IETF Logo Mail Archive

Re: [saag] Ubiquitous Encryption: content filtering

Phillip Hallam-Baker <phill@hallambaker.com> Tue, 23 June 2015 19:32 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6774D1A1BF8 for <saag@ietfa.amsl.com>; Tue, 23 Jun 2015 12:32:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.423
X-Spam-Level: *
X-Spam-Status: No, score=1.423 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JA0k30C8pJpz for <saag@ietfa.amsl.com>; Tue, 23 Jun 2015 12:32:07 -0700 (PDT)
Received: from mail-lb0-x229.google.com (mail-lb0-x229.google.com [IPv6:2a00:1450:4010:c04::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF6A41A1BDF for <saag@ietf.org>; Tue, 23 Jun 2015 12:32:06 -0700 (PDT)
Received: by lbbwc1 with SMTP id wc1so13175594lbb.2 for <saag@ietf.org>; Tue, 23 Jun 2015 12:32:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=HfgUnd6h2ZXatGY23JtPGHnr15SyC+KiKfeIt5ERQHk=; b=g9WF+BbJsWNnKQ9dbdCXco6TRSbXP7DiDG6gVdzjx6xyWuxaj8A8YxKMEgDmBOVEhz kZzRfAd1p+nLQd2FszwqLiJb19Eo7sn4AAyJ7oiu+1Q0E5cyPFt9QPmFQP0W/0yaVX4U kbIUL/hUN9ttmiRlWCACwqaFVTlo48fbF299a96WhNJMIRPSxYqvT0cpMSklAuRrNYK8 30pJr2p4HLbFrBFhz6iCbyRx+aJ49DzqUPt2VmndZmMLPqXPXYR+zUGti1KXDAEio8tm 13UDtKWgpo/H4PUo2h9E2zBF2HrBb5fOXfi/WSZuHht3/QYPilFQ/vNx1poTV0CbnMa5 mkVw==
MIME-Version: 1.0
X-Received: by 10.112.40.99 with SMTP id w3mr25202677lbk.55.1435087925395; Tue, 23 Jun 2015 12:32:05 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.203.163 with HTTP; Tue, 23 Jun 2015 12:32:05 -0700 (PDT)
In-Reply-To: <20150623191610.GW6117@localhost>
References: <99DC814A-2B7D-4802-A1C7-399E77F37BD7@gsma.com> <CABtrr-U9kLfq4GQbWSgPN=wCD=Cdi0uQ+bQqXj35j+PFtuE8Pg@mail.gmail.com> <A4BAAB326B17CE40B45830B745F70F108E070156@VOEXM17W.internal.vodafone.com> <55844743.4030300@cs.tcd.ie> <55886F38.4030906@bbn.com> <20150622211207.GM6117@localhost> <5589A9C2.40802@bbn.com> <20150623191610.GW6117@localhost>
Date: Tue, 23 Jun 2015 15:32:05 -0400
X-Google-Sender-Auth: 1AeH_svpJnOgC7Sfr9vwjChN3WU
Message-ID: <CAMm+Lwi7BeJL+ngbMNx3PB92bHKZNawCs96sPM+d7u-JuWtFKg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: "saag@ietf.org" <saag@ietf.org>
Content-Type: multipart/alternative; boundary="001a11336f9603c6dc051934725c"
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/7VzISaSRsjJp2WX12yNAlrcjiF0>
Subject: Re: [saag] Ubiquitous Encryption: content filtering
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jun 2015 19:32:09 -0000

Responding to various parts of the thread:

Q: What is the difference between filtering and censorship?
A: The person who decides to impose it.

Filtering is actually an essential tool for use of the modern Internet.
Without filtering there is no mechanism to control abuse.

Today I received five junk calls. The time is rapidly approaching when I
get rid of the telephone line completely. There is simply too much spam.

The fact that the Russian Business Network has put a machine on the net
does not mean that any machine I own need be able to connect to it. I don't
want their IP address to be reachable, I don't want their DNS names to
resolve.

So the ability to perform filtering is an essential part of every
end-to-end encryption mechanism. But giving control over that filtering to
the government is not. When I was at university there was a club for thugs
who went round smashing up restaurants for fun. One of the members of that
club is now the UK Prime Minister. I am damned if I am going to let the
likes of him decide what anyone can access.

The question is who has control and who is empowered.

I am firmly of the opinion that ubiquitous end-to-end encryption is only
viable if it is accompanied by a robust and easy to use mechanism that
allows for a gap in the stack. If I publish a key for phill@hallambaker.com
it will be the key of a service in the cloud that performs anti-malware
filtering. Use of the end-to-end key will be reserved to people who are
expressly authorized to use it.

v2.23.0 | Report a Bug | By Email