IETF Logo Mail Archive

[Secdispatch] dispatching draft-campling-ech-deployment-considerations (was: Re: Request for a slot at the Secdispatch IETF 113 Session)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 22 March 2022 10:18 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB2183A0DDE for <secdispatch@ietfa.amsl.com>; Tue, 22 Mar 2022 03:18:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iQBrKzlZR2_e for <secdispatch@ietfa.amsl.com>; Tue, 22 Mar 2022 03:18:33 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20095.outbound.protection.outlook.com [40.107.2.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 481053A11CA for <secdispatch@ietf.org>; Tue, 22 Mar 2022 03:17:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Vhi/4fSeHvL7tN3JS0fPCg75PoV/g6i5sY1T8+/MBhDNh+x25oeP0FVSMmGi4bxvtprjj8Fvg62yflLN2jvQ4lN/QGqwtop7XbPr2BsftTIeZKBU15DBcRv7wzvTtaTBrh27phU3al4riMxoxhx/U+LaxbDvxviWjV3JYpRHl5Xus6/yueOFfIUdEH2GgvR7BE1UTV7mtnf8Ly5zPIvZu8ykP/rvZurF6CkBfglLFfr9CnVvnaSJzNqZrNXbqRRDM8zsETpAKoFuZO1Bx+h4u7dxk8ASehLSl4aQNCxwR261rSCp5v0unPQrD4aglYUThzrjI65NsvYvdAjaSpxPNQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eX86/5qEiw2WnRTf2oy/Wntr1SgcpC8a6k2Qu6VE6CI=; b=gmGYpPadSNdcJ7QVf1PxQPm8tC5ZkyfXKWLaVGLSRgOPIbk7WrnjB9lYi8bUnAOAZ5xOpfI26HY+WJHlkSVFoRhQWAEBDnE7fPm/ZS1JkM4E0ziL24xAdD75MeD+85hp+rQC4/rgizOqD9mpNs2t3jcXC1GXOHHzEr0hdvTekjm5zTDYT7+e2vXscK8n5VjAAt4BIlxR0JtlJgCATmaJmLOQFsppQ3zLw5BVRTj75w62ktCqG+XqqUPK761cQIKI04lDySZTmZQ7JjQMpl0M992mZrFAE4OZJ32G8z9Tyja/R+TPFPvz03zE19NrAaNKglv28NbHxuDNPAz0pOHvYg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eX86/5qEiw2WnRTf2oy/Wntr1SgcpC8a6k2Qu6VE6CI=; b=le1nLJ5nva57Z2ns6RZoZxEDIzsgH7pyf8dRAVhHDVSfZf3jHhQQUneP3MsLFV12uFJ5Ps8HAbd+pT+B/OLIJHNqPx0GBNSAAQVb4EPCeneSofUtF3ap0Q2qHnhQFGREcxV6o0dq0KMzNv6dmkOvzGFR4/gGvKFPWcr+jebGLjfzhha7/4Yriwl9rRdqMdCeyxWsbqlHaw1Bv2tfWTJonkeo8MVhPTcfO/3jzdjccwCY6yYItuNzSAV1QMsrkHaVn5UvBCVi1reAX62XenJGVlx5YvSvULYyRWUvGZ7Lz6hZOMdkc3n+KqS63om2bMXUALP87G0iJYVXtHHQIASHGA==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DB7PR02MB5291.eurprd02.prod.outlook.com (2603:10a6:10:7f::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.16; Tue, 22 Mar 2022 10:17:23 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::e5fd:1d0a:4eac:a711]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::e5fd:1d0a:4eac:a711%5]) with mapi id 15.20.5081.023; Tue, 22 Mar 2022 10:17:23 +0000
Message-ID: <3627e843-712f-f572-8c11-be6afbc3fc73@cs.tcd.ie>
Date: Tue, 22 Mar 2022 10:17:19 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0
Content-Language: en-US
To: "secdispatch@ietf.org" <secdispatch@ietf.org>
References: <LO3P265MB209260DA72D1A8383FD64BBAC2119@LO3P265MB2092.GBRP265.PROD.OUTLOOK.COM> <CAPDSy+5X_SmRi026tLHrQU3Zc+oUPPOqwSJ+9HoGuMSd4wvQ=Q@mail.gmail.com> <LO3P265MB20920BC976D371AFDD3FFA1FC2129@LO3P265MB2092.GBRP265.PROD.OUTLOOK.COM> <29ED5EBE-D5B5-435A-B32D-10BE19513A25@mnot.net>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <29ED5EBE-D5B5-435A-B32D-10BE19513A25@mnot.net>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------Ak2PCPU0BSjFZaECtDjr1k50"
X-ClientProxiedBy: AS9PR06CA0346.eurprd06.prod.outlook.com (2603:10a6:20b:466::21) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: fed56c68-7bae-46d4-6e91-08da0bed2784
X-MS-TrafficTypeDiagnostic: DB7PR02MB5291:EE_
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <DB7PR02MB529175D0F6BA6B62EC8DE30DA8179@DB7PR02MB5291.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: iU0tVFAiPACJII0AfxOnvJtFMdw0YH1xKONu3qCJ7t9mM4cN5F7MDNfccwNl9xGJtsLEDsXgL9+8/6uTFS1qKd+M5O96yLz5Q4PKM56MZ7/fTgJ37yvxbWKdF3YdGUi2xyGmLmGMkhVKSN3G+FsbNISIoaka4Hx5sS+tACHhaCf9F7itwM6My31mu8b3h4SJbgHVSo+Ny2h9uQ1UhOemTxkyAjLWkjCzyNWKy1NRUvOGPjcpLpWsam5tKxpbZyOHmpeHM/pX10fzjgq0AqLHnc+WuQzvj40OYE/xi/hgrnrDgbpIdt0OMBtdxKDKNaIraIVgzBy6vr+zfX6lwQfK32Je2RDEjo5eavdeLqKlaCyTvMwV24elY7CIS3UJ1cvGIUdPlm59t5arBXe6knM+eeHYVlreKIhC3idBiwkPjU8KOEBLG3KCI7y9L1IfORQcTq6AXXBEkgNSebaMYa6lpwbPNV9tAhWtrIYq4TS3YbP2xOsBb6rFLlNhdt24ZdVnSeorX/tr1cXZ+zi0zoySlbmGgzYMpmpLxqaN3OBpqkJc68Vgf3L9TGJgc7zsu/kEK3Vvv/ehNYINLPCHyUosMX06mEhZ6ooqBz6/HDT7QNjQ25vzZSRHgRDUWxXqAWNg6Mcp+mi+H41jXA0Q6GD0P8VspyQjwa0Z3oQnYjatNlMS75EFo44Bz/zVGNL9hiUf/siyUqPSwG3hgLtkcEM9Jzi1Kaw7ReU7YJ8x7aAYYVoh8L2ZuPO1z/DPxu0EZz4lZjmwQg+PMPJE90qbrOs2OuBt3jwMbBjw2ETXl6Ciq+bp3puWQWK9RlJhC1jBFAgd
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(38100700002)(6512007)(2616005)(6486002)(966005)(508600001)(44832011)(5660300002)(235185007)(83380400001)(6666004)(8676002)(6916009)(45080400002)(186003)(8936002)(86362001)(786003)(316002)(2906002)(36756003)(31696002)(6506007)(31686004)(53546011)(21480400003)(33964004)(66476007)(66574015)(66556008)(66946007)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: d12TxLBWL1pyGFKtAHvE9krSCjSOHyx1q3PBkoL9s/NPqWPikcP+95ei4t2L7kTs8a6kPGYpTogLwla0iFeULxAsAGYhaDD2TaOufOU13wugQiz/4ybkbGUki18UFFxIgK1kcgJCcDLO+s3Fxf1xPBT03Z1JE5YXG05CfykOOu5+M+DFWI853Pn4r5CPZNq6rzyYzU2PhJq8RGvzDpejcpK3w2zkd0HexszAmfT0V6uIQwjygEC5Y4I5mL2CgurzY27FRCxzDL+cXwAvhWZV8GiDnr+WHkHerE87N76+BvxXHJoTRSrEYg++y81Ql88utrKwLhPjgkrNPHOwdafk/ZBoGLcDM5KbUAsm9kcZmT5UmGtgRVwzg/ku3hrKwDWE0XogSek9b5EcAFZxV9oyW6buLlIdbpij/ABHkdOER352jMT67hf6ynXElRmwvH38qObtGny6NpE8+28Xz83JF2p5xcUp6o04E4ve5ibtWc17awvmxAKHKMcElJ2v0yihFDAewjBiZ8+V48kZW9uA6Jkcr5QSOkn5K7HY36iU9S/Z2bh5sW5oU0duIaEqM3xVl5gRpS4gzMr3CaoK6oBO56/nhjCrd0F8mJPYLSLCMhOdvVoaClhyIr5cozexbjpa+de40JBO4eA+yuZtXNhWHSrLS9PxBvRp7NBLZqKAnzFeR0wrRWYHiF25k6Xmq9m5c2LzB5DBa3cCtVf7WaoYMplCVqFxXY2JqTejbwwC+4vLmBGsorsu5iW0fcquUsQ4WxhLrkuwE3c95WeXgynZFUAbCgAPIdWpnzj46EF8AznWV8dK/2NcxnlfOQSfaA6otTTWQ61tgEl/J6jVX7z8X2dXGfAQeaq91puxU7ae8IVExXvb64YR7KDLcI9UpAEpkf+Jg48lqgWBd1czivtabv6vZmryPGDkJlpkintx4TbHBZn+YF01wt+zMcfbhoF4IPoefh5At64m7w0Br98siVT23PG2he+s9TNTwVGVTaBY3tSPs7i98eSYPx6O3rlMbEu6+hpyEYVfHzOYFq5dlKqEX5CgolbnQRo9viXZNthOydkNCbxVTtvgy2y1B8jF+cbGmUMRxt/J0XCpVDcZ2Tp18KunPnW0H2JcsmJeT8p+jVAY7qlgY6RLsKjdfVrDMiPR48BWS5mLJfqm81qUSOYYLKNbbxuK5Myq5LVNJjBxb2OWcUjozGFf0pxtTJbg1p2hbS2gUv6LCttoe2uFnkBZKBTwELJKHbcAomCJVhs3gBNakwyfQIhUMO++HtrsIX51iXiL5SGRXX9OIEwP/k9u0PnIBoaHbff1Ks7K2wSuwm7B6EpFt4PRQDp31N+7gqKtTf/xZebqybYfGpGRe+7eIflrO6KvYoUq7B01jbsRQKgzZvkZMHQedSZWiUxpBvU50lpbfeUMPMQ4BSmncB8gxqf93lWT61MjFnL/TxPIlc0jSJt6aB1lKnUM1kgilNlwdiHiApt5EhDMQsDBXLRbibFVHw4XNnD3yrmwCAvQscxk1nvxTUFcqnKiRylt
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: fed56c68-7bae-46d4-6e91-08da0bed2784
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Mar 2022 10:17:22.7772 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: XF8uKEwjP22WvWj2Vok3Xw1P0YIFoUClFpEL50ancDr/bI18Zv4SdCiWuEw6cCTi
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR02MB5291
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/uwFwxMHD1HWmfsti9_3va9-Cgc0>
Subject: [Secdispatch] dispatching draft-campling-ech-deployment-considerations (was: Re: Request for a slot at the Secdispatch IETF 113 Session)
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2022 10:18:39 -0000

Hiya,

My (probably unsurprising) take on draft-campling-ech-
deployment-considerations is that it would be better if
this draft not progress nor be dispatched anywhere.

I'd like to second Mark's well-stated position below.

In addition:

- as someone who has deployed test servers that support ECH,
I find the document title misleading. The intent seems more
like "ECH considered dangerous" - if that is the case then I
think it'd be better to be clear about that.

- the draft overall seems like an attempt to second-guess
RFC8744, which is a recent (2020) IETF consensus document. I
don't think "dispatch" processes were intended for, nor
suit, handling such efforts to overturn an existing consensus
position.

- it might be interesting to consider whether or not "The
data encapsulated by ECH is of legitimate interest to on-path
security actors..." is a reasonable proposition. Given that
the SNI extension to the TLS ClientHello was not designed
with such actors in mind, that proposition seems to imply
that anything visible to on-path actors is of "legitimate
interest" to any on-path actor. While I'm unsure if the
phrase "legitimate interest" has some specific legal meaning,
I'd be very surprised if that proposition (as a general
thing) were consistent with regulatory regimes like the GDPR.

- section 3: I work in the "education sector" and my employer
does not suffer from any of the issues mentioned in this
section.

Cheers,
S.

On 22/03/2022 02:17, Mark Nottingham wrote:
> I'm not going to be at SECDISPATCH, so I'll make my comments here.
> 
> First, a general comment. Andrew, you seem to be forming a habit of relying on 8890 to get air time for your arguments. That RFC's focus is on encouraging the IETF community to consider the impacts of its actions elsewhere. The only place it privileges those already active here is when it talks about civil society organisations' ability to act as a channel for engaging the broader Internet community. I don't believe you're acting in that capacity here.
> 
> I.e., your arguments should stand on their own -- invoking 8890 doesn't reinforce them.
> 
> Now, regarding the draft -- draft-campling-ech-deployment-considerations seems to assume that the *only* viable way to scan for viruses, impose parental controls, or control access to resources is by having a network element impose it without coordination. Your draft supports this by noting that transparent proxies are used because they're easier to administer than on-endpoint software -- a viewpoint which privileges administrator convenience and cost over user safety,  and ignores other options.
> 
> The underlying problem is that such "transparent proxy" services are unauthenticated -- they rely on the user understanding that the network is going to perform these services, and accepting their imposition. They're also disproportionate, giving complete access to all data flows and capabilities on the connection.
> 
> Performing these tasks in this fashion allows not only legitimate authorities to impose them, but also illegitimate attackers. As such, they're inappropriate for deployment on the Internet, and that's why we're seeing efforts like ECH -- use of this data and the associated control channel without explicit user authorisation is not "permissionless innovation" (as your draft states), it's an open door to abuse. Put bluntly, you (as a network operator) don't have a right to "innovate" with my data (as a user) -- especially without my permission.
> 
> This doesn't reduce the urgency of meeting those goals for some users, but it does mean that they need to be met without endangering security and privacy for all users on the Internet, even if that has historically been the path of least resistance.
> 
> It also doesn't mean that the path forward will be easy. What's required is a discussion and implementation of interfaces for offloading these functions from operating systems, applications, and IoT devices -- potentially to somewhere else on the network -- in a way that maintains users' autonomy, privacy, and security, and in a proportional way (i.e., only as much access to data as required to fulfil the task). That is difficult not only because of the inherent user interface subtleties and potential for abuse/hijacking, but also because there is little current coordination or convergence at that layer.
> 
> The IETF has a very clear responsibility to assure that the protocols it ships are secure -- hence, ECH. It *could* have a role to play in responsibly offloading these functions, especially where the work intersects protocol design. There is also other work to be done that's squarely outside our scope. I'd suggest that you and your co-authors focus on assisting those positive, forward-looking efforts rather than trying to stop ECH deployment.
> 
> Cheers,
> 
> 
>> On 17 Mar 2022, at 7:38 pm, Andrew Campling <andrew.campling@419.consulting> wrote:
>>
>> Hi David
>> Thank you for your interest in the draft.  You’re right to highlight the benefit of privacy but, as you will see when you read the draft, we highlight a range of issues that can reasonably be considered as being in the interest of end users such as security, cost and complexity.
>>
>> Focusing specifically on privacy, it is of course more complex than encryption.  For example, as noted in the draft, by removing an indicator of compromise (the SNI data), a user may be at greater risk of attack from malicious content or simply by surveillance by badly behaved client software.
>>
>> RFC 8890 highlights the importance of multistakeholder input in order to understand the potential trade-offs between competing factors that may impact end users.  This is an instance where such engagement would be beneficial as it will no doubt highlight other considerations to take into account.
>>
>> As you conclude, let’s discuss it at Secdispatch but I believe that debate will be more useful if we avoid using such a narrow interpretation of end users' interests.
>>
>> Andrew
>>   
>> From: David Schinazi <dschinazi.ietf@gmail.com>
>> Sent: Thursday, March 17, 2022 1:01 am
>> To: Andrew Campling <andrew.campling@419.consulting>
>> Cc: secdispatch@ietf.org <secdispatch@ietf.org>
>> Subject: Re: [Secdispatch] Request for a slot at the Secdispatch IETF 113 Session
>>   
>> Hi Andrew,
>>
>> (I'm writing as an IAB member, but not representing the IAB)
>>
>> Your understanding of IAB document RFC 8890 is incorrect. Encrypting the TLS Client Hello is performed to protect end users. In particular, it is an example of Section 4.2 "Creating User-Focused Systems" as it brings control over information sharing closer to the end users. Additionally, ECH was the product of Section 4.3 "Identifying Negative End-User Impact" as we have seen abuse of user information caused by networks observing the SNI. That section additionally references RFCs 7258 and 7624 which clearly lay out the dangers of cleartext information and the user benefit of encryption. If you'd like more information on the IAB's position on this topic, we also released the following statement: <https://www.iab.org/2014/11/14/iab-statement-on-internet-confidentiality/>.
>>
>> You're welcome to raise your concerns about ECH, but they are in the opposite of the spirit of RFC 8890. Let's discuss your draft at secdispatch, but I can't imagine it progressing with such a clear misunderstanding of RFC 8890.
>>
>> Thanks,
>> David
>>
>> On Wed, Mar 16, 2022 at 9:15 AM Andrew Campling <andrew.campling@419.consulting> wrote:
>> I would like to request some time to dispatch draft-campling-ech-deployment-considerations at IETF 113.  The draft is intended to inject additional detail about deployment considerations relating to Encrypted Client Hello by including observations on current use cases for SNI data in a variety of contexts.  In the spirit of RFC 8890, we believe that end-user needs to be taken into account in protocol development and we hope that this document is one small step in that process.
>>   
>>   
>> Andrew
>>   
>>   
>> _______________________________________________
>> Secdispatch mailing list
>> Secdispatch@ietf.org
>> https://www.ietf.org/mailman/listinfo/secdispatch
>> _______________________________________________
>> Secdispatch mailing list
>> Secdispatch@ietf.org
>> https://www.ietf.org/mailman/listinfo/secdispatch
> 
> --
> Mark Nottingham   https://www.mnot.net/
> 
> _______________________________________________
> Secdispatch mailing list
> Secdispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/secdispatch

v2.23.0 | Report a Bug | By Email