- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Sun, 06 Dec 2015 16:58:35 +0000
- To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- cc: Jacob Appelbaum <jacob@appelbaum.net>, Mark Nottingham <mnot@mnot.net>, Cory Benfield <cory@lukasa.co.uk>, Adrien de Croy <adrien@qbik.com>, Mike Belshe <mike@belshe.com>, Amos Jeffries <squid3@treenet.co.nz>, httpbis mailing list <ietf-http-wg@w3.org>
-------- In message <56643997.7040903@cs.tcd.ie>, Stephen Farrell writes: >On 06/12/15 10:58, Poul-Henning Kamp wrote: >> 1) If you *really* have something to hide, you should focus on >> protecting your metadata. > >The use of the singular "you" a number of times reflects a very >1980's view of the Internet - today a person who may or may not >have something to hide does not (in 99.99% of cases) have the >expertise to know what is involved in that and in many cases does >not even know what it is that may be worthwhile hiding. >[...] >We (in the IETF) need to develop protocols that work well in this >kind of situation. In *some* of this kind of situations. In the heavy-duty cases, such as Human Rights activists in a hostile country, the fact *that* they communicate is the primary metadata signal they want to attenuate. IETF is no help there. >BCP61 is one expression of that - strong security needs to be >available everywhere for us to do a good job. The Danvers Doctrine is politically naïve. It doesn't recognize the authority of nation states and their right to organize their internal affairs as they wish. It doesn't acknowledge the existence of police forces and courts as means to redress wrongs. It doesn't even try to reference UNs Human Rights as a figleaf. Consequently the Danvers Doctrine is an unconditional declaration of war, against any kind of legal communication intercept, and therefore it will never be able to collect the signature of a single minister of justice, nor get endorsed by any legislature. The Danvers Doctine leaves only two options for legislatures: A) Do nothing, and see organized crime become impossible to investigate B) Force all communication open with laws. You don't need to follow the news very often to notice that no politician near power in any state is arguing for option A. The discussion is only about *how* 'B' will be implemented, key-escrow, MiTM, backdoors and so on. All of those options are stupid. Stupid seen from politicians point of view, and (incredibly) stupid seen from our point of view. But those are the only options on the table, and since IETF and the Danvers Doctrine offers no non-stupid options, stupid it will be. >That's another divergence, BCP188 represents the IETF consensus to >work against PM, and it is abundantly clear that PM and many other >security and privacy threats benefit from use of cleartext HTTP >via tracking and via enabling the potential for injection of various >kinds. That the same is recognised for other protocols used in the >web is confirmed by RFC7626. I don't know a single mentally competent person (in the legal sense) who do not understand the distinction between things you do in public space and things you do in private space. BCP188, with the same unshakeable conviction as a 5th grade student councils declaration to "end hunger in all the world", declares that "There SHALL be no public space at all". Until IETF stuffs ALL traffic through a Tor like construct, there will be a public space that can be PM'ed. The biggest problem in PM is reducing data, and NSA is grossly incompetent if they expend a single bit of storage more if I read washington post with HTTPS than with HTTP. BCP188 probably made IETF-nerds feel good, but even if it manages to encrypt 100% of the traffic on the net, it is not going to make any positive difference in privacy for 95% of the traffic. However it would certainly force legislatures to break the crypto open. >More and more I think we are learning that services such as >selective field confidentiality (which have always been very hard >to engineer) are in fact quite possibly damaging, [...] Leaving your enemy with only the two options of "surrender" and "start nuclear war" is in fact quite possibly damaging. It is totally stupid when your strongest weapon, publishing text-files, is up against enemies who can legislate, has taxing authority and controls the police-force. If the IETF wants to be taken seriously, it MUST acknowledge the legitimate existence of UN, nation states, legislatures and court orders demasking communication. As long as IETF exists in the vacuum of its own political ignorance it will be part of the problem rather than part of the solution. Poul-Henning -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Sunday, 6 December 2015 16:59:05 UTC