant communications data” means communications >> data which may be used to identify, or assist in identifying, any of >> the following— >> >> (a) the sender or recipient of a communication (whether or not a person), >> (b) the time or duration of a communication, >> (c) the type, method or pattern, or fact, of communication, >> (d) the telecommunication system (or any part of it) from, to or >> through which, or by means of which, a communication is or may be >> transmitted, >> (e) the location of any such system, or >> (f) the internet protocol address, or other identifier, of any >> apparatus to which a communication is transmitted for the purpose of >> obtaining access to, or running, a computer file or computer program. >> >> In this subsection “identifier” means an identifier used to facilitate >> the transmission of a communication. >> >> ---- >> >> While the press before had highlighted this bill would require >> retaining "web browsing history" it seems both somewhat worse, and >> potentially Netflow data for what seems like all an ISPs subscribers. >> >> Wondering if others have thoughts. >> >> best, Joe >> >> [1]: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/473770/Draft_Investigatory_Powers_Bill.pdf >> >> ---------- Forwarded message ---------- >> From: Stephane Bortzmeyer <bortzmeyer@nic.fr> >> Date: Wed, Nov 4, 2015 at 10:28 PM >> Subject: [dns-privacy] We'll have stakeholders in Great Britain... >> To: dns-privacy@ietf.org >> >> >> http://www.bbc.com/news/uk-politics-34715872 >> >> The bill will force companies to hold "internet connection records" >> for 12 months so they can be requested by authorities. >> >> Such data would consist of a basic domain address, >> >> _______________________________________________ >> dns-privacy mailing list >> dns-privacy@ietf.org >> https://www.ietf.org/mailman/listinfo/dns-privacy >> >> >> -- >> Joseph Lorenzo Hall >> Chief Technologist >> Center for Democracy & Technology >> 1634 I ST NW STE 1100 >> Washington DC 20006-4011 >> (p) 202-407-8825 >> (f) 202-637-0968 >> joe@cdt.org >> PGP: https://josephhall.org/gpg-key >> fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 >> >> _______________________________________________ >> perpass mailing list >> perpass@ietf.org >> https://www.ietf.org/mailman/listinfo/perpass > -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871
- [perpass] Fwd: [dns-privacy] We'll have stakehold… Joseph Lorenzo Hall
- Re: [perpass] [dns-privacy] We'll have stakeholde… Robin Wilton
- Re: [perpass] [dns-privacy] We'll have stakeholde… Joseph Lorenzo Hall
- Re: [perpass] [dns-privacy] We'll have stakeholde… Robin Wilton
- Re: [perpass] [dns-privacy] We'll have stakeholde… Rob Stradling