- From: Nikos Fotiou <fotiou@aueb.gr>
- Date: Mon, 10 Jun 2024 17:47:16 +0300
- To: Kaliya Identity Woman <kaliya@identitywoman.net>
- Cc: Credentials Group <public-credentials@w3.org>
Hi, You may be interested in the paper "ADEM: An Authentic Digital EMblem" published in ACM CCS 23. You can find the pdf here https://infsec.ethz.ch/research/projects/adem.html Best, Nikos > On 7 Jun 2024, at 11:42 PM, Kaliya Identity Woman <kaliya@identitywoman.net> wrote: > > HI Folks, > > I first went to IETF 117 in SF last summer. I then went to IETF 118 in Prague and then 119 virtually. > > I have been suuuppper impressed by the process, the feeling of the community, the productivity, the discernment and collective intelligence. > > I was so impressed - I applied for a summer of protocol research grant after hearing them present at CCG - and was awarded a grant to study the process at IETF. > > As part of this I’m following a bunch of lists. I’m also learning a lot about their process. a key step in an idea for work becoming a working group is to have a discussion group. > > A new one has been set up to consider “Digital Emblembs” > > I’m forwarding an email with some of the discussion about what they are stating to talk about - which is understanding the problem. > > It seems like a topic that could use some identity expertise. > > If you want to join the conversation - go to the mailing list and join. (No agreements, no membership - just subscribe) > Find the DIEM list on their list of lists. > > - Kaliya > > > Sent from my iPhone > > Begin forwarded message: > >> From: Bill Woodcock <woody@pch.net> >> Date: June 7, 2024 at 12:21:13 AM GMT+2 >> To: diem@ietf.org, hrpc@irtf.org >> Subject: [Diem] Re: [hrpc] Digital Emblem: New non-working group mailing list >> >> >>> >>> On Jun 7, 2024, at 03:51, farzaneh badii <farzaneh.badii@gmail.com> wrote: >>> I am not sure what to make of this as I am still trying to understand where it applies and what it applies to. >> >> Current scope is “markings required under international law” and the intention is to allow digital communication of those markings with respect to people, places, things, digital data at rest, digital data in transit, and online services. A practical example of each of those six categories: >> >> People: A diplomatic courier arrives at a border. The courier is required to be marked to indicate protection under the 1961 Vienna Convention on Diplomatic Relations. Immigration officials need to validate that the courier is authentically authorized by a national ministry of foreign affairs or an intergovernmental organization, yet legally they are not allowed to “inspect or delay” the courier. Scanning an RFID or QRcode on the courier’s high-vis vest would allow immigration to validate the courier without undue inspection (meaning, without requiring the courier to produce paperwork or identifying documents), and without delay. Furthermore, it offers a more counterfeit-resistant method than the current paperwork-or-trust regime. >> >> Places: Under the Ramsar Convention, some 2,500 waterfowl habitats are protected. The perimeters of the protected areas are currently in a database, available on request from an NGO associated with the administering IGO, but not in a format harmonized or aggregated with other protected-area-marking regimes, such as those used by UNESCO to mark world heritage sites. Someone planning, say, military transport logistics, might not know to check, where to check, or have access to the necessary GIS tools to import the database into their own systems. The uniform format and discoverability provided by the standard give a greater assurance that due diligence will be performed, and the non-repudiatability of the transaction allows the person checking to prove, after-the-fact, that they have in fact done their due diligence. This creates a beneficial cycle of marking and compliance. >> >> Things: Under the International Plant Protection Convention, wooden crates and pallets used in cross-border shipments must be marked to indicate that they have been subjected to appropriate phytosanitary measures to prevent the spread of parasites. The current marking method is typically a print or brand. It is required to be “non-transferrable” but the law recognizes that wooden packaging components are frequently broken down and reassembled, which requires a new marking, and with physical markings, there’s really no way to tell whether that’s happened. A digital emblem can communicate both spatial and temporal validity, as well as provenance. Moreover, it can be validated using the same software as all other digital emblems, rather than each requiring a different validation method, as currently. >> >> Data at rest: Medical records of refugees, including potentially genetic and kinship data which could be abused to further genocide, are held by humanitarian medical aid agencies such as MSF, and are protected under the Geneva Conventions. Attaching a digital emblem to such data would mark it as protected, and a law-abiding party (military, customs, police) could respect that marking, validate the marking and assure themselves that it applied to the checksummed data, without actually looking inside, or copying, the data. >> >> Data in transit: Data in transit has essentially the same properties as data at rest, but may need a more transit-oriented technical mechanism of associating the marking with the data… something more like a TLS property than an associated or wrapping file. Something which could be validated from outside of an encrypted transport-layer stream, in other words. An example use-case, for instance, would be a photojournalist uploading images to their publisher from a war zone. >> >> Online services: Moving data around, across the Internet, is typically a client-server exercise. People get their mail from mailservers, people want to get data from web sites, people need to send reports to repositories. This requires a publicly-accessible online presence in a fixed and known location, which in turn is thus more subject to attack than a client, which may be mobile or only intermittently present on the network. UNESCO might choose to indicate protections on a web site which contained digital cultural heritage, for example, and made it available to its community of interest and the public. Attacking such a web site to deface it or deny service might thus be a hate crime, rather than just a cyber crime. >> >> It’s also important to remember that using a marking, whether physical or digital, to signal protections under law, does not _protect_ something. That thing can still be shot or stolen or vandalized or whatever. Like a lock on a door, the marking is there to indicate a protection to law-abiding folks who care to look, and to make the job of a prosecutor in The Hague a little easier. Digitizing doesn’t provide any magic protection, it just makes some systems more efficient and scalable. It fits into twenty-first-century systems better than a hot-metal brand or a rattle-can stencil, in some circumstances. That’s all this is about. >> >>> But every time we want to transpose a protection we have offline to the online space... >> >> This doesn’t do that. This only creates a digital mechanism for providing required markings. It replaces a spray-can, not a law. >> >>> I hope this doesn’t ... lead to hampering speech and critical views and access to service. >> >> If you want to discuss possible ways in which marking digitally, rather than physically, could be abused, I think now is very much the time to have that conversation. Thus far, most of that aspect of the discussion has focused on the tension between non-repudiation and the need for protected entities to be able to hide their protective marking if it’s being used to selectively persecute them. For instance, INSI and CPJ note that in the current conflict in Gaza, journalists are being targeted specifically, and that they need to be able to identify themselves while across the border in neighboring countries, but they need to be able to hide that marking, whether physical or digital, while in Gaza. This need conflicts with the need of a law-abiding military force to determine where journalists are so that they can be excluded from targeting lists. This is not a new or different issue with digital emblems relative to physical emblems, but digital emblems give the ability to turn marking off to _both_ the individual journalist (or doctor, or aid worker, or Blue Helmet) in the field _and_ the organization responsible for their emblem and their safety, centrally; the latter isn’t possible with physical emblems. It’s also not possible to make physical emblems visible only to authenticated parties (such as militaries which are deemed to be law-abiding) and not to others (which include militaries not deemed to be law-abiding), whereas that is at least in principle possible with digital emblems, using ADD and TLS-client-auth. >> >>> Red Cross and ICRC in the domain name space overzealously advocated for protection of their name in domain names which led to IP overreach and reserving domain names that could have been used to criticize them. >> >> Likewise the IOOC, and I very much recognize the harm that imbalance did; both for the reason you cite, and because of the pendulum-swing that affected all other IGOs. However, that was an intellectual property fight in which they were trying to expand their claims, not a marking required under international law. If the scope of digital emblems as a standard is allowed to expand, I very much agree that there are all kinds of problems that could ensue. Thus, my personal preference is to keep the scoping tight and not view them as more general-purpose than has been discussed thus far. >> >> -Bill >> >> _______________________________________________ >> Diem mailing list -- diem@ietf.org >> To unsubscribe send an email to diem-leave@ietf.org > <signature.asc>
Received on Monday, 10 June 2024 14:47:33 UTC