Re: [saag] Ubiquitous Encryption: content filtering

[Stephen Kent <kent@bbn.com>]

Nico,

> On Mon, Jun 22, 2015 at 04:25:28PM -0400, Stephen Kent wrote:
>> On purely technical grounds, an argument for filtering in the "middle"
>> is reasonable. It's much easier for a mobile operator, [...]
>>
>> So, from an engineering perspective, the argument about the conflict
>> between end-to-end encryption and operator (including enterprise IT
>> staff) access to traffic is a valid consideration, irrespective of the
>> telecom-regulator argument.
> But it isn't just a matter of engineering the protocol.  There are
> security problems involved in making this happen (like: how do you
> express to the user that there is one (or more!) middle box filtering
> and/or modifying their traffic?  how do users get to opt out?  how is
> scope limited?  (e.g., how do you prevent the device/operator from
> MITMing the user when the user is NOT using the operator's network?)).
I didn't say that there were god/easy solutions here. I just noted
that, from an engineering (not regulatory) perspective, there were
legitimate concerns that should be noted.
> And anyways, operators already get to do this by simply forcing users to
> use devices from the operators (modified to have MITM CA trust anchors).
> What new technology is being requested here, regardless of whether
> we'd publish it (though the current position as to that is clear: no;
> but the IETF consensus can always change)?
Not all "operators" have the ability to impose such constraints. In
my work environment the parent company is very much a Windows shop.
But, they have been persuaded that forcing Mac users to adopt their
preferred OS is not a viable solution (i.e., valuable personnel would
likely depart).

Steve