Last IETF in Atlanta a side meeting was held about "media without censorship". Brief conclusion:
- a large group of people is interested in this topic
- implementation of ideas is judged to be key
- difficult to fit in IETF, but other organisations are worse.
First, many thanks to all of the attendants for their valuable feedback.
Especially given the overloaded schedules of many people present.
It was a very productive meeting in my personal opinion.
[informal meeting notes]
Roughly 18 people attended a late-night side meeting at 21:00 on 8 November in Atlanta.
It was taking place right after the bits&bites free drink event, lifting the general spirit so to say.
The improvised proposed agenda included: goal discussion, scenario discussion, prior technology and gap between vision/current tech, system architecture: sunshine model.
Discussed was the similarity between the Tor anonymous browsing experience and the censorship free scenarios. Key difference is the reputation system.
It was noted that the adversary model has unrealistic assumptions. The increase of attackers power and increasing demands on solutions was not sufficiently clear to readers. Should be removed or clarified.
A key question raised was: why does this need an IETF standard? This turned out to be surprisingly difficult to answer.
1) in IETF it is possible to obtain feedback from experienced engineers on architecture and design ideas. IETF people give valuable real-world experience based feedback, differing/complimenting from academia setting, Open Source world and digital human-rights activists.
2) it would produce clear specifications which could unite currently fragmented prototype-driven initiatives.
Given this, is then the IETF really the right venue for this?
The I-D is vague about the physical layer. It can simply be: Bluetooth, direct wifi, NFC and manual USB-stick based transport of information. Needs to be clarified.
The threat model was discussed further and deemed missing the evolution of the adversary.
The "Continuous evolution scenario" could be added. Draft explanation:
Due to the nature of an open standard against censorship, the inner workings of all mechanisms are known to the attacker. At some point it is likely to become compromised due to attacker evolution. To be future proof, the standard needs to be able to co-evolve and be able to include new defensive capabilities.
A draft picture of the possible architecture of the system model was discussed, called "sunshine model". The inner part contains the nodes in the system with high-speed Internet connectivity without censorship. They form the core of the system with possibly millions of participants, coming online and going offline regularly. Nodes at the core experience churn, but can always connect freely to other online nodes in the core (using NAT puncturing possibly) The "rays of sunlight" are nodes without media freedom and constrained Internet. Information transfer between these nodes uses DTN-like techniques and Bluetooth, NFC, direct wifi or USB drives.
Key components in the proposed system architecture are the message forwarding and reputation, voting or spam prevention part.
For the message forwarding, significant overlap exists with the bundle protocols of DTNs. The term "bundle synchronization" was introduced, meaning exchanging all known new twitter-like messages between two nodes when they are near. The security in DTN work was discussed, as the anti-censorship scenarios place heavy demands on this.
Voting protocols is something the IETF seems to have done little work in.
Crowdsourcing and spam prevention is known to be a difficult problem in a fully distributed setting.
Other concerns raised: "what is the meat", "we have all this".
An important step forward is to create an implementation with re-usage of
existing software + usage of IETF standards where possible.
[I lost track of the reasoning behind the importance of an implementation]
Please enlighten me if an attendant remembers this.
Near the end of our 1 hour meeting it was noted that "the IETF is good at efficient data-communication protocols, but this is counter-intuitive".
Implying that this work lies outside the usual IETF 'comfort zone'.