[Chapter-delegates] ISOC and its involvement with the IETF

Christian de Larrinaga cdel at firsthand.net
Fri Sep 17 09:49:26 PDT 2021 

Everything you say is valid. But somewhere is a niggle that it is 
not the same to say an entity at the network edge has the full 
benefit of the "Internet model" (to simplify) if that connectivity 
is substantially mediated. It becomes even more problematic if the 
consolidation in each layer of the service provision for Internet 
from carrier to application offers weak if any realistic 
competition.

It used to be assumed that if you at the edge didn't like 
something and couldn't find a good alternative you could always 
"do it yourself". That ability to "do it ourselves" is the best 
insurance for an Internet that is truly for everyone. I just 
wonder how practical that is becoming given the consolidations at 
all layers over the last couple of decades.

If that is no longer feasible then how do we assert a practical 
and realistic reality that the Internet is for everyone? 

Christian



p 2021 at 14:00, Andrew Sullivan via Chapter-delegates 
<chapter-delegates at elists.isoc.org> wrote:


> Hi,
>
> (I did not have time to write a short note, so I wrote a long 
> one instead.)
>
> On Tue, Sep 14, 2021 at 08:47:14AM +0300, Hank Nussbacher via 
> Chapter-delegates wrote:
>
>>Thanks for the lengthy and detailed response.  I'd like to focus 
>>on one aspect
>>- who speaks on behalf of Internet end users.
>
> I think the question is itself quite problematic, because I'm 
> very far from convinced that there is a description of a class, 
> "end users", that has enough unity to be much of a group to 
> speak on behalf of.  For there are a _lot_ of different ways 
> that people can use the Internet, with many different kinds of 
> expectations and assumptions.
>
> To use a silly example, I have been using the Internet since the 
> early 1990s, via different access methods, and to this day my 
> primary mail reader is terminal-based.  My expectation, as often 
> as not foiled these days, is that people will use 
> multipart/alternative to send mail.  My parents also are end 
> users of the Internet, and I am pretty sure that, even though my 
> father was an actual rocket scientist, the expectation I just 
> stated I have would be totally mystifying to him.  And if this 
> trivial example of variability is completely normal from one 
> rather privileged family from Southern Ontario, it seems we are 
> going to have rather more variation across all the different 
> people in the world who use the Internet.
>
> This is of course normal, but it is why I believe we need to 
> work not just within our own Society community, but also with 
> many other communities of interest and partners to try to 
> advocate for the Internet and its way of networking.  More on 
> this below.
>
> Indeed the ISOC Mission
>>statement:
>>
>>https://www.internetsociety.org/mission/
>>
>>surprisingly does not state that as a mission of the Internet 
>>Society.
>
> I think there are parts of the mission that are pretty close: "a 
> resource to enrich people’s lives, and a force for good in 
> society."  Moreover, while "open, globally-connected, secure" 
> are all properties _of the Internet_ itself, "trustworthy" is 
> not.  "Trustworthy" is a property that indicates that a person 
> ought to trust the trustworthy thing, and in order to understand 
> that it is necessary to understand what trust is being placed. 
> The formal way we have defined this as internal guidance for 
> staff is this:
>
> 	The Internet is completely trustworthy if and only if it 
> is
> 	completely resilient, reliable, accountable, and secure in 
> a way
> 	that consistently meets users' expectations for 
> information and
> 	services. The opposite of trustworthy is untrustworthy.
>
> Since this depends on users' expectations, it is necessarily a 
> relational property.  
>
> But as I said above, I don't think we can do the work alone, 
> which is why the part, "We seek collaboration with all who share 
> these goals," is so important.
>
>>So why can't ISOC position itself as the voice of the end user?
>
> I think my quibble is basically with the definite articles 
> there: we can't be _the_ voice, and there's no clear meaning of 
> _the_ end user.  This point is actually a major theme of the 
> Internet way of networking: because of its technical properties, 
> the Internet is an especially human-empowering technology, and 
> we must avoid chipping away at that.
>
>>Over the past 40 years the Internet has been a decentralized 
>>network and we
>>have all enjoyed its evolution.  Over the past year and over the 
>>next 3 years
>>the Internet will transition into a centralized network with 
>>almost all data
>>flowing via approximately 10 mega-corporations. 
>
> There can be little question that, as a matter of fact, certain 
> features of the way people are using the technology these days 
> (and I would argue, especially, certain architectural features 
> of the world wide web) tend to encourage centralization and 
> consolidation.  The question that confronts us, however, is not 
> merely whether there is an accidental issue of economic power 
> (which might be addressed through multiple means, not all of 
> them technical), but whether the Internet is going to be 
> _designed_ to encourage that.  I think that is what RFC 8890 is 
> really about, because it's about what the IETF should weigh when 
> making standards.
>
>>Examples:
>>
>>- DoH: https://labs.ripe.net/author/bert_hubert/
>>centralised-doh-is-bad-for-privacy-in-2019-and-beyond/
>
> There is nothing whatsoever about DoH that necessitates it will 
> be centralized.  Bert's point there is that _centralized_ DoH is 
> in fact bad for privacy, and he's probably right.  But it's also 
> true that the problem he's diagnosing has been true for years, 
> before DoH was even introduced.  Very large resolver operators 
> have been around for more than a decade, and in some countries 
> they are essentially all that gets used.  In that sense, DoH is 
> also an opportunity, because it provides the possibility of 
> private exchange of the resolution data (a possibility not true 
> under plain old DNS on port 53), and also allows different 
> applications to use different resolvers according to their 
> purposes (also a feature not available except with difficulting 
> using DNS on port 53).  That could certainly be abused by 
> application designers, but it also could turn into a privacy 
> feature.  What we need to be, then, is vigilant about deployment 
> tactics, and not attack this technology as somehow intrinsically 
> preferring one outcome over another (because in this case, it 
> does not).  By way of comparison, TLS, which is fundamental for 
> HTTPS, preserves privacy too; but if one only ever uses HTTPS to 
> connect to LargeSocialMediaFirmOfChoice, then that one firm has 
> all the information anyway, and the privacy preservation may be 
> diminished.
>
>>- Apple's Private Relay: https://419.consulting/private-relay 
>>[download the
>>roundtable report]
>
> One thing that is really interesting about that example is that 
> it's not really an Internet technology at all, since in effect 
> you have to be using Apple devices to get it to work.  (There is 
> some specification that might mean in the end it could be an 
> Internet technology, but for the moment that turns out to be 
> only a technology that happens to be carried over the Internet.) 
> Not everything that ever uses the Internet is an "Internet 
> issue", because these days basically everything touches the 
> Internet.  What we do need to be aware of, however, is the 
> possibility that the Internet will become a bare transit 
> mechanism for many different, completely siloed systems that 
> cannot interoperate.  In that case, we'd keep the Internet but 
> we'd never really have access to it, because all access would be 
> mediated through the various silos.  Frighteningly to me, some 
> regulatory moves actually _encourage_ this dismal future, and so 
> it should be one of the Society's (i.e. all of ours, not merely 
> the staff's) concerns.
>
>>It has recently come to my attention via a technical forum I am 
>>involved with
>>that over the past few years the IETF has been sort of hijacked 
>>by massive
>>corporations who can send dozens of employees to attend the IETF 
>>and work on
>>standards.
>
> I don't think that's especially new: a number (possibly a 
> majority) IETF participants have long been subsidized by their 
> emplopyers, and when I first started participating there a main 
> complaint was, "Cisco is taking over the IETF."  Moreover, 
> because of the unique social structures of the IETF, there are 
> power dynamics that are often not explicit: Corinne Cath-Speth 
> wrote her recently-published dissertation on this topic, and has 
> published a few pieces based on it on the Internet.
>
>>Technical people see the beauty of
>>centralized Internet system.  Is is up to the end users to say 
>>"I do not trust
>>such a system and suggest not moving to a centralized Internet".
>
> It is emphatically not the position of the Internet Society that 
> a centralized system is good, and the Internet Way of Networking 
> project is an effort to try to make that clear.  The second PDP 
> that will come from that project is scheduled soon, if I recall 
> correctly, and I hope the materials will be clear, 
> comprehensible, and usable by this community in advocating for 
> the Internet I believe we all want.  If _not_, the PDP would be 
> a good time to raise those concerns, so that we can realize the 
> vision of the Internet Society: the Internet is for everyone.
>
> Best regards,
>
> A


-- 
Christian de Larrinaga 
https://firsthand.net

More information about the Chapter-delegates mailing list