IETF Logo Mail Archive

Re: [regext] "Considerations" Sections

Andrew Newton <andy@hxr.us> Tue, 06 November 2018 18:20 UTC

Return-Path: <andy@hxr.us>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC599130DC1 for <regext@ietfa.amsl.com>; Tue, 6 Nov 2018 10:20:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hxr-us.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ILZTDMfff3Gd for <regext@ietfa.amsl.com>; Tue, 6 Nov 2018 10:20:44 -0800 (PST)
Received: from mail-io1-xd35.google.com (mail-io1-xd35.google.com [IPv6:2607:f8b0:4864:20::d35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58AD51277CC for <regext@ietf.org>; Tue, 6 Nov 2018 10:20:44 -0800 (PST)
Received: by mail-io1-xd35.google.com with SMTP id a23-v6so9967739iod.7 for <regext@ietf.org>; Tue, 06 Nov 2018 10:20:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hxr-us.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=aQqAtscKiaJDKhOwBQ+AgtqIFxJa2swCDmhKyAWpV44=; b=dFFnY9qR/TwqacbotM3GIHw50ijQrg2ZPydtSl2z10ZZFMK+uCucD2TZm/XQSOE76h dYlGPv9IVKPrGsK6JP0XbZ8ElVFKgSiU0rGpq1zndUJuT7JfblXFVqrylohOCWT41msm rMU8bFM2IHyWab54/kZV7XkMUCVL+dYOq51RG6TsDU9n5HkEQ8p34bnd5VMTSvy55dZV qHIYfAALCHzQ0pVj+t6+eACXlP/fO9w5VsNoP3B6DFCZ2iNDIM4YGao6DsgBMpINngmL EHFErs2vx6Hn4yiwNf40+L0Eh54KZ1dM/Tbp7NVgu3xcrKc6d9nqO5wuyD05aL2YJTuG 94lw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=aQqAtscKiaJDKhOwBQ+AgtqIFxJa2swCDmhKyAWpV44=; b=qmN9vCTyltiLmTj4l6eeXxxQ1JhBuVeYpViNS9Xlm7tjSxySVvLjSuYxN4t5ntkITB Wb39cyiIWS0F98P9DoSgSlWz1sWeMQipTjcPcGk0zeqX2LAc5UlJU5T3av9h22PuzMTg X7V59HYdAm/JPfNSA3F06QpaIP9dYV0pgNZMdpC5lRM4vZ6qdKFU3np3yj7E4AD5Fqfk Jg5GZKXKIccYT/uWrqgw3hfZvifODaOqVXEulJ6tZxADkMHJk1/zrCjcbowGAkXe1hqb tjXIgDNHTItaPHv6WY9h5wBdp8++tY7mQcvkKu9L5nS5gSUic0+E9E0kNbBU+vcqi5N6 OX7A==
X-Gm-Message-State: AGRZ1gIIzTSySDOkCjEdVMObT9vElua3cDLbDZtV2oFqHErONTzbDpIk KqxgxM/2Z54WHWZWlkS1tTK63XL28UjOHRUZuToqVg==
X-Google-Smtp-Source: AJdET5cz3LUlH+GrvaBU8lj7JMYBNnB2gtUvtXcryOtaaZTNDuR7URWZ8DeXWnZHkcwC5aK+jDV6uIAJq5LbgRQAT8w=
X-Received: by 2002:a6b:ce01:: with SMTP id p1-v6mr22197298iob.129.1541528443384; Tue, 06 Nov 2018 10:20:43 -0800 (PST)
MIME-Version: 1.0
References: <d250d4aa2e284ab1bc4fdc770770d2d1@verisign.com> <3feaffd7-902a-d9f3-5ff6-58313ef412a8@digitaldissidents.org> <d99249ab1a8a450996d936272e90ebcb@verisign.com> <05858420-677d-4569-82c5-f2fdcccd2eef@digitaldissidents.org> <89c3df7d69844e51aa156210d90052a6@verisign.com> <290edd26-2f7e-35ee-47d6-5708bcabcdd1@digitaldissidents.org> <5B212B3C-45B0-47BD-8BBB-91C6C0E0F0A6@verisign.com> <3f5815ca-e3cb-e696-12cf-c9bd7e4f120f@digitaldissidents.org> <1a4d3364-e138-a2ca-ed8b-5fd30ac0bbe1@feherfamily.org> <BB87EF5B-86B0-4203-9D60-AA466B0D4B84@verisign.com> <236de218-13cb-d1c3-e831-0a6a24e10d8e@digitaldissidents.org> <384B783C-6DF7-4FCC-8159-D45FCC605F0D@verisign.com> <4dac9c14-cc16-5ffd-46db-91aae47a1cbf@digitaldissidents.org>
In-Reply-To: <4dac9c14-cc16-5ffd-46db-91aae47a1cbf@digitaldissidents.org>
From: Andrew Newton <andy@hxr.us>
Date: Tue, 06 Nov 2018 13:19:59 -0500
Message-ID: <CAAQiQRcdF0bft2BznsYxHOJDVX+_0SuFV_JtpXy3B7a49shVdQ@mail.gmail.com>
To: lists@digitaldissidents.org
Cc: "Gould, James" <jgould@verisign.com>, Registration Protocols Extensions <regext@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/BrZkBHa23bQ0vmWyRBb-ZQZNYkg>
Subject: Re: [regext] "Considerations" Sections
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Nov 2018 18:20:49 -0000

Hello all,

I have a couple of points I wish to make on this thread.

1. With regards to author vs editor, in the most cases they are the
same person. The editor distinction is often made to assuage political
issues or to overcome obstacles related to document production, such
as the original author being unable to complete the work. Regardless,
I don't see how that impacts the current discussion, which is about
the HRPC.

2. In my opinion, I do not believe a human rights considerations
section would negatively impact the readability of this draft if
written properly. That said, the text put forward in the other thread
is certainly not acceptable as it has the tone of "only people who
crush cute puppies under their boots would do this". The text should
be neutral in its advice and merely note the issues, as we see with
most security considerations in the IETF. The text I read said a lot
of things "will" happen instead of "may" happen.

3. I do take issue with some of the text put forward for the human
rights considerations:

a) The section regarding law enforcement subverting a VSP is difficult
to understand in that law enforcement by definition has a monopoly on
power, and therefore they could also simply subvert the will of the
registry or registrar as well. The only point to really be made is
that a VSP in one jurisdiction may impact the operations of a
registrar/registry in another jurisdiction.

b) There is zero mention of the benefits that may come of this with
regard to keeping criminals from using the domain infrastructure. For
example, freedom from harassment seems like it would be a human right
(and yes, I understand there is a fine line between harassment and
free speech, but that's why courts decide such things and not IETF
documents).  I personally do not place much value in this benefit, but
there are certainly others who feel strongly about it.

-andy
On Tue, Nov 6, 2018 at 12:32 PM Niels ten Oever
<lists@digitaldissidents.org> wrote:
>
>
> On 11/6/18 6:19 PM, Gould, James wrote:
> > Niels,
> >
> > I belief inclusion of an HRPC section pulls policy into the draft that will add confusion.
>
> Describing the implication of technologies on humans is not at all the same as policy. This is also the standpoint of the IAB, as laid out in RFC6973. So I am not pulling this out of my hat.
>
> The chair described the way forward on this draft today as follows (as far as I understood it): we would first see what technical amendments to the draft we could make, then see what human rights considerations are relevant, and then seek WG consensus around that.
>
> Again, I and others are happy to work with you on text that is very clear, and leaves no space for confusion. We can then use that to build consensus in this WG.
>
> I hope we can continue going down the road suggested by the chair.
>
> Best,
>
> Niels
>
>
> >
> >
> > James Gould
> > Distinguished Engineer
> > jgould@Verisign.com
> >
> > 703-948-3271
> > 12061 Bluemont Way
> > Reston, VA 20190
> >
> > Verisign.com <http://verisigninc.com/>
> >
> > On 11/7/18, 12:02 AM, "regext on behalf of Niels ten Oever" <regext-bounces@ietf.org on behalf of lists@digitaldissidents.org> wrote:
> >
> >     On 11/6/18 5:50 PM, Gould, James wrote:
> >     > KF I wonder if this is a useful observation. I havent heard anyone
> >     >
> >     > suggest that a HRPC section is required, only that it seems very
> >     >
> >     > appropriate for this draft. So it might be appropriate to focus on why
> >     >
> >     > the section should be or should not be present in the context of how an
> >     >
> >     > implementer might consume the document.
> >     >
> >     >
> >     >
> >     > I don’t believe adding an HRPC section to draft-ietf-regext-verificationcode will assist the implementer in consuming the draft, but instead will add confusion.
> >
> >     Why would a well formulated paragraph, as laid out in RFC6973 and expanded in RFC8280, add confusing?
> >
> >     > What makes it appropriate for this draft over other drafts?
> >
> >     I think it would also be appropriate for other drafts, as we've for instance seen today in the discussion of the reverse search.
> >
> >     >  My recommendation is to focus on addressing any applicable technical elements raised, and as Scott recommended, raise the inclusion of an HRPC section in any draft up to the IETF.
> >
> >     That was not the way forward was summarized by Jim.
> >
> >     The WG can decide what we add to the draft or not, so I think we should discuss it in the WG and seek for consensus.
> >
> >     Next to that we can also discuss in other parts of the IETF whether this should be applicable to drafts in general, or how to further and structurally integrate such reviews in our processes.
> >
> >     Best,
> >
> >     Niels
> >
> >
> >     >
> >     >
> >     >
> >     > —
> >     >
> >     > JG
> >     >
> >     >
> >     >
> >     >
> >     >
> >     >
> >     >
> >     > James Gould
> >     >
> >     > Distinguished Engineer
> >     >
> >     > jgould@Verisign.com
> >     >
> >     >
> >     >
> >     > 703-948-3271
> >     >
> >     > 12061 Bluemont Way
> >     >
> >     > Reston, VA 20190
> >     >
> >     >
> >     >
> >     > Verisign.com <http://verisigninc.com/>
> >     >
> >     >
> >     >
> >     > On 11/6/18, 11:31 PM, "regext on behalf of Kal Feher" <regext-bounces@ietf.org on behalf of ietf@feherfamily.org> wrote:
> >     >
> >     >
> >     >
> >     >
> >     >
> >     >     On 6/11/18 10:52 pm, Niels ten Oever wrote:
> >     >
> >     >     > On 11/6/18 1:00 PM, Hollenbeck, Scott wrote:
> >     >
> >     >     >>> On Nov 6, 2018, at 4:32 PM, Niels ten Oever <lists@digitaldissidents.org> wrote:
> >     >
> >     >     >>>
> >     >
> >     >     >>>
> >     >
> >     >     >>>
> >     >
> >     >     >>> On 11/6/18 9:59 AM, Hollenbeck, Scott wrote:
> >     >
> >     >     >>>>> -----Original Message-----
> >     >
> >     >     >>>>> From: Niels ten Oever <lists@digitaldissidents.org>
> >     >
> >     >     >>>>> Sent: Tuesday, November 06, 2018 3:36 AM
> >     >
> >     >     >>>>> To: Hollenbeck, Scott <shollenbeck@verisign.com>; 'regext@ietf.org'
> >     >
> >     >     >>>>> <regext@ietf.org>
> >     >
> >     >     >>>>> Subject: [EXTERNAL] Re: [regext] "Considerations" Sections
> >     >
> >     >     >>>>>
> >     >
> >     >     >>>>>
> >     >
> >     >     >>>>>
> >     >
> >     >     >>>>> On 11/6/18 9:22 AM, Hollenbeck, Scott wrote:
> >     >
> >     >     >>>>>>> -----Original Message-----
> >     >
> >     >     >>>>>>> From: regext <regext-bounces@ietf.org> On Behalf Of Niels ten Oever
> >     >
> >     >     >>>>>>> Sent: Tuesday, November 06, 2018 3:07 AM
> >     >
> >     >     >>>>>>> To: regext@ietf.org
> >     >
> >     >     >>>>>>> Subject: [EXTERNAL] Re: [regext] "Considerations" Sections
> >     >
> >     >     >>>>>>>
> >     >
> >     >     >>>>>>>> On 11/06/2018 09:01 AM, Hollenbeck, Scott wrote:
> >     >
> >     >     >>>>>>>> Following up on the in-room discussion regarding Human Rights
> >     >
> >     >     >>>>>>>> Protocol
> >     >
> >     >     >>>>>>> Considerations as compared to Security Considerations and other types
> >     >
> >     >     >>>>>>> of considerations that appear in IETF documents:
> >     >
> >     >     >>>>>>>> I mentioned at the mic that we don't have any documents representing
> >     >
> >     >     >>>>>>> IETF consensus that provide guidance for writing human rights
> >     >
> >     >     >>>>>>> protocol considerations. It was mentioned that RFC 8280 describes such
> >     >
> >     >     >>>>> guidelines.
> >     >
> >     >     >>>>>>> True, it does, but it's an Informational document that "represents
> >     >
> >     >     >>>>>>> the consensus of the Human Rights Protocol Considerations Research
> >     >
> >     >     >>>>>>> Group of the Internet Research Task Force". RFCs 3552 (Security
> >     >
> >     >     >>>>>>> Considerations) and
> >     >
> >     >     >>>>>>> 8126 (IANA Considerations) are, in comparison, IETF BCPs. So, I'll
> >     >
> >     >     >>>>>>> stand by my comment regarding the lack of _IETF_ consensus on the
> >     >
> >     >     >>>>> topic.
> >     >
> >     >     >>>>>>> Thanks Scott, as you know there are also Privacy Considerations, as
> >     >
> >     >     >>>>>>> outlined in RFC6973, which also do not constitute community consensus
> >     >
> >     >     >>>>>>> but are widely used.
> >     >
> >     >     >>>>>>>
> >     >
> >     >     >>>>>>> Furthermore, if something is not a community consensus, it doesn't
> >     >
> >     >     >>>>>>> mean we MAY/SHOULD/MUST NOT do it.
> >     >
> >     >     >>>>>> True. It also does not mean that we MUST do it. As Jim Galvin noted,
> >     >
> >     >     KF I wonder if this is a useful observation. I havent heard anyone
> >     >
> >     >     suggest that a HRPC section is required, only that it seems very
> >     >
> >     >     appropriate for this draft. So it might be appropriate to focus on why
> >     >
> >     >     the section should be or should not be present in the context of how an
> >     >
> >     >     implementer might consume the document.
> >     >
> >     >     >>>>> it's up to the editor and WG to decide how to address the topic.
> >     >
> >     >     >>>>> My understanding is that at the point of WG adoption, change control is
> >     >
> >     >     >>>>> handed over to the WG, right? So in that case it means that it is up to
> >     >
> >     >     >>>>> the WG.
> >     >
> >     >     >>>> The editor controls the pen. It's the responsibility of the editor to ensure that the text that appears in the document ultimately represents WG consensus.
> >     >
> >     >     >>>>
> >     >
> >     >     >>> I thought that it is up to the WG chair to establish what does or does not constitute consensus.
> >     >
> >     >     >> See Section 6.3 of RFC 2418.
> >     >
> >     >     >>
> >     >
> >     >     >>> Am also a bit confused about the interchangeable use of editor and author here. James is the author, right?
> >     >
> >     >     >> He is the author of the pre-WG version. He is the editor of the WG version that is the subject of WG discussion.
> >     >
> >     >     >>
> >     >
> >     >     > Are you saying that all people who are listed on RFCs that previously have been adopted by WGs are actually editors, and not RFC authors? I think this is not standing practice across the IETF.
> >     >
> >     >     >
> >     >
> >     >     > For instance in the QUIC WG, there are some documents where it is clearly indicated that there is an editor, and and in other cases someone is an author. Compare for instance:
> >     >
> >     >     >
> >     >
> >     >     > https://tools.ietf.org/html/draft-ietf-quic-http-16
> >     >
> >     >     > https://tools.ietf.org/html/draft-ietf-quic-manageability-03
> >     >
> >     >     >
> >     >
> >     >     > Or has there been an agreement in this WG that James is an editor and not an author? Then I think that it should be made clear on the Internet Draft as well.
> >     >
> >     >
> >     >
> >     >     KF I have no opinion on the author vs editor debate, but I do wonder if
> >     >
> >     >     there is any utility to continue the discussion on that point.
> >     >
> >     >
> >     >
> >     >     There are those who object to including the HRPC section on the basis
> >     >
> >     >     that the technology is agnostic and shouldnt be saddled with moral
> >     >
> >     >     judgement.
> >     >
> >     >
> >     >
> >     >     There are those who think the section is a good idea based on the impact
> >     >
> >     >     to those whose data is being shared.
> >     >
> >     >
> >     >
> >     >     I'd much prefer a debate on the relevant topics than document pedantry,
> >     >
> >     >     which probably has its place on another list.
> >     >
> >     >
> >     >
> >     >     > Best,
> >     >
> >     >     >
> >     >
> >     >     > Niels
> >     >
> >     >     >
> >     >
> >     >     --
> >     >
> >     >     Kal Feher
> >     >
> >     >     Melbourne, Australia
> >     >
> >     >
> >     >
> >     >
> >     >
> >     >
> >     >
> >     >
> >     > _______________________________________________
> >     > regext mailing list
> >     > regext@ietf.org
> >     > https://www.ietf.org/mailman/listinfo/regext
> >     >
> >
> >     --
> >     Niels ten Oever
> >     Researcher and PhD Candidate
> >     Datactive Research Group
> >     University of Amsterdam
> >
> >     PGP fingerprint      2458 0B70 5C4A FD8A 9488
> >                        643A 0ED8 3F3A 468A C8B3
> >
> >     _______________________________________________
> >     regext mailing list
> >     regext@ietf.org
> >     https://www.ietf.org/mailman/listinfo/regext
> >
> >
>
> --
> Niels ten Oever
> Researcher and PhD Candidate
> Datactive Research Group
> University of Amsterdam
>
> PGP fingerprint    2458 0B70 5C4A FD8A 9488
>                    643A 0ED8 3F3A 468A C8B3
>
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext

v2.23.0 | Report a Bug | By Email