Re: [perpass] Steer 750 million euro at the EC for 'future internet' the right way

Watson Ladd <watsonbladd@gmail.com> Fri, 08 April 2016 16:34 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75CBC12D0F1 for <perpass@ietfa.amsl.com>; Fri, 8 Apr 2016 09:34:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, LOTS_OF_MONEY=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yVlIXAETt4_y for <perpass@ietfa.amsl.com>; Fri, 8 Apr 2016 09:34:06 -0700 (PDT)
Received: from mail-vk0-x236.google.com (mail-vk0-x236.google.com [IPv6:2607:f8b0:400c:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4174412D57E for <perpass@ietf.org>; Fri, 8 Apr 2016 09:34:06 -0700 (PDT)
Received: by mail-vk0-x236.google.com with SMTP id k1so144502432vkb.0 for <perpass@ietf.org>; Fri, 08 Apr 2016 09:34:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=Yejgh0dUbkQPZpaUq/gAEPTe/LusNFDQbfyuTHRnJkY=; b=mURngAa2bgqAxlbIdmLmx0OfpGkYef3w+wOdGrnoCb38JYIUEuFdXSKvEphStI75Rg TxGpVQZf0x3h+8VFsRzyelgDLSOIpV1qbaz52e6lOAZLIPJDlh8+ijPrhdk89/FXvmll 9lJm7A+xl8QO8faM+jufWlm2gMIJxZoEea/Wl02/1ERTajU2YxSqzbW2awGbcubRsjDk MftkhmfbNYyW393TI+nt1L0SNaUv+HSNFuRgjwkeWxofXohp02dyMAfWiFItbfq47Yzt w9APy/QJ4y6x97aQtlzbEv9t3YPfXVcCMuwxYJrcSC6wswGdec3f/s6z3WQNPxjVnZNh Q8QA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=Yejgh0dUbkQPZpaUq/gAEPTe/LusNFDQbfyuTHRnJkY=; b=UgF0HrKvJfrPbfFV50aDtDp8nssV5fTudGASEzrgEQSN6l92uAqdYx/XjBMmN8GhKq XkpQY9jZETTkCVZ/thW7j9BpxZHNL2sA036MZusLMb/DRjQWJV2FOmMWvMfUWe/xgBlC KC9WUp0CwL0BVGQaiCsV5YAH5urfI6sI6yIaoe7LkJs4c/5w/ohZpplbFPf9mGAwvF/6 2iH/rn9sZDhGjsfLEGATFXYsnwPc8QlR66dpEM8sYiE9CzyjumXFl3456snuYXDbIeRN QR4fK3Ov82/K7b6Hdb4UM5M+sbFcMlUJIzYxFoFlJfgN25rrjiIG4eNSfUgWdFBn02br wliA==
X-Gm-Message-State: AD7BkJIGVDsOyPHMKppzHuFAX5jJBjhhNTHkPhn24lFPyGGoJb0Im5xAaNySHCOSwRvNbS01/c2SHMdMIBHxSw==
MIME-Version: 1.0
X-Received: by 10.31.173.18 with SMTP id w18mr4073896vke.31.1460133245314; Fri, 08 Apr 2016 09:34:05 -0700 (PDT)
Received: by 10.176.1.208 with HTTP; Fri, 8 Apr 2016 09:34:05 -0700 (PDT)
In-Reply-To: <5707CFC5.9010700@w3.org>
References: <5707966C.1020100@nlnet.nl> <5707BDAE.6060800@nlnet.nl> <5707CFC5.9010700@w3.org>
Date: Fri, 8 Apr 2016 09:34:05 -0700
Message-ID: <CACsn0cnnOtTMB=3wQWcy5So9SOkWeiqirwg98YsLgWBn_oUSxg@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Harry Halpin <hhalpin@w3.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/snBEpfcxj-DFDjxanxcOw2sWznw>
Cc: perpass@ietf.org, Michiel Leenaars <michiel.ml@nlnet.nl>
Subject: Re: [perpass] Steer 750 million euro at the EC for 'future internet' the right way
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Apr 2016 16:34:08 -0000

On Fri, Apr 8, 2016 at 8:35 AM, Harry Halpin <hhalpin@w3.org>; wrote:
> FYI,
>
> I'm speaking to the European Commission at their NetFutures conference on
> this very subject in 2 weeks, where I will try to convince them to focus on
> funding security, privacy, funding open-source, and working with standards
> bodies such as the IETF. If you know any particular efforts that need to be
> highlighted, just ping me and I'll highlight them. Otherwise, I was going to
> focus on success stories of TLS 1.3, CertTrans, OAuth, WebCrypto and future
> work like  Humans Rights Protocol Consideration IRTF task force, CFRG +
> postquantum, and WebAuth/FIDO/Token-Binding. Rather than say, attempting to
> invent a new network stack ran by a proprietary company, which is what some
> in the EC would due if left to its own devices.

I don't think any of these are "success stories", especially WebCrypto
(theoretically useless) and the CFRG (only success was in wasting 2
years of my life). $750 million to stop people writing in C would have
a much bigger impact. A fraction of that to build distributed systems
where all actions are tied to user identities, instead of the current
mishmash of technologies on the web which opens the door to all sorts
of attacks, would have a big impact.

There are fundamental architectural issues with Internet and Web
security that cannot be fixed, only patched around.

>
>   cheers,
>       harry
>
>
>
>
> On 04/08/2016 10:18 AM, Michiel Leenaars wrote:
>
> Hi all,
>
> I just wanted to flag this very interesting opportunity to decide on the
> fate of 750 million euro to be spent on the 'future of the internet',
> which might be interested to the folks in perpass because this is such a
> hard topic to get funding for. The source of this money is the European
> Commission's Net Futures directorate which was established to pioneer
> and coordinate research, innovation, and policy initiatives on what lies
> beyond the current Internet architecture, software and services.
>
> In its own words: it is now "updating its vision for the area,
> identifying key technological challenges and research priorities, and
> establishing a research and innovation agenda for the coming years". But
> it doesn't mention the whole surveillance crisis which seems like
> something that should be the number one priority.
>
> The fact that they put up an open consultation is the opportunity to
> change that lack of awareness. Any input can have a noticeable impact,
> because (as astounding as it is) for that huge budget only a few dozen
> responses are expected. Any response pointing to the need to invest in
> fixing the broken parts of the internet and its accumulated technical
> debt first, therefore makes a *real* difference.
>
> I've written up some background at the NLnet foundation website:
>
>             https://nlnet.nl/people/leenaars/ec
>
> The deadline is April 10th, which is insanely fast. But then again,
> responses need not be too long - a few lines will do as long as the
> submission flags somewhere that there can be only one real priority,
> which is to harden the internet and repair the fundamental design issues
> of the core of the internet in the post-Snowden era.
>
> Thanks for your help, and have a great weekend!
>
> Best,
> Michiel Leenaars
>
> (and apologies I've you've already received mail through some other
> channel, it is just such a unique opportunity that it touches many
> different issues)
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass
>
>
>
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass
>



-- 
"Man is born free, but everywhere he is in chains".
--Rousseau.