►
From YouTube: IETF113-HRPC-20220323-0900
Description
HRPC meeting session at IETF113
2022/03/23 0900
https://datatracker.ietf.org/meeting/113/proceedings/
A
A
B
All
right
we're
going
to
go
ahead
and
get
started.
I
see
that
we
have
at
least
one
of
our
speakers
in
the
meeting,
so
so
welcome
everyone.
We
have
to
start,
unfortunately,
by
revising
this
very
first
slide
on
the
agenda,
because
I
didn't
update
it,
but
we
have
on
the
agenda
an
aob
that
I'm
allocating
15
minutes
to
not
five,
so
we're
going
to
reduce
the
time
on
the
two
drafts
like
five
minutes.
Each
sophia
welcome.
B
Okay,
so
first
I,
if
I
could
ask
we,
don't
actually
have
anyone
in
vienna
from
from
neither
of
sofia-
and
I
are
there,
so
we
see
a
very
sad
empty
chair.
There
are
a
few
people
in
the
audience,
so
in
the
mic
the
mic
line
is
actually
rather
far
away.
So
if
there
could
just
be
a
little
mindfulness
in
the
room
help
us
thanks
meetup
folks
now
we
can
see
the
mic
line
better.
B
So
if
there
are
folks
that
need
to
speak,
you
just
walk
up
to
the
queue
and
we
can
call
on
you
from
there.
Also,
if
I
could
ask,
if
there's
anyone
willing
to
take
notes
for
us,
I
think
sophia
may
be
able
to
do
that,
but
she
would
like
some
help
as
well.
B
Thanks
kirshabad
great
and
let's
go
ahead
and
get
started
then
so
first,
I
just
want
to
warmly
welcome
sophia
as
the
co-chair
of
hrpc
now
sophia,
are
you
able
to
come
off
camera?
If
not
that's
mine,
but.
C
Yeah,
thank
you
very
much
ma
lodi
very
excited
about
this
and
working
with
all
together
to
create
amazing
drafts
proposals.
So
very
happy
for
this
work
as
well,
and
thank
you
very
much.
B
Yeah,
thank
you
and
thanks
to
colin,
who
worked
hard
to
to
get
you
on
boarded,
so
we're
really
appreciative
of
that
effort
as
well,
and
it's
really
nice
as
well
to
have
a
balance.
So
we
have
you
coming
from
a
private
sector
as
cloudflare
and
then
the
civil
society
balance
is
good.
B
So
with
that
we
will
just
go
through
the
the
usual
welcoming
slides,
I'm
going
to
spend
a
little
bit
more
time
on
the
hrpc
history,
because
we
have
some
new
folks
joining
us
today,
but
first,
obviously
the
notewell.
This
is
the
slide
that
explains
the
intellectual
property
piece.
You've,
probably
all
seen
this
many
times
already.
I
separated
out
the
specifically
the
privacy
and
code
of
contact
piece
because
that's
really
important
as
well
for
this
meeting.
B
In
the
irtf,
which
is
where
this
research
group
is
situated,
where
we're
really
focused
on
the
long-term
research
issues
related
to
the
internet
and,
of
course,
we're
trying
to
our
best
to
conduct
research,
we're
not
developing
standards,
trying
our
best
to
conduct
good
research,
we're
now
developing
standards
and
and
also
to
that
end.
B
B
So
specifically,
we
call
out,
in
our
charter
to
human
rights,
the
right
to
freedom
of
expression
and
freedom
of
assembly,
although
there
are
others,
including
the
right
to
privacy,
which
is
more
aligned
with
the
privacy
enhancements
and
assessments,
research
group,
so
there's
definitely
some
some
overlap
and
collaboration
between
the
two
research
groups,
but
we
do
not
focus
specifically
on
that
human
right.
We
are
trying
to
provide
guidelines
for
those
working
in
the
ietf
and
on
protocols.
B
So
one
of
our
current
documents
does
that
very
well
and
and
then
there
is
just
the
raising
awareness
of
the
issues
in
this
community
of
human
rights.
We
do
that
through
bringing
in
speakers
to
our
sessions
and
we're
excited
for
those
talks
today
which
I'll
go
over
when
I
go
back
to
the
agenda
slide
so
far,
we
do
have
a
an
rfc
8280.
B
Our
other
internet
drafts
have
covered
variety
of
topics,
some
that
are
no
longer
active,
but
are
really
looking
at
the
the
overlaps
between
the
human
rights
space
and
the
protocol
development
space.
There
have
been
others
as
well
that
have
presented
hrpc
or
who
have
started
work
here
that
are
publishing
elsewhere,
so
they're
taking
their
work
and
their
papers
into
academic
journals
and
academic
conferences.
B
So
recognizing
that
that
is
actually
an
explicit
goal
of
hrpc
is
to
have
publications
go
elsewhere,
not
just
in
the
rfc
series
and
there's
actually
a
film
that
was
done.
So
it's
an
interesting
opportunity
for
us
to
think
about
other
media
that
might
reach
some
of
these
goals.
For
us,
you
can
watch
the
film
on
hrpc.io
that
was
launched
some
years
back
and
we've
also
talked
a
lot
about
data
and
visualization
through
big
bang
and
other
things.
B
I
think
sebastian
presented
last
session
on
big
bang
and
how
to
do
analysis
of
mailing
lists,
and
things
like
that
so
again
really
fits
in
with
our
with
our
research
and
then
against.
I
think
some
of
the
guidelines
and
and
suggestions
we
make
about
the
relationship
between
human
rights
and
protocols.
Others
have
been
able
to
take
that
guidance
and
actually
review
other
other
work
in
in
the
ietf
and
elsewhere.
So
I've
probably
gone
through
a
lot
of
this,
but
our
charter
was
was
from
2015.
B
And
then
here's
our
the
current
state,
so
actually
the
only
two
that
are
active
on
this
list
are
guidelines
and
freedom
association.
The
feminism
and
protocols
in
the
political
draft
are
inactive,
but
I
put
them
on
there
because
I
do
think
that
there
are
folks
interested
in
that
work.
It
just
hasn't
progressed
recently,
so
let
me
slide
all
the
way
back
to
the
agenda
so
after
that
intro
we're
actually
really
good
on
time
now,
which
is
great
so
just
checking
to
see.
B
If
john
is
here,
because
if
not,
we
can
always
have
I'm
here.
Oh
great,
john
welcome,
so
you
should
be
able
to
present
yeah
okay
good.
So
I
will.
D
So
I
guess
you
can
see
my
slides
yeah,
so
this
is
an
update
of
the
presentation
I
held
in
2019
here
in
hr,
pc
about
privacy
and
surveillance
and
security
in
fighting.
This
is
an
update
that
presentation
talking
about
what
was
actually
done.
What
was
not
done
and
the
new
things
consequences
of
that
and
new
things
that
had
happened
since
then.
D
First
a
little
bit
about
3d
pp.
So,
as
you
know,
3dpp
operates
in
this
10
years.
Generations,
2d,
3d,
4d
5d60
a
little
bit
less
known,
is
that
three
3d
people
also
works
in
five
year.
Half
releases
of
these,
the
prs
and
hspa
are
maybe
the
most
known
and
then
3dpp
works
in
this
one
to
two
year
releases.
Currently,
3d
people
are
working
on
release,
17
and
18
in
in,
in
parallel.
D
And
right
now
I
think
2d
to
5d
are
still
active
and
in
use
2g
in
3d
will
be
in
just
a
few
years.
It
will
be
shut
down
in
most
places
of
the
world
around
2025.,
I
think
at
least
in
africa,
asia,
europe
in
america,
north
america,
it
will
be
shut
down
by
them.
In
almost
all
countries,
africa
african
countries
are
still
planning
to
to
use
2d
treaty,
for
maybe
a
decade
more
or
so.
D
So
one
of
the
things
I
talked
about
2019
was
the
battle
against
mc
catchers
and
false
base
stations,
and
I'm
happy
to
report
that,
basically,
everything
I
said
was
planned
at
that
time
actually
happened.
Everything
was
approved,
at
least
in
the
standards,
then
how
much
it's
actually
used
in
practice.
For
example,
detection
force
base
station
that's
harder
to
answer.
D
So
is
this
an
end
to
the
battle
against
that
false
base
station?
Well,
maybe
maybe
long
term,
but
there
are
some
things
that
are
still
not
perfect.
I
think
these
slides
summarize
all
of
them.
One
thing
is
that
this
so
in
5g,
the
mc
which
is
the
identifier
for
the
subscriber
it's
encrypted
when
you
send
it
over
the
air,
but
this
is
mandatory
to
support
but
optional,
to
use
optional
security
is
not
really
considered
best
practice
anymore,
but
3d
people
really
like
to
make
things
optional
to
use.
D
D
D
If,
if
you
use
an
I,
which
is
a
probability
in
3d,
only
the
username
is
encrypted
and
the
realm
is
sent
in
clear
text
so
potentially
when
you're
roaming,
you
can
track
and
identify
users
by
looking
at
the
country
code
network
code
or
by
looking
at
the
realm,
and
this
is
very
similar
to
iotf
standards
as
eap,
where
you
also
send
the
realm
in
in
clear
text
where
it
might
be
more
of
a
problem
in
3d
people
where
rooming
is
very
common.
D
D
5G
introduces
new
protection,
so
a
false
base
station
or
a
stingray
cannot
trick
a
phone
to
downgrade
to,
for
example,
2d,
3d
or
4g,
but
when
you
turn
on
your
phone,
if
the
only
thing
you
see
is
the
2g
fake
base
station,
your
phone
will
connect
to
that
and
similarly,
you
could
theoretically
jam,
for
example,
5d
frequencies
or
not,
but
I
don't
think
we
have
seen
that
in
in
in
practice
anywhere
that's
complicated,
android
12
is
introducing
it
to
the
or
have
introduced
it
to
the
kill
switch.
You
can
turn
off
2d.
D
D
One
recent
example
of
mobile
identity
tracking
was
in
the
war
in
ukraine,
where,
allegedly,
this
is
just
me.
The
information
russian
troops
were
tracking
british
mobile
identities
to
to
do
artillery
strikes
unclear
how
this
was
done
could
have
been
done
by
hacking,
the
mobile
networks.
But
theoretically,
you
could
do
this,
even
in
5g,
by
just
eavesdropping
on
the
country
code
and
mobile
network
code
over
there,
and
then
then
you
can
see
where
this
and
then
with
triangulation.
D
You
could
see
where
these
phones
are
3dpp
has
also
introduced
started
some
new
studied
studies,
there's
an
ongoing
release,
18
study,
it
just
started
so
there's
not
much
content
in
that
study.
Yet
and
by
the
way
you
can
find
references
to
a
lot
of
information
at
the
end
of
this
presentation.
D
So
3dpp
has
a
lot
of
other
identities.
Then
most
of
these
are
temporary,
there's
also
a
lot
of
parameters
in
this.
This
study
was
started
by
the
academic
paper
nori,
concealing
the
concealed
identifier
in
5g,
written
by
me,
and
a
colleague
which
identifies
that
the
variable
length
nice
leaked
information
with
the
current
encryption.
There
is
no
padding.
D
D
Another
thing
I
talked
about
in
2019
was
zero
trust
architecture
inside
and
between
networks,
and
I
can
happily
report
that
this
also,
basically,
everything
was
approved,
at
least
inside
the
networks.
So
there
is
tls1.3
between
all
the
nodes
in
this
sba
architecture.
D
What
to
exactly
use
between
the
networks,
which
has
been
a
major
weakness
in
the
past,
with
this
ss7
attacks
and
so
on.
It's
still
a
bit
unclear
this
json
interface,
that
was
standardized
seems
to
be
a
little
bit
complex
to
actually
deploy,
so
it
might
be
replaced
with
something
simpler
like
like
plain
tls
tunnels,
but
that's
still
a
bit
under
discussion
in
gsm
measures,
several
sdus
involved
in
in
stylization
mobile
networks.
D
Thirteen
also
this
that
I
presented
in
2019
and
go
back
to
the
2019
presentation.
If
you
want
more
information
about
what
I
discussed
then
so,
the
problem
here
was
that
in
the
snowden
revelations
it
was
allegedly
us
and
uk
intelligence
hacked
the
sim
manufacturer
yamato
and
stole
a
lot
of
of
the
keys.
We
don't
know
if
that's
really
happened,
but
I
guess
we
can
assume
that
it
did.
It
doesn't
really
matter
just
that.
The
possibility
that
it
happened,
millions
of
billions
of
keys
is
bad
enough.
D
So
this
was
erickson
was
proposing
here
that
to
introduce
divi
helman
to
get
so-called
forward
secrecy.
This
was
unfortunately
declined
and,
to
summarize
what
you
can
do
with
this
this,
this
is
called.
What's
called
this
great
sim
heist
in
media
extension
of
is
usually
it's
not
very
known,
but
the
potential
is
this:
that
is
a
disaster.
According
to
media,
potentially
billions
of
secret
keys
were
compromised.
D
D
You
can
also
connect
users
to
a
false
base
station
and
inject
malware.
All
things
discussed
in
in
media
and
all
theoretically.
True,
we
proposed
ericsson
proposed
to
study
this
existing
authentication
procedure.
Lacking
pfs
property
was
the
name
of
this
yesterday
study
and
fortunately
he
has
to
study.
This
topic
was
objected
by
companies
from
france,
uk
and
u.s.
D
There
was
also
strong
support
from
swedish
finnish,
chinese,
german
and
u.s
companies.
They're.
Not
really
any
technical
reason
give.
Them
would
not
like
to
speculate
in
why
these
companies
objected
to
study
this.
I
think
you
have
to
ask
them
yourself,
but
this
is
a
very
current
situation,
is
very
bad
and
I
think
any
highlighting
and
discussion
and
making
this
public
whole
discussion
on
this
topic
is
good.
I
think
situation
right
now
to
use
the
words
from
keith
martin
is
that
there
is
no
authentication
method
in
public
5g
with
acceptable
security
norms.
D
Ericsson
is
currently
driving
the
e
aka
pfs
standard
in
idf
emu,
but
this
is
currently
only
approved
for
use
in
private
networks,
we'll
discuss
a
little
bit.
What
that
is
later.
D
So
the
access
authentication
in
5d
is
called
primary
authentication.
5D
networks
comes
in
two
different
flavors.
There
are
public
5d
networks.
These
are
the
mobile
networks
that
you
all
know
and
use
every
day.
These
are
the
public
ones
where
you
can,
as
a
private
person
can
sign
up
to
5d,
introduce
also
what
is
called
private
5d
networks.
These
are
meant
for
use
by
single
organizations
like
industries
or
verticals.
D
D
So
a
little
bit
more
about
why
you
want
to
use
diffie-hellman
and
why
forward
secrecy
itself
is
not
really
enough.
So
there
has
been
a
lot
of
discussion
about
forward
secrecy
in
idf
in
recent
years
forward.
Secrecy
protects
your
keys
from
compromise
in
one
direction.
So
if
your
keys
key
are
compromised
at
time,
t
to
here,
the
attacker
cannot
compromise
any
previous
keys.
On
the
other
hand,
the
attacker
can
compromise
all
future
keys.
This
is
a
good
start,
but
it's
not
really.
Yes,
it's
not
as
good
as
we
can
do.
D
If
you
frequently
do
diffie-hellman
like
every
hour
or
so
you
get
much
better
protection,
then
you
get
protection
from
a
passive
attacher.
Passive
attack
attacker
also
in
the
future.
As
you
can
see
here,
you
have
an
attack
at
t2
in
this
second
picture
here
and
all
your
previous
and
future
keys
are
secure
against
a
passive
attacker
using
terminology
from
the
excellent
rfc
7625
for
the
secrecy.
D
If
you
have
forward
secrecy
an
attack,
you
can
still
do
static
key
exfiltration.
That
means
that
they
they
get
the
key
once
and
then
they
can
use
it
for
for
forever
in
the
future.
They
don't
need
to
extract
any
new
keys,
doing
frequent
diffie-hellman
every
hour
or
so
forces
an
attacker
to
do
dynamic,
key
exfiltration
or
content
exfiltration,
and
I
would
say
that
forcing
attacker
to
do
this
should
definitely
be
considered
best
practice.
D
D
This
rfc
7625
read
that
it's
an
excellent
piece
of
document
unfortunately
has
not
been
used
very
much
in
idefs.
It
will
reference
since
it
was
published.
D
Zero
trust
assumes
that
breach
is
invaluable
or
likely
already
has
happened.
This
is
a
statement
from
nsa
and
then
from
in
some
company
if
breach
occurs,
minimize
the
impact
of
breach-
and
this
I
would
interpret
this
as
as
forward
secrecy-
is
absolutely
a
baseline
requirement
and
frequent
development
is
probably
what
you
need
to
do
to
align
with
your
trust
principles.
D
French
government
has
had
this
as
a
requirement
from
2015
for
ipsec
you
and
I
require
div
helmet
every
hour
or
every
100
gigabits
gigabytes.
I
would
say
this
should
be
considered
best
practice
for
for
when
possible,
for
constrained
iot.
This
is
not
really
possible,
but
ipsec
is
not
really
special.
This
should
apply
in
general
if
you're,
using
the
signal
protocol.
This
is
achieved
by
the
double
ratchet
algorithm.
D
That
is
not
really
doing
ephemeral,
ephemeral
different
is
doing
something
called
ephemera
static,
diffie-hellman,
but
it's
doing
them
in
different
direction
frequently
and
basically
achieves
the
same
thing.
So
how
is
tls
103
doing
in
this
aspect?
Actually,
not
so
good,
I
would
say:
tls
1.3
standardizes,
this
psk
key
key
exchange
method
and
they
made
it
look
like
it
looks
like
recommended.
It's
actually
recommended
to
implement
and
not
use,
but
that's
very
unclear
3dpp.
I
have
forbidden
everything
without
forward
secrecy
in
for
tls
1.2
and
with
the
introduction
on
tls
103.
D
D
I
think
idef
needs
to
be
much
better
as
marking
everything
that
is
weak,
as
not
recommended.
I
think
idea.
Sometimes
care
way
too
much
about
companies
caring
about
their
what
they
have
implemented,
even
if
and
don't
want
it
to
be
not
recommended.
Even
if
it's
apparently
is
all
facts,
points
to
it
being
very
weak.
D
Tls,
the
updated
tls
document
will
have
some
consideration
regarding
frequent
use
of
dv
hellmann.
I
just
got
a
pr
approved
there,
a
point
with
tls,
quite
a
strict
profiling
to
make
it
secure
if
tls
1.3,
for
example,
forbids
the
psk
key,
a
key
exchange
and
also
for
bids
cypher
suits
without
confidentiality.
D
One
example
of
this
is
dtls
over
http
in
3dpp,
where
setting
up
a
new
connection
would
mean
to
disconnect
the
cell
tower
for,
for,
for
a
long
time,
all
the
phones,
connector
cells
are
reducing
connection,
which
is
like
not
possible
to
do.
This
leads
to
the
dtls
satp
specification,
even
a
complete
rewrite.
D
D
A
new
thing
that
is
coming
in
5d
data
did
not
talk
about
last
time
is
authenticated
encryption
in
the
user
plane,
so
2g
only
used
unauthentic
encryption
so
encryption
without
any
integrity.
Protection,
no
authentication
tag.
At
the
end
3dm
ford,
we
introduced
authenticated
encryption
for
the
control
plane.
The
3d
3dp
standards
had
two
different
planes:
it's
a
user
plane
where
all
your
if
your
web
browsing
it
sends
in
the
user
plane,
but
all
the
control
messages
are
sent
in
another
plane,
5d
release
16.
D
D
But
only
use
the
plane
most
of
the
information
here
is-
is
already
encrypted
at
the
application
level,
using,
for
example,
https
or
transport
layer,
here's
an
overview
of
the
algorithms
used
in
3dpp
and
all
all
the
weak
algorithms.
You
all
there's
been
a
lot
of
media
attention
about
the
algorithms
in
gpp
at
least
previously,
all
the
weak
calories
are
from
the
2g
generation.
D
D
It
started
consent
in
general
to
raise
awareness
on
the
operators
also
gives
concrete
recommendations
in
in
some
use
cases,
and
the
overall
conclusion
in
in
5g
in
3dpp
is
that
user
consent
should
be
stored
with
the
subscription
data.
This
means
that
any
consent
is
given
for
the
for
the
subscription
and
then
anybody
using
that
subscription.
You
could
also
think
of
other
things
where,
for
example,
the
this
cookie
law.
D
D
F
Hello
thanks
so
much
for
this
excellent
presentation.
Could
you
let
us
know
on
which
3gpp
mailing
list
the
discussion
on
pfs
takes
place
because
there
are
many
and
not
all
are
easy
to
follow.
So
could
you
perhaps
point
out
what
are
the
best
lists
to
follow
these
discussions?.
D
Yeah,
so
this
was
any
discussion
here
was
done
on
the
essay
3
mailing
list.
I
can
send
out
you.
You
need
to
be
a
member
of
3dp
to
subscribe
to
the
lift
list,
but
the
mail
archive
is
open
and
public.
I
can
send
out
the
link
to
the
hr,
pc
email
list
to
the
mail
archive
and
then
some
things
are
of
course
discussed
during
the
meetings,
at
least
before
corona.
They
were
discussed
in
face-to-face
meetings.
D
The
meetings
are
not
recorded,
and
sometimes
the
minutes
are
a
bit
limited
for
the
pfs
discussion.
Eriksson
was
asking
for
a
raise
of
hand
to
to
note
which
company
objected
to
introducing
pfs
so
that
you
can
find
exact
companies
that
was
supportive
and
objective
to
this.
You
can
find
in
the
meeting
minutes
that
there
is
a
reference
to
in
in
the
presentation.
F
Thanks
so
much
for
that
answer,
and
I
would
really
appreciate
those
resources
and
thanks
again
for
that
overview,
could
you
elaborate
perhaps
a
bit
more
on
privacy,
but
also
other
human
rights
implications
of
private
5g
networks,
as
well
as
edge
computing
in
5g
networks?.
D
Private
private
5g
network
will
only
be
used
for
for
industries.
I
don't
think
there
is
so
many
and
most
of
these
the
devices
in
these
networks
will
probably
be
internet
of
things
devices.
D
So
I
don't
think
it
will
have
so
much
human
rights
implications
and
I
think,
and
the
use
cases
will
vary
very,
very
much
depending
on
industries.
I
think
if
there
are
any
implications
you
need
to
look
at
each
industry
in
as
a
special
case.
Don't
remember,
there
was
some
other
question.
D
D
One
discussion
is
at
least
to
use
trusted
enclaves
for
edge
computing,
but
what
will
actually
be
deployed
in
in
practice?
And
when
I
don't
know
but
there's
I
think
the
risk
is
that
more
information
is
spreading
in
more
notes,
but
I
think
it
can
be
done
in
a
secure,
secure
way.
F
If
no
one
else
is
in
the
queue.
May
I
ask
in
the
follow-up
question?
G
Thank
you
the
way
I
understand
it.
There
is
a
lot
of
slack
in
the
definition
of
5g,
with
some
security
and
privacy
features
that
can
be
deployed
or
not.
Is
there
a
worldwide
survey
of
what
is
the
actual
state
of
the
deployment
of
these
techniques?
I
mean
how
many,
for
instance,
are
still
really
using
the
poor
algorithm
and
things
like
that.
G
You
you
mentioned
that
in
it's
still
possible
to
use
poor
encryption
algorithm
in
5g,
but
they're
still
authorized.
But
my
question
was:
do
we
have
an
idea
how
common
it
is
to
have
this
algorithm.
D
No,
I
I
think
I
think
that
algorithm,
it's
not
so
common,
but
I
think
I
don't
think
there's
any
public
resources
that
say
how
how
which
operators
globally
is
using
or
not
using
what.
I
think
that
such
a
resource
would
be
very
good
would
be.
It
would
be
great
if
somebody
made
such
a
website
and
actually
did
that
research.
I
think,
of
course,
some
of
the
vendors
might
have
some
information
was
a
bit
limited.
D
We
know
who
we
have
sold
to,
but
we
might
not
know
if
they
operate
to
turn
it
on
or
or
not.
I
think
this
may
might
have
some
service,
but
not
I
don't
think
csma
has
the
broad
understanding
of
exactly
maybe
for
specific
topic.
They
might
do
some
internal
service
and
so
on,
but
these
are
typically
not
public
either.
D
I
don't
think
they
sit
with
all
the
information,
but,
for
example,
one
thing
that
would
be
interesting
right
now
is
that
where
which
operators
has
implemented
and
turn
on
this
sucky
encryption
of
the
mc,
that
would
be
maybe
a
starting
point.
There
are
some
researchers
doing
doing
some
researching
like
encryption,
algorithms
and
so
on.
Very
soft
often
a
bit
specific
and
it
quite
quickly
gets
old
if
it's
a
10
year
old
or
5
year
old
paper,
it's
not
really
up
to
date,
anymore.
B
Great,
I
just
had
a
question
and
then
I
think
we'll
move
on
to
the
next
speaker,
but
you
had
mentioned
that
you've
proposed
some
changes
in
tls.
Are
there
other
places
in
the
ietf
any
working
groups
where
sort
of
actively
following
discussion
or
others
who
are
interested
in
this
work,
could
also
subscribe
to
lists
and
follow
work.
D
I
think
it
needs
to
be
act.
I
think
good
security
and
privacy
affect
all
idf
groups.
I
think
itafa
had
at
least
in
tls
there's,
maybe
been
a
bit
too
much
focus
on
forward
secrecy,
and
so
my
somebody
that
that
will
solve
everything
I
think
tls
removed
the
possibility
to
do
frequentify
hellmann
just
when
that
started
to
become
best
practice
in
in
the
rest
of
the
world,
but
it
might
also
be
a
little
bit.
D
3D
people
started
using
tls
much
more
for
long-term
connections
at
the
same
time
as
tls
was
developed,
so
we
should
maybe
have
been
active
and
then
it
might
be
possible.
It's
a
little
bit
unfortunate,
but
you
can't
solve
it
by
setting
up
new
connections
and
if
I
think
tls
is
maybe
one
of
the
in
a
good
position,
I
think
the
problem
is
more.
When
security
is
used
in
other
groups,
I
think
there
needs
to
be
a
constant
focus
to
improve
privacy
and
security
everywhere.
D
B
Wonderful
thanks
very
much
john
for
joining
us
today.
I
encourage
others
to
reach
out.
If
there
are
other
questions,
it
was
just
a
very
useful
overview
of
of
where
that
standard
is
at
from
privacy.
Thank.
D
B
Fantastic
thanks
again
so,
yes
checking
our
agenda,
as
folks
had
noted
before
it
has
changed.
Actually
so
the
items
four
and
five
only
have
15
minutes
for
the
drafts
and
we'll
have
15
minutes
then
under
aob
for
lenny
to
present
on
the
ip
blocking
draft.
B
Next
up,
then,
is
jacobo
from
witness
who
is
going
to
be
talking
about
content,
provenance
and
so
go
ahead.
Jocobo
there
is
a
button
that
looks
like
a
document
on
the
on
the
top
that
you
can
click
and
then
your
slides
should
be
available
to
you
to
load.
H
Okay
good
morning,
everyone
afternoon,
so
first
just
quickly
apologize.
If
you
see
me
grappling
for
air,
I'm
in
quito
ecuador
for
the
first
time
in
a
couple
of
years,
and
the
air
is
very
thin
here-
we're
almost
at
3
000
meters
above
the
sea
level,
so
my
name
is
jacobo
castillanos
and
I
work
with
witness
in
the
technology,
threats
and
opportunities
program
for
context.
Witness
is
a
human
rights
organization
that
works
with
activists,
citizen
journalists,
human
rights
defenders
that
use
video
and
technology
in
crisis
and
conflict
situations.
H
So,
for
today,
I'd
like
to
talk
to
you
about
the
harms
modeling
work
that
we've
done
within
the
c2pa,
so
the
con,
the
coalition
for
content,
provenance
and
authenticity.
H
Another
a
quick
caveat
also
before
starting
witness
is
not
an
organization
that
works
normally
within
standard
development
organizations.
So
I
appreciate
the
opportunity
to
speak
here
and
get
any
thoughts
or
comments
that
you
may
have.
I
work
in
the
c2pa
and
I'll
talk
a
little
bit
about
more
about
that
in
a
second,
it's
just
really
informed
by
our
previous
work
in
content,
provenance
and
authenticity.
H
H
The
second
is
an
overview
of
the
c2pa
and
the
specs,
and
then
the
third
thing
and
the
bulk
of
the
time
on
the
harvest.
Modeling
work-
that's
happened
within
t2pa,
so
just
to
start
off
on
the
same
page,
I
wanted
to
offer
this
general
definition
of
provenance
and
authenticity
infrastructure,
which
is
it
refers
to
the
tools,
the
services
or
the
frameworks
that
facilitate
capturing
processing
and
presenting
information
about
the
source
and
the
history
of
digital
assets
in
a
way
that
is
verifiable
and
tamper
evident.
H
So
here
we
have
an
image
that
comes
from
the
c2pa,
but
it's
illustrative
of
the
broader
providence
and
authenticity
ecosystem.
I
think
so.
We
have
here
an
image
with
its
metadata
and
background
information
about
the
source
of
this
image,
the
history,
if
the
size
of
the
image
was
changed
or
the
colors
were
altered,
for
example,
this
provenance
information,
this
province,
authenticity
infrastructure
refers
to
the
tools
that
allow
capturing
this
information
and
processing
it.
H
H
So
a
quick
overview
on
witness,
so
witness
has
been
part
of
this
work
for
a
number
of
years.
Now
it's
in
many
ways
been
pioneered
by
human
rights
organizations
and
so
witness
work
with
the
guardian
project
on
on
proof
mode,
which
is
an
application
that
creates
signed,
visual
evidence
with
images
and
videos.
H
So
just
to
mention
a
couple
of
things
that
have
come
out
of
this
previous
work.
Witness
has
been
advocating
for
provenance
and
authenticity
infrastructure
to
always
be
opt-in,
recognizing
that
there
are
reasons
there
are
legitimate
reasons
for
people
not
to
want
or
not
to
be
able
to
use
these
tools.
H
H
H
H
So
one
of
the
things
that
we
have
been
seeing
is
that
this
provenance
and
authenticity
infrastructure
is
moving
from
a
niche
from
niche
tools
again
that
have
been
primarily
pioneered
by
human
rights
organizations
and
it's
starting
to
become
more
systematic
efforts
are
starting
to
appear,
and
these
are
led
by
you
know
the
c2pa
this
coalition,
but
also
content,
authenticity,
initiative,
project
origin,
which
focuses
on
news
media
and
it's
been
led
by
larger
companies
such
as
adobe,
microsoft,
bbc
trooper,
amongst
others,
and
so,
as
we
have
been
seeing
this
just
this
shift
from
niche
tools
to
more
systematic
use.
H
So
witness
has
been
asking
so
as
we
see
this
shift,
how
do
we
prevent?
How
do
we
avert
and
mitigate
harms?
And
how
do
we
enhance
freedom
of
expression
and
trust,
and
so
this
takes
me
to
the
c2pa,
so
the
coalition
again,
the
coalition
for
content,
provenance
and
authenticity-
is
this
group
of
companies
primarily
that
have
come
together
to
create
these
technical
specifications
that
are
meant
to
create
this
interoperable
ecosystem
of
capturing
and
processing,
authentication
and
provenance
information.
So
the
c2pa
is
led
by
the
companies
that
are
listed
here.
H
Adobe
arm
bbc
intel
microsoft,
trooper
twitter
now
also
sony,
but
there
are
over
a
dozen
other
general
and
contributing
members,
and
witness
is
one
of
these
contributing
members.
As
of
january
26th
of
this
year
version
1.0
of
these
specifications
have
been
published.
H
We
are
now
heading
in
the
coming
well
soon
in
the
coming
weeks,
perhaps
going
into
version
1.0
of
these
specifications
and
so
we're
moving
past
the
design
stage
and
now
into
the
implementation
and
the
development
of
these
tools.
H
So
here
I
have
a
very
quick
overview
of
of
the
design
of
the
specs.
This
overview
will
by
no
means
do
it
justice,
but
hopefully
it'll
give
a
very
general
picture
at
least
enough
to
go
into
the
next
part
of
the
conversation,
which
is
the
harms
modeling.
H
So
the
way
that
these
specs
have
been
designed
and
I'm
going
to
be
using
c2pa
terminology
here
there
are
three
actors
in
this
example.
In
this
hypothetical
example,
three
actors
are
doing
three
different
actions
with
three
different
c2pa
enabled
tools.
So
here
we
have
actor
one
that
takes
a
picture
say
with
a
nikon
camera.
H
H
I'm
just
getting
a
little
bit
ahead
of
myself
here,
the
trust
model
or
the
the
the
the
way
that
the
c2pa
promotes
trust
is
really
tied
to
this
signer
right
here.
The
signer
is
a
notary
of
sorts
that
vouches
for
the
information
that
is
included
here
designer
cleveland.
It
could
be
said
that
it's
more
than
that
really
because
the
signer
determines
what
information
is
included
in
these
manifests
and
what
information
is
not
included
for
that
matter.
H
H
The
editor
might
change
the
color
of
the
image
or
the
size
of
the
image,
thereby
creating
another
manifest
right
here.
So
like
another
little
rectangle,
this
information
is
cryptographically
hashed
to
the
image
again
and
signed.
In
this
case,
it
would
be
signed-
probably
by
adobe,
which
is
one
of
the
steering
committee
members
in
these
efforts,
and
then
the
third
actor
would
might
publish
it
in
the
new
york
times
the
edit
here,
the
the
publisher
might
compress
the
image
out
of
captions.
H
This
creates
another
manifest
again
cryptographically,
hashed
and
signed
here.
The
sign
it
could
actually
determine
if
all
the
manifests
are
included
or
just
one.
But
the
point
of
this
all
is
so
that
once
it
gets
to
the
consumer,
the
image
or
the
video
or
the
digital
assets
gets
the
consumer.
H
Ideally,
they
would
be
able
to
look
at
all
of
this
provenance
information
and
with
that
additional
information
be
able
to
have
a
better
sense
of
whether
or
not
they
will
trust
this
image
or
they
will
decide
to
believe
in
it
before
going
past.
This
quick
summary
I'll
just
highlight
that
the
c2pa
is
not
intended
to
determine
what
is
true
and
what
is
not
true
it.
You
know,
as
it's
established.
H
H
So
for
one
thing
we
have
been
looking
at
the
the
design
of
the
specs
and
thinking
about
the
potential
harms
and
how
they
could
be
prevented,
how
they
could
be
averted,
how
we
could
mitigate
harms
and,
on
the
other
hand,
we
also
see
the
authenticity
and
providence
infrastructure
bringing
a
lot
of
opportunities
in
you
know,
from
our
perspective
to
human
rights
defenders
to
activists
to
journalists,
you
know
how
could
this
help
create
more
trustworthy
content?
H
H
We
work
mostly
under
the
technical
working
group,
so
the
bottom
purple
box
in
a
technical
working
group
is
where
these
specs
are
being
designed
and
witness
is
the
co-chair
of
the
threats
and
harms
task
force
where
we
have
been
leading
the
harms
modeling
efforts
that
I'll
get
to
in
a
second.
H
However,
considering
the
broader
objectives
that
we
have,
we
have
also
been
informing
the
steering
committee
on
various
issues,
so
perhaps,
most
importantly,
at
least
at
the
start,
by
establishing
the
guiding
principles
of
the
c2pa-
and
I
have
another
slide
just
to
talk
about
the
guiding
principles,
because
it
really
has
set
the
foundations
for
the
work
on
harm's
modeling.
H
But
beyond
that,
also
we've
been
having
conversations
on
how
to
continue
a
harm's
assessment
beyond
the
the
design
stage
or
before
1.0
and
onto
the
next
stages
of
these
specifications
and
then
also
more
broadly
again,
thinking
about
how
how
we
promote
critical
usages
we've
been
having
conversations
about
resourcing
and
supporting
the
creation
of
tools
that
are
directly
focused
on
human
rights
defenders.
Journalists,
amongst
others,.
H
So,
as
I
mentioned,
the
guiding
principles
really
have
been
the
foundation
for
the
work
that
we
have
been
doing.
As
mentioned,
we
have
not
been
working
within
standard
development
organizations,
so
it's
been
unclear
to
us
how,
at
least
from
the
start,
that
it's
been
an
evolution
for
us
and
a
growth
curve,
but
by
having
established
these
guiding
principles
from
the
start
of
having
advocated
for
these
guiding
principles
from
the
start,
it
has
really
paved
the
way
for
the
harness
modeling
work.
H
H
We
were
also
thinking
advocating
for
it
for
the
specs
to
be
designed
thinking
about
global
audiences.
So
how
could
the
specs
be
useful
and
pertinent
and
avert
harm,
not
just
in
in
normally
in
europe
or
the
united
states,
but
how
it
could
be
relevant
in
marginalized
communities
in
africa
or
latin
america?
H
So
I've
I've
numbered
here,
a
couple
of
principles.
I'll
just
read
the
first
one
t2pa
specifications
must
respect
the
common
privacy
concerns
of
each
of
the
target
users
onto
the
second
point.
The
second
subpoint
c2pa
specifications
must
allow
content
creators,
editors
and
publishers
to
remove
sensitive
information
before
sharing
with
others,
and
subsequent
participants
must
be
made
aware
of
such
removal.
H
C2Pa
specifications
must
not
require
identity
of
the
person
or
organization,
making
any
assertion
or
claim
about
an
asset
to
be
documented.
The
specifications
may
allow
that
information
to
be
represented,
provided
the
representation
is
optional.
So
here
you
know,
there's
a
list
of
other
guiding
principles
as
I
was
highlighting
in
this
box,
but
here
the
second
point
I
just
want
to
emphasize
on
this
point
that
again
thinking
about
privacy
that
manifests
never
at
least
not
not
as
at
the
standards
level,
require
individual
identifiers
to
be
connected
to
manifests
so
based
on
these
guiding
principles.
H
As
I
was
mentioned,
witness
has
been
leading
this
harm's
modeling
efforts,
which
really
has
revolved
around
a
harms,
misuse
and
abuse
assessment.
That
I'll
explain
the
process
in
the
coming
and
the
next
slides.
So
there's
been
really
three
areas
of
work
or
faces.
H
If
you
will,
though,
they
have
been
iterative
so,
on
the
one
hand-
and
this
has
been
connected
to
the
work
with
the
twg
with
the
technical
working
group
and
not
just
the
threats
and
harms
task
forces-
well
thinking
about
the
purpose
of
of
this
infrastructure,
what
are
the
use
cases
who
are
the
users
and
also,
very
importantly,
who
are
the
stakeholders?
H
So
with
that
foundation,
we
went
on
to
think
about
the
assessment
right.
So
so
what
are
the
actual
or
the
potential
harms
that
could
come?
That
could
result
from
from
these
specifications
and
this
systematic
use
of
provenance
and
authenticity
infrastructure,
and
here
I've
just
mentioned
that
this
assessment
was
very
much
inspired
or
it
was
adapted
from
microsoft's
harms
modeling
framework.
So
a
taxonomy
excuse
me
a
taxonomy
that
that
frames,
the
thinking
around
identifying
potential
harms
and
then
the
third
area,
very
importantly,
is
thinking
about
mitigation
strategies.
H
H
Repeating
different
instances
that
it's
important,
that
it
start
at
the
design
stage,
it
really
it
gives
us
a
head
start
when
thinking
about
human
rights
issues,
but
it
has
to
be
continuous,
especially
now
that
it
goes
into
beyond
1.0,
because
it's
starting
to
be
implemented
and
tools
are
starting
to
be
created
and
we're
going
past.
The
realm
of
potential
harms
to
actual
harms,
so
it
has
to
be
continuous
and
then
the
second
is
that
the
assessment
has
to
include
multi-disciplinary
and
diverse
range
of
stakeholders.
H
H
So
there's
two
areas
where
we've
been
having
these
discussions
so
on
the
one
hand
within
the
the
c2pa
within
the
technical
working
group
and
the
threats
and
harms
task
force
where,
as
you
may
imagine,
there's
a
a
group
of
experts
mainly
coming
from
tech
companies
and
news
media
organizations
that
offer
that
offer
their
expertise
and
insight
to
get
a
sense
of
what
the
human
rights
implications
are,
but
also
recognizing
the
limitations
of
this
group,
the
lack
of
representation
and
also
the
understanding
of
of
broader
society,
societal
issues.
Witness.
H
Began
an
outreach
process
reaching
out
to
as
many
folks
as
possible
from
different
parts
of
the
world
with
different
lived
technical
professional
experiences
in
order
to
get
a
sense
of
of
how
they
think
they
thought
that
that
this
infrastructure
could
affect
them,
how
it
could
help
them
and-
and
based
on
these
conversations,
you
know,
identify
these
harms
and
the
potential
mitigations.
H
So
this
is
an
overview
of
the
results
in
the
next
slide.
I'll
mention
a
couple
of
examples,
but
to
get
an
idea
again-
and
this
is
an
adapted
version
of
microsoft's-
harms
modeling
framework.
The
potential
harms
identified,
which
is
just
under
60.,
there's
different
types
of
harms
that
have
been
identified,
not
just
because
they
fit
under
different
categories,
but
because
some
are
very
specific
to
the
the
impact
that
the
c2pa
could
have.
H
Others
are
more
general
about
potential
harms
that
could
come
from
provenance
and
authenticity
infrastructure,
starting
with
the
fact
that
it's
a
data
capturing
system
at
the
end
of
the
day,
and
then
there
are
other
harms
that
may
not
be
directly
connected
to
provenance
and
authenticity
infrastructure
or
the
c2pa
that
they
may
not
be
a
result
of
this,
but
they
that
they
may
be
worsened
or
the
issue
may
be
deepened
by
the
more
systematic
use
of
this
of
this
infrastructure.
H
So
there's
been
four
categories
of
harms
identified
so
for
one
denial
of
consequential
services.
So
we
looked
at
the
losses
of
opportunities
how
people
could
lose
opportunities?
What
are
the
economic
losses
that
people
could
have
coming
out
of?
The
standards,
what
are
the
infringements
on
human
rights?
So
how
could
people?
How
could
how
it
could
affect
people's
dignity,
their
liberty,
how
can
affect
their
privacy
or
their
constraints
on
freedom
of
expression,
freedom
of
association
and
environmental
impact?
H
Would
there
be
an
erosion
of
social
and
democratic
structures?
Would
there
be
manipulation
here?
We
saw
questions
around
miss
and
this
information?
Could
there
be
an
over
reliance
on
technical
systems
or
any
other
social
detriment
and
then,
lastly,
risk
of
injury,
so
emotional
or
psychological
distress
or
physical
harm?
So
the
number
that
accompanies
each
one
of
these
refers
to
the
the
potential
harms
identified.
H
I'll
I'll
mention
a
couple
of
examples
here
in
the
next
slide.
So
one
of
these
one
of
the
things
that
could
come
out
of
the
c2pa
and
we
recognize
that
this
is
these-
are
only
technical
specifications.
Yet,
once
you
go
into
the
tooling,
this
harms
modeling
work
could
be
even
more
at
least
directly
relevant,
but
by
thinking
again
from
the
standards
level,
we
we
feel
like
we
can
get
a
head
start
and
and
also
inform
the
actual
specs.
H
So
one
of
the
harms
that
could
come
out
of
the
cgpa
is
a
redux,
a
reduction
in
options
for
anonymity
and
pseudonymity.
So
we
based
on
how
the
the
specs
are
designed.
We
feel
that,
for
one
thing
there
is
a
possibility
for
for
people
to
inadvertently
share
sensitive
information,
and
this
refers
back
to
questions
around
the
user
experience
you
know.
So
what?
If
the
specs
have
been
designed
to
allow
for
confidentiality?
H
But
what?
If
the
user
experience
is
not
designed
in
such
a
way
that
it
really
allows
the
user
to
maintain
control
of
that,
and
then
there's
also
the
questions
around
the
the
fact
that,
although
the
specs
allow
for
confidentiality,
they
don't
demand
it.
You
could
have
compliant
tooling.
That
does
require
individual
identifiers,
and
so
that
takes
us.
That
takes
me
actually
to
the
second
point
that
the
c2pa
could
result
on
attacks
on
journalistic
freedoms
and
independence.
H
Images
and
videos
that
contain
manifest
c2pa
manifests
or
contain
provenance
information
have
a
higher
algorithmic
ranking
than
those
that
don't.
Then
there
are
questions
about
well
what
happens
to
those
that
again,
as
we
men,
as
I
mentioned
earlier,
to
those
that
decide
for
legitimate
reasons
that
they
do
not
want
to
use
this
providence
infrastructure
or
that
they
can't
because
they
just
don't,
have
access
to
it.
H
So
these
three
are
just
examples
of
the
potential
harms
that
that
have
been
identified
and
then
and
then
this
is
connected
to
certain
to
some
mitigation
strategies.
But
there
are
others
that
there's
still
gaps
that
that
witness
and
and
the
c2pa
are
working
on
and
I'll,
actually
just
in
the
interest
of
time.
I'll
skip
these
two
slides,
which
talk
about
specific,
more
specific,
harms
and
jump
to
this
one
right
here.
H
So
all
of
this
information
that
I
have
been
sharing
with
you
has
been
published
alongside
the
specs.
So
if
you
visit
the
website
c2pa.org
and
go
into
the
specifications,
tab
you'll
find
that,
along
with
the
actual
specifications
there
a
list
of
other
documents
that
have
been
published
with
the
specs,
so
one
of
them
is
the
security
considerations.
One
is
user
experience
consideration.
H
Another
is
guidance
for
implementers
and
there's
the
harms
modeling
work,
and
so
in
that
harm
modeling
document
you'll
find
detailed
information
about
the
the
process
that
it
was
carried
out
and
you'll
also
find
this
table
right
here.
This
is
just
a
snapshot
of
that
table,
and
this
includes
all
of
the
the
potential
harms
that
have
been
identified.
They've
been
categorized,
they've
been
described
and
with
a
contextual
example
and
then,
most
importantly,
perhaps
tied
to
a
specific,
existing
and
potential
mitigation.
H
So
I'll
end
with
this
last
slide
right
here
on
existing
and
potential
mitigations,
so
the
outputs
of
our
harms
modeling
work
so
based
on
on
on
the
assessment
and
based
on
the
potential
harms
that
have
been
identified.
H
What
witness
has
been
doing
as
co-chairs
of
the
threatened
harms
task
force,
is
to
inform
and
shape
these
three
areas
of
the
c2pa,
so
first
and
and
most
notoriously
the
actual
specifications,
of
course,
so
that
the
specifications
in
their
design
they
already
include
all
of
these
considerations,
around
privacy,
accessibility,
misuse,
etc.
H
The
second
area
are
the
accompanying
documents
that
I
mentioned
before
so
based
on
this
harm
assessment.
What
does
the
user
experience
guidance
need
to
include
so
here,
for
example,
we
just
emphasized
on
the
need
for
there
to
be
guidance
for
content
creators
or
also
for
consumers,
but
also
for
content
creators
to
be
able
to
to
know
what
information
they're
sharing
and
and
how
the
information
is
being
shared,
what
the
rejection
redaction
mechanisms
are,
etc.
H
So
how
could
we
get
more
people
to
know
about
what's
happening,
how
we
could
get
more
input,
and
so
to
that
end
an
explainer
is,
has
been
drafted
and
published,
and
this
is
is
to
be
continuously
updated
and
then
the
third
area
that
that
is
affected
by
the
work
that
that
witness
has
been
doing
are
the
non-technical
and
multilateral
harms
response
actions.
H
So
for
one
thing,
as
mentioned
before,
this
includes
thinking
about
resourcing
and
supporting
a
diverse
c2pa
ecosystem
right.
So
so
the
specs
have
been
designed.
How
do
we
now
create
the
tools
that
actually
human
rights
defenders
will
use
in
conflict
zones?
How
do
we
use?
How
do
we
create
the
tools
that
citizen
journalists
might
use
in
countries
where
you
know
there
might
be
a
lot
of
government
surveillance?
H
We've
started
to
think
about
about
the
governance
of
the
c2pa,
we're
not
steering
committee
members.
So
it's
it's
a
tricky
area,
but
mostly
around
questions
around
the
red
flags.
What
are
the
really
compliance
issues
that
we
need
to
think
about?
Should
they
be
addressed
within
the
c2pa
or
beyond?
Where
we're
thinking
that
this
compliance
should
go
beyond
the
c2pa,
not
part
of
this
youtube,
but
then
how
does
that
look
like
or
what
is
that?
What
does
that
look
like
and
then?
Lastly,
this
ongoing
assessment
that
I
mentioned
before?
H
B
Thanks
so
much
excellent,
excellent
presentation,
we've
got
folks
joining
the
queue.
There
were
lots
of
really
good
questions
in
the
chat
which
I
hope
you
weren't
paying
attention
to
as
you
presented.
But
why
don't
we
go
and
take
patrick
in
the
remote
queue
and
then
we've
got
a
couple.
People
at
the
mic.
A
I
A
I
I'm
patrick
tarpy
from
ofcom.
It's
very
interesting
presentation.
Thank
you.
Just
a
query
here.
Imagine
a
scenario
say
I
don't
know
10
years
in
the
future
and
the
metadata
isn't
available
for
a
piece
of
content
just
to
verify
its
providence.
I
Would
we
be
looking
at
a
situation
say
future
researchers
or
people
doing
legal
research
or
whatever?
If
it
can't
be
verified,
it
then
has
a
kind
of
like
a
secondary
status
in
terms
of
the
and
you
know
ultimately
who
pays
for.
I
know
I'm
kind
of
combining
two
questions,
but
that's
the
you
know.
How
will
this
sustain
itself?
I
guess
really
it's
a
great
idea.
Thank
you.
H
Yeah,
so
so
this
top
or
two-tier
issue
is,
is
really
one
of
the
things
that
witness
has
been
thinking
about
and
and
then
I
believe
your
comment
refers
to
legacy
media.
Perhaps
we
could
say
so
what
happens
to
the
media
that
was
created,
pre,
pre-content
authenticity
and
provenance?
Yeah.
There's
questions
around
that,
so
so
in
the
design
of
the
specs
there's
something
called
an
update
manifest.
H
So
it
is
possible
to
include
provenance
information
in
work
in
digital
assets
that
were
created
beforehand.
Obviously,
the
information
that
would
be
contained
within
these
manifest
would
say
well.
This
was
created
before
and
then,
if
you
trust
the
signer,
as
I
mentioned
this
all
revolves
around
designer.
H
If
you
trust
a
signer
that
created
this
manifest,
then
you
might
be
tempted
to
say
okay,
you
know,
even
though
this
was
created
after
the
the
moment
after
the
fact
that
the
image
was
taken,
I
decide
that
I'll
believe
in
it,
because
it
was
signed
by
the
designer
that
I
choose
to
believe
in
even
then
I
think
there's
still
issues
that
need
to
be
addressed
and
and
for
us
one
of
the
most
concerning
areas.
H
One
of
the
areas
that
we
want
to
work
on
is
not
just
for
legacy
media,
but
what
happens
to
again
people
that,
for
legitimate
reasons
cannot
or
or
do
not
want
to
use
providence
information,
and
then
the
second
question
has
to
pay
for
this,
so
the
coalition
is
is
organized
by
these
companies
and
they're
building
these
specifications,
the
actual
tooling,
will
depend
on
whoever
wants
to
create
these
tools
and
be
part
of
this
ecosystem,
and
there
on
that.
On
that
note,
witness
is
thinking
okay.
G
I
have
a
technical
question
which
may
be
actually
a
political
one
when
someone
modify
a
picture
with
photoshop,
for
instance,
how
are
people
supposed
to
verify?
The
close
I
mean,
how
do
you
get
the
public
key
of
the
person
modified,
which
is
certainly
the
most
difficult
problem
in
cryptography?
G
H
So
so
the
the
specs
inc
they're
tied
to
the
they're
connected
to
the
use
of
of
certificate
authorities
that
verify
the
identity
of
the
signer,
but
on
the
public
key
aspect.
To
be
honest,
I
can't
tell
you
that
I
don't.
I
don't
work
on
the
technical
side
of
this,
so
I
can't
tell
you,
I'm
sure,
there's
a
very
easy
answer
to
that,
but
I
can't
answer
that.
G
H
B
B
I
put
myself
in
the
queue
actually
because
I
okay,
I
think
I
I've
heard
the
response
for
this
before,
but
just
wanted
to
verify
if
you
are
currently
working
or
other
folks
from
the
technical
working
group
are
currently
working
on
standards.
I
think
that
there's
an
iso
group,
maybe
that
deals
with
image
data
that
may
be
impacted
by
this.
B
H
Yeah
so
so
I
yeah
I
mean
I,
I
can't
speak
for
what
other
people
do
really,
but
I
know
that
the
chair,
leonard
hofstadter,
works
in
various
standards,
development
with
jpeg,
I
believe,
and
then
the
iptc
there's
folks
that
have
been
working
closely
with
iptc.
B
No
worries
and
actually
the
main
question
I
I
was
so
I
compared
this
in
my
mental
model,
to
website
certificate
authorities
or
domain
subjects,
authorities
and
one
of
the
stop
gaps
in
abuse
that
we've
seen
enacted
in
the
current
ukraine.
Russia
situation,
for
example,
is
certificate
authorities
not
being
recognized
by
the
browsers
and
and
that
being
again
like
a
measure
to
ensure
there's
no
abuse
of
the
trust
system,
and
I'm
just
it's,
maybe
a
comparable
question
to
what
stefan
just
asked,
which
is.
B
I
don't
have
like
what
would
be
the
equivalent
then
of
say
you
know
a
c2pa
certificate
authority
issuing
assurances
was
doing
so
on
bad
faith
like
how
do
you
kind
of
stop
those
verifications
from
entering
into
the
ecosystem
like?
Is
it
through
the
software
developers
that
are
implementing
it?
Is
it
through
the
publishers
who
are
publishing
it?
Is
there?
How
does
that
work?
Or
do
you
have
to
be
part
of
the
coalition
to
be
able
to
be
a
ca?
Just
wondering.
H
No,
so
so
the
the
specifications
have
a
segment
on
trust
lists
and
there's
no
there's
not
much
guidance
and
trust
us,
because
once
you
start
creating
parameters
for
what's
trusting
and
what's
not,
then
it
opens
a
can
of
worms
and
then
considering
that
this
has
so
many
uses
in
so
many
different
industries,
then
it's
hard
to
define,
who
is
accepted
and
who's,
not
part
of
this
trust
list.
So
all
it
says
in
terms
of
guidance.
H
To
that
end,
is
that
claim
generators,
so
these
cr,
those
that
create
these
manifest,
maintain
certain
trustless
of
certificate
authorities
that
they
work
with
and
that
they
accept
for
signing
these
manifests.
I
don't
know
if
that
answers
the
question.
Mallory.
B
I
mean
that
should
also
be
actionable
right,
so
that
that
entity
is
no
longer
sort
of
accepted
in
the
ecosystem
and
in
the
in
the
so
so
anyway.
That's
it's
a
difficult
one
for
sure,
but
I
think
that'll
probably
need
to
be
addressed
at
some
point.
B
J
Center
for
democracy
and
technology.
Thank
you
so
much
for
this
presentation.
I
have.
I
have
lots
of
questions
that
I'm
not
going
to
I'll
ask
right
now.
I'm
kind
of
curious
just
about
this
more
sort
of
process
thing,
including
this
slide,
that
you're
showing
right.
Now.
I
really
like
this
idea
of
using
explainers
of
the
idea
that
not
everyone
is
going
to
understand
all
the
specifications
or
not.
Everyone
is
going
to
be
able
to
participate.
J
That's
just
a
fact
at
the
moment
and
that's
something
we
also
face
with
itf
and
w3c
other
technical
standards
bodies,
and
so
I
am
curious
about
this
idea
of
explainers,
and
I
would
just
I
would
just
be
curious
to
hear
if
you've
heard
from
people
who
have
used
those
explainers
or
other
groups
that
were
interested
but
weren't
actively
participating.
J
H
Yeah
so
first,
I
think
the
I'm
not
sure
where
the
idea
of
the
explainer
came
from.
I
don't
know
if
this
is
standard,
I
actually
would
love
to
know
if
creating
explainers
is
part
of
the
standard
within
a
standard
development
organization.
But
I,
but
at
least
the
idea
of
it,
is
tied
to
this
too
much
of
the
work
that
many
of
you
may
be
involved
with
and
and
the
notion
that
that
sdos
are
not
very
representative.
H
So
on
that,
with
that
context,
the
the
idea
of
creating
an
explainer
was
it
was
very
important
from
witnesses
perspective
and
and
the
way
that
the
explainer
is
drafted,
and
it's
something
that
you
could
check
it's,
hopefully
very,
very
open
and
and
very
accessible
to
the
general
public
to
people
that
have
no
idea
about
sdos
and
have
no
technical
background
whatsoever.
So
that
is
the
way
that
it
has
been
drafted.
H
Hopefully
that's
the
way
that
it's
been
it's
been
read
when
we
present
the
c2pa
to
folks
that
are
not
part
of
these
environments.
They
have
pointed
to
the
explainer
to
say
you
know,
because
we
read
the
explainer.
We
get
a
better
sense
of
what
this
is
for
sure.
The
fact
is,
when
you
look
at
the
specs,
it's
just
very,
very
overwhelming
it's
very,
very
technical
and
definitely
not
not
it's
not.
It
doesn't
invite
people
to
comment
on
them
and
the
explainer
has
been,
and
they
have
we've
had.
H
Several
people
mention
that,
nick
that
this
is
their
access
to
this.
To
these
discussions.
J
That's
like
really
admirable
and-
and
I'm
I'm
kind
of
excited
that
you
do
have
some
at
least
some
positive
feedback.
Maybe
maybe
we
can
try
that
in
some
other
settings
to
have
that
more
human,
readable
version.
B
Excellent,
thank
you
again
so
much
for
joining
us.
It
was
really
nice
to
hear
about
this,
and
and
I'm
glad
you
brought
it
to
hrpc
for
folks
to
reflect
on
so
you
can
always
contact
each
other
on
if
anybody
has
questions
on
on
the
mailing
list
or
through
email.
So
I
encourage
folks
that
still
have
lingering
questions
to
to
do
that.
So
thanks
again
for
joining
us
yeah.
B
Okay,
I
will
I
will
not
pull
up
the
agenda
again.
If
I
remember
correctly,
we
have
the
draft
guidelines
to
present
so
grad.
If
you
are
ready,
you
can
come
on
up
virtually.
B
K
Perfect
and
if
someone
can
help
take
notes
during
this
part,
that
would
be
great,
so
yeah.
This
is
a
quick
update
on
where
draft
guidelines
is
so
just
to
recap
for
folks
who
haven't
who
don't
know
about
the
document.
K
It's
it's
an
update
to
rfc
8280,
which
talked
about
generally
guidelines
for
assessing
how
a
protocol
or
specification
affects
human
rights,
and
this
is
updating
the
guidelines
part
in
that
document
and
and
we
hope
that
it
so
it
is
based
on
practice
in
the
sense
that
we've
had
some
practical
experience
like
people
applying
and
assessing
standards
with
these
guidelines
and
helping
us
improve
them,
and
it's
also
written
in
a
way
that
you
can.
K
Hopefully,
you
can
easily
use
them
to
ask
questions
of
the
protocol
that
you're,
designing
or
assessing.
Currently,
the
document
is
at
its
12th
version
of
after
the
last
meeting,
the
two
major
things
have
been
that
it
was
moved
from
last
call
to
irtf
chair
review,
which
happened
thanks
for
the
detailed
review.
This
feedback
was
addressed
in
january
and
you
may
see
some
changes
in
the
structure.
The
sections
have
been
reordered
and
the
changes
are
too.
K
The
changes
in
the
content
are
too
numerous
to
detail
now,
but
if
you
like
that
list,
I
can
send
send
a
link
in
the
chat
where
I
mean
at
least
the
list,
not
not
a
summary.
So
in
now
I
get
to
the
part
where
I'm
stating
mostly
my
opinion
of
how
I
see
things.
So
I
I
think
we've
addressed
most
of
the
feedback
that
has
come
on
the
list.
There
is
one
part
that
may
may
still
seem
a
bit
controversial,
which
is
the
the
section
on
attribution.
K
My
personal
assessment
is
that
we
we've
had
some
requests
of
making
minor
changes
to
that
section,
but
I
think
we've
labored
it
on
quite
so
long
that
I
don't
see
any
serious
objection
to
it,
but
any
modification
invites
serious
objection,
so
I'm
I'm
quite
happy
with
what
the
current
text
is,
which
is
that
it's
advising
against
attribution
and
protocols.
It's
saying
that
overall,
privacy,
security
and
censorship,
resistance
and
anonymity
and
pseudonymity
are
values
in
conflict
with
attribution,
and
it's
advising
against
it
for
now.
K
So
personally,
I
suggest
not
making
any
further
changes
to
this
section
yeah,
so
I
I
for
now
I
actually
would
love
to
hear
from
mallory
or,
if
colin,
is
in
the
room
as
as
well
what
the
next
steps
are
and
news.
If
I
missed
anything,
please
do
step
on
the
mic
and
add
it.
B
Great
thanks,
thanks
about
go
ahead.
L
I
I'm
not
sure
I
can
do
this
through
the
meeting
of
interpretive
dance
like
niels
did,
but
so
thank
you
for
updating
the
draft
and
taking
my
concerns
into
your
account.
So
I
I
see
you
you've,
put
put
a
lot
of
effort
into
this
and
there's
been
a
a
lot
of
changes
made
and
it
appreciate
the
work
you
put
in
here.
L
Sorry,
I'm
just
trying
to
to
juggle
windows
here,
wait
for
the
comments
on
remedy
and
attribution,
which
I
think
you
mentioned
on
your
previous
slide.
I
mean
that
this.
L
This
is
clearly
an
area
where
that
there's
been
some
difficulty
reaching
consensus
in
in
the
group,
and
you
know
I
I'm
I'm,
certainly
not
a
human
rights
expert
and-
and
I
don't
understand
that
the
legal
aspects
here
so
I'm
not
going
to
push
hard
on
this
as
a
protocol
designer,
though
I
I
sort
of
struggle
to
see
what
that
section
is
getting
at,
I
I
don't
know
if
you
know
I
I
suggested
an
example
as
a
way
of
helping
me
understand
what
that
meant,
and
maybe
that's
that's
difficult
to
provide
and
maybe
there's
some
other
clarification
that
might
be
possible,
and
maybe
you
know
maybe
we
just
have
to
accept
that.
L
K
Thanks
if,
if
if
I
may
just
quickly
respond,
I
I
think
that
again,
a
remedy
and
attribution
are
part
of
the
human
rights
framework
they
find
mentioned
in
the
guiding
principles
for
business
and
human
rights
as
well.
K
So
I
think
john
kuran
made
like
specifically
pointed
this
out-
that's
where
the
section
also
came
from
that
may
perhaps
it's
not
the
best
decision
to
just
shy
away
from
it
and
to
include
it
and
discuss
the
trade-offs
in
this
particular
case
like
when
it
comes
to
designing
protocols,
and
I
I
also
think
I
I
would
say
like
largely
if
I
get
the
consensus
right-
is
that
having
an
element
in
the
protocol
that
provides
attribution
is
overall
against
the
other
values
we're
discussing
of
privacy,
security
and
there's
so
much
on
on
that
side
of
privacy,
security,
anonymity,
so
pseudonymity
that
attribute
is,
and
what
we
say
here
is
that
attribution
is
probably
again
like.
K
So
you
should
it's
not
important
to
include
this.
Considering
the
other
factors,
that's
this
consensus.
I
sense
on
the
group.
I
think
in
favor
of
inclusion,
including
this
at
all,
was
the
fact
that
it
is
in
those
documents
and
we
shouldn't
shy
away
from
mentioning
it,
but
I
think
it
accurately
represents
the
consensus.
I
I
think
that
making
any
other
changes
would
I
mean
we've
discussed
this
like
four
or
five
times
now.
K
I
I
I
don't
know
yeah
if
any
better
solution
is
possible,
so
I
I
but
but
yeah
mallory,
if
you
think
like
I'm
or
also
like
you,
think,
I'm
not
capturing
the
consensus
as
well.
Please
let
me
know.
L
L
I
made
a
comment
about
how
the
rights
interpreted
differently
in
different
parts
of
the
world,
and
I
I
get
the
idea
that
the
the
authors
have
a
particular
view
of
how
to
interpret
the
various
rights
and
have
some
understanding
of
what's
what's
meant
by
these
various
concerns.
L
But
as
someone
who
is
coming
to
this,
who
is
is
not
a
human
rights
expert
and
you
know
to
the
extent
I
see
human
rights
discussed
it's
in
the
context
of
the
national
laws,
and
you
know
the
regulations.
I
need
to
apply
to
it's
hard
for
me
to
necessarily
understand
what
what
you're
meaning
by
some
of
these
rights-
and
you
know
my
comment
about
trying
to
give
some
examples-
was-
was
not
because
I
wanted
an
exhaustive
discussion
of
how
different
countries
do
it.
L
It
was
just
because
I
was
finding
it
hard
to
relate
the
quite
abstract
discussion
into
concrete
principles
that
I
need
to
apply
when
I'm
building
a
protocol
or
of
designing
a
system,
and
I
I
think
this
this
section
is
one
of
those
where
that's
especially
an
issue.
K
I
understood
so
so
to
go
in
sequence.
I
think
the
first
part
on
attribution
for
in
terms
of
practical
guidance,
it
means
don't
consider
it
like.
There's
no
need
to
that.
That's
that's
my
reading
of
it
like
don't,
consider
attribution
while
designing
it,
because
it
goes
against
the
other
values
discussed
in
the
document.
On
the
second
part,
I
I
fully
understand
what.
L
Slightly
more
basically
tell
me
what
what
you
mean
by
attribution
and
what
you
mean
by
remedy
before
you
then
go
into
that
discussion.
B
So
I've
pasted
the
text
in
the
chat
because
I
think
sometimes
it
gets
lost
where
this
appears.
Why
in
a
human
rights
document,
will
be
talking
about
attribution
it's
because
there
is
a
right
to
remedy.
So
that
means
you,
you
sort
of
give
people
the
some
recourse
to
harms
and
one
way
that
you
might
do
that
is
through
attribution,
but
you
wouldn't
necess.
So
that's
a
balance.
B
So
that's
what
that's
that's
where
it's
situated
in
that
section
and
I
think
otherwise
it
wouldn't
come
up,
because
I
don't
think
there's
there's
no
like
right
to
attribution.
That's
a
sort
of
that
would
be
not
included
in
here,
but
it's
related
to
the
right
to
remedy,
so
it's
actually
kind
of
minor
in
the
grand
scheme
of
things.
It's
really
not.
It
doesn't
feature
that
large,
and
so
I
wonder
if
there
would
be
text
that
maybe
better
explains
that
I
mean
I
think
it's
it,
the
the
amount
of
text.
B
You
know
the
the
sort
of
tone
of
the
rest
of
the
thing,
but
if
there's
maybe
a
because
it
it
also
it
links
I'm
looking
at
the
the
the
references
in
that
text,
they're
a
bit
vague,
so
it
could
be
that
that
we
could
bring
forward
some
text
from
the
the
david
k
reference.
Maybe
one
sentence
or
we
could
just
leave
it,
as
is
because
I
think
that
reference
would
probably
explain
it
better,
but
anyway,
point
taken.
I.
L
Yeah,
it's
just
you
know
th.
This
is
this
is
written
from
the
point
of
view
of
a
set
of
authors
who
who
have
a
clear
understanding
of
what
these
rights
mean
and
how
how
they
believe
they're
interpreted.
I
I'm
just
not
sure
of
the
the
protocol
designers
reading
it
have
that
context.
L
In
that
background,
and
and
that's
where,
where
I'm
I'm
struggling
with
it
in
places
and
there's
a
bunch
of
technical
nuance
which
we
can
follow
up
on
the
list,
and
I
think
that
that's
been,
you
know
greatly
improved,
and
you
know
I
I
yeah
I
apologize.
I
haven't
had
time
to
go
through
all
the
details
of
that,
but
I
will
follow
up
on
the
technical
things,
but
conceptually
it's
just
just
make
sure
the
context
and
how
the
rights
are
interpreted.
L
B
And
so
for
next
steps
colin,
I
think
that
it
would
be
good
to
have
your
sort
of
re-review
and
make
sure
that
there
aren't
any
other
outstanding
issues
because,
as
far
as
I
understand
as
well
from
my
perspective,
sort
of
the
doc
shepard
chair-
and
it
seems
to
me
that
that
is
that
that
was
the
sort
of
last
sticking
point
and
then
I
think
everyone
everything
else
has
been
resolved,
but
that
that
depends
on
you
and
and
whether
or
not
this
draft
would
progress
quickly.
Thereafter,
yeah.
L
Yeah
I
I
do
have
some
technical
comments.
I
haven't
had
a
chance
to
write
them
up
properly,
but
it
is
certainly
going
in
the
right
direction
and
it's
that
the
changes
made
a
big
improvement.
I
think
but
yeah
I
I
will
try
and
review
it
carefully
in
the
next
few
weeks.
C
I
was
going
to
say
the
same
as
the
mallory
and
I
was
thinking
maybe
the
same
as
making
the
reference
clear
or
maybe
moving
it
a
little
bit
somewhere.
So
it's
more
clear
prior
to
just
say
using
attribution
in
the
text,
rather
just
maybe
moving
it
a
little
bit
further
yeah.
So
take.
G
K
Yes,
perfect!
No,
note
it
so
I'll,
we'll
work
on
that
and
push
an
update
to
the
remedy
section
and
and
call
and
look
forward
to
your
other
feedback
thanks.
So
much.
F
Here
we
go
talking
about
draft
association.
Me
giles
perez
gizella,
president
mallory
we've
all
been
working
on
this
to
expand
and
deepen
the
relationship
between
specific
rights
and
protocols.
That's
the
second
part
of
our
charters
are
trying
to
implement
that.
F
So
what
we've
been
working
on
is
that
we've
been
working
on
this
for
five
years
now,
so
we
have
a
little
birthday
of
this
draft
excellent.
So
this
has
been
an
rg
document
for
three
and
a
half
years
with
authors
from
academia,
civil
society
in
different
geographies
and
disciplines,
and
now
we've
had
a
review
and
a
new
doc
shepherd
that
we've
been
waiting
for
a
while
welcome
nick
thanks.
So
much
for
agreeing
to
be
the
document
shepard.
That
is
excellent.
F
So
what
happened
since
zero?
Seven
we've
added
definitions:
the
abstract
has
been
cleaned
up
and
added
conclusions,
as
suggested
by
nick
removed
explanation
methodology
from
rfc
8280
to
make
things
less
messy
many
nits
many
language
things
where
you
can
also
see
the
different
geographies
and
the
different
mother
tongues
that
were
not
english
shining
through
in
the
text.
Sorry
about
all
the
dutchisms
and
all
that
and
then
spanglish
and
yeah.
F
It
was
beautiful
thing,
but
now
more
a
bit
better
grammar
bit
better
language,
better
language,
on
accessibility,
added
emphasis
to
the
documents
about
human
rights
as
per
the
hrpc
charter,
and
not
implementation
in
national
laws.
That
could
definitely
be
another
document,
but
we've
talked
about
this
before
what
could
be
done
for
10
is
work
together
with
the
shepherd
of
course,
because,
based
on
the
shepard's
review,
I
post
a
new
review
so
happy
to
discuss
with
the
shepherd
what
could
be
done.
F
But
what
I
think
that
could
have
more
work
is
clearer,
connect.
The
case
studies
no
clearer,
connect
the
questions
that
arise
from
the
literature
review
to
the
case
studies,
because
that
is
the
the
direction
we
went
on
and
we
try
to
fill
in.
That
is
not
necessarily
as
strong
as
it
can,
so
perhaps
we
should
make
that
stronger,
but
happy
to
work
on
that
with
the
with
the
document
shadow
part
and
follow
the
document,
shippers
and
the
chairs
and
the
rg's
opinion
on
that.
B
Thanks
a
lot
thanks,
a
lot
niels,
any
comments
on
that
I
mean
I
I
I'm
an
author,
so
I
think,
with
the
author
hat
on,
I'm
really
grateful
for
the
review
from
nick,
because
I
think
it's
making
the
smooth
the
document
much
stronger
and
we've
already
been
yeah.
Okay
nick
go
ahead.
J
Okay,
great
thanks
niels
for
the
very
quick
summary-
and
I
know
we're
short
on
time,
so
I
I
won't.
I
won't
go
into
depth
right
now,
thanks
for
doing
those
very
quick
responses
and
I'm
certainly
happy
to
help
with
those
steps,
I
think
that's
a
reasonable
plan
for
what
our
next
step
should
be.
J
I
think
there
probably
are
still
some
more
edits
we
can
make
and-
and
I
do
like
yeah
trying
to
make
those
clear
connections
between
both
the
lit
review,
which
is
you
know
something
that's
useful
out
of
the
document
and
the
direct
cases
and
then
I'm
sort
of
curious
for
the
for
the
chairs
and
for
the
research
group
as
a
whole.
It
seems
like
we
have
been
talking
about
this
document
for
a
long
time
once
we've
done
those
edits,
maybe
we're
ready
for
a
last
call
and
and
then
as
shepard.
B
It
seems
to
me
as
well
that
that
would
be
the
next
step,
because
I
I
feel
that
sort
of
once
we
did
the
redesign,
and
I
can't
remember
if
it
was
a
year
ago
or
two
years
ago.
I
think
it
was
two
years
ago
the
sort
of
reworking
of
the
whole
thing.
It's
really
flowed
quite
smoothly
from
that
point
forward,
so
I
wouldn't
think
there
would
be
a
lot
of
hang
up
after
we
smooth
that
out,
but
we'll
see.
B
All
right,
let's
take
it
to
the
list,
so
yeah
lenny.
I
would
love
to
invite
you
up
because
we
have
10
minutes
left.
I'm
sorry,
you
didn't
get
your
full
15.,
but
I'm
just
really
glad
to
have
you
here
to
talk
about
a
draft
that
I
know
you've
presented
elsewhere
as
well.
B
So
yeah
welcome
and
are
you
able
to?
I
don't
know
if
you
have
slides
or
if
you'd
just
like
to.
N
I
do
sorry
I
didn't
I
didn't
submit
them
to
you.
Did
I
that's.
N
M
N
N
So
gonna
briefly
go
through
a
a
recent
draft
on
considerations
for
regional
internet
blocking
this
was
presented
at
ipeg
and
int
area
and
given
some
of
the
overlapping
themes
thought
it
might
be
interesting
to
present
here
and
get
some
of
the
feedback
of
the
folks
in
this
group
to
start
with
disclaimers.
This
is
the
content
is
solely
the
views
and
ideas
of
the
authors
and
doesn't
reflect
those
of
any
of
the
organizations
with
which
we
are
affiliated
also
to
be
very
clear.
N
N
Let's
start
with
the
motivation
of
the
draft,
so
you
know
in
light
of
recent
events,
there
have
been
discussions
of
internet
sanctioning
or
blocking
internet
connectivity
for
a
region
or
a
nation,
and
what
we
wanted
to
do
is
basically
describe
what
that
would
look
like
describe
some
well-known
approaches
for
blocking
connectivity
and
what
are
the
implications?
What
would
be
the
positive,
the
negative,
the
advantages,
the
disadvantages,
some
of
the
consequences
intended
and
unintended
kind
of
our
audience.
N
The
intended
audience
is
policy
makers
and
the
general
public
at
large.
The
idea
is
in
order
to
have
a
good
policy
depends
upon
good,
unbiased
information,
so
our
goal
is
to
describe
kind
of
try
to
stay
in
our
swim
lanes,
as
as
as
engineers
for
for
folks
who
may
be
considering
this
kind
of
policy
explain
what
it
would
look
like
how
it
would
work
technically,
would
it
and
and
addre,
and
and
talk
about
some
of
the
intended
and
unintended
consequences
as
well.
N
As
you
know,
efficacy,
what
this
document
is
not
is
advocacy
for
against
any
particular
policy.
It
is
not
political
opinion.
We
don't
go
into
the
ethics
of
of
of
of
blocking.
Also,
obviously,
there's.
You
know
an
obvious
event
episode
geopolitical
episode
going
on
right
now
that
kind
of
inspired
this,
but
our
goal
is
to
make
it
generic
enough
that
it
would
be
applicable
to
future
events
as
well
and
not
just
one
singular
event.
N
Also.
This
is
not
a
about
blocking
against
security
threats
coming
out
of
a
region,
but
more
like
you
know
what
would
happen
if
one
wanted
to
do
the
equivalent
of
you
know
economic
sanctions
for
the
internet
kind
of
connectivity
sanctions,
it's
also
not
a
how-to
guide
on
weaponizing,
the
internet
or
exposing
industry
secrets
or
seeding
the
minds
of
folks
with.
I,
you
know,
novel
approaches
to
fragmenting
the
internet.
N
We
limited
this
to
just
well-known
approaches
that
operators
use
for
legitimate
blocking
purposes
and
what,
if
they
use,
use
these
well-known
approaches
to
attempt
to
block
an
entire
country
or
region,
we
also
didn't
go
into
malicious
attacks.
It's
a
it's
an
interesting
topic,
probably
worth
you
know
its
own
document,
but
it
was
just
too
broad
of
a
of
a
topic
and
something
that
was
outside
the
expertise
of
the
author.
So
we
left
that
out
of
scope.
N
So
with
that
out
of
the
way
the
meat
of
the
document,
the
blocking
techniques
we
started
kind
of
at
the
physical
layer
and
worked
our
way
up.
These
are
again
nothing
groundbreaking,
nothing
secret.
You
know
disk
disconnecting
cables.
What
that
would
do?
What
that
would
look
like
you
know
the
advantages
and
disadvantages
of
that
approach.
Moving
on
up
to
the
the
control
plane,
the
routing
layer
d-peering
in
bgp,
as
well
as
bgp
route,
filtering,
prefix,
based
or
asn.
N
Based
then
moving
along
to
a
data
plane
packet
layer,
filtering
things
like
geoip
access
control
lists
what
they
do,
what
they
don't
do,
some
of
the
challenges
and
then
dns
review
things
like
undelegating
top
level
domains
and
other
domains
could
be
one
approach,
as
well
as
blocking
resolution
requests
from
resolving
name
servers
or
in-house
within
a
region
again,
nothing
really.
These
are
pretty
pedestrian
approaches
that
are
pretty
well
understood
by
the
types
of
people
who
attend
ietf.
N
But
the
idea
is
about
educating
those
who
don't
and
who
might
want
to
know
and
might
want
to
understand
what
are
the
challenge.
You
know
what
are
some
of
the
options,
and
you
know
what
are
the
technical
implications
of
each
of
these.
N
N
For
example,
the
policymaker
might
want
messages
to
get
into
and
out
of
a
region
and
blocking
would
would
hinder
that
they
may
want
certain
parties
say,
for
example,
opposition
groups
within
the
targeted
region.
They
might
want
them
to
freely
communicate
and
coordinate
activities
and
hindering
connectivity
would
obviously.
N
Hinder
that
also
blocking
connectivity
may
actually
empower
a
a
a
party
that
is
targeted
for
sanction.
You
know
could
allow,
for
example,
a
regime
that
is
targeted
to
actually
consolidate
its
power
and
and
and
prevent
alternative
messaging
from
being
accessed.
N
The
network
again
doesn't
discriminate
between
good
and
bad
bits.
It's
just
transmits
bits,
whether
they
form
good
or
bad
messages.
Other
challenges
to
be
aware
are
things
to
be
aware
of.
Asns
and
prefixes
are
not
allocated
based
on
geopolitical
boundaries,
they're
roughly
allocated
based
on
region,
but
over
time.
You
know,
for
example,
an
entity,
an
organization
within
a
country.
It's
it's.
N
It's
fairly
easy
to
see
all
the
assignments
asn
or
route
assignments
to
to
entities
within
a
region,
but
those
entities
may
be
say
acquired
by
larger
multinational
organizations
and
those
announcements
could
could
those
bgp,
asn
announcements
or
prefix
announcements
could
could
appear
in
different
regions
over
time.
Also,
registry
information
is
notoriously
inaccurate.
N
N
Up
gotcha
related
work,
they're,
they're
they're,
you
know,
rfc
7754
focuses
more
on
higher
level
issues
than
than
blocking
routing
infrastructure.
N
Also,
its
focus
is
a
little
bit
different,
not
so
much
sanction,
but
there
are
overlapping
themes
and
there's
the
censorship
document
which
I'm
sure
folks
in
this
group
are
more
than
aware
of
again
it's
a
different
focus,
but
there
are
some
there's
some
overlap
in
terms
of
next
steps.
You
know
we
presented
this
at
interior
to
and
requested
adoption
because
it
was
determined
that
consensus
was
was
there
was
not
consensus
to
adopt
it,
but
the
question
we
had
was:
is
this
a
useful
document?
Is
this
worth
pursuing?
B
Yes,
anyone
needs
to
join
the
queue
get
on
mike
that'd,
be
preferable.
B
I
want
to
just
point
out
nick's
comment
in
the
chat
which
I
would
agree
with
as
author
of
or
one
of
the
co-authors
late
coming
co-authors,
with
the
censorship
draft
in
perigee
on
section.
5.3.2
of
that
document
feels
like
if
there
are
improvements
that
could
be
made
to
that
section,
based
on
what
you've
documented
in
yours,
we'd
really
welcome
that
and
niels
go
ahead
and
then
followed
by
stefan
in
the
room
go
ahead.
Niels.
F
Thanks
for
the
work
and
thanks
for
presenting
it,
I
think
that
if
you
want
to
reach
a
general
audience,
rfcs
might
be
the
worst
place.
F
From
experience,
I
try
to
get
people
to
read
them
even
students
and
they're
just
so
it
might
not
be
the
best
place
if
you
want
to
do
that,
and
the
work
on
draft
censorship
has
been
going
on
for
such
a
long
time
and
it
would
be
really
great
to
not
start
it.
There
was
a
reason
it
took
very
long
and
that's
why
we
get
it
there,
so
it
would
be
really
great
if
we
could
make
it
part
of
that
and
not
do
another
process
of
that.
N
Sure,
thanks
for
the
feedback,
our
goal
was
to
make
it
a
nice
short
document
that
might
be
consumable
by
the
general
public,
but
yeah.
Thanks
for
the
suggestion.
G
Go
ahead,
I
I
think
that
the
document
is
useful.
I
agree
with
nils
that
it
would
be
if,
in
order
to
outwit
the
general
public,
something
from
isaac,
for
instance,
would
be
probably
better,
but
it's
not
a
problem.
I
mean
it
can
be
two
different
work.
One
of
the
ietf
focused
on
technical
precision
on
one
advisor
focused
on
explaining
good
general
public.
There
is
one
thing
missing.
Maybe
in
the
document
is
that
disconnecting
from
the
internet,
it
depends
on
what
you
call
the
internet.
G
I
mean
it's
not
something
you
subscribe
to
when
you're
our
country,
you
have
also
a
lot
of
internal
connection
service,
and
so
it
it
may
be
deserve
some
discussion
about
what
does
it
mean
exactly
to
be
cut
from
the
international
cuts
not
from
the
internet
are
cut
from
other
countries
which
may
or
may
not
be
equivalent.
G
Imagine
sanctions
against
the
united
states,
and
can
we
disconnect
the
united
states
from
the
internet?
That
would
be
an
interesting
soft
experiment.
N
N
It
was
brought
up
that
isak
does
have
a
position
on
this
and
and
and
has
articulated
that
pretty
eloquently
and
other
organizations
have
as
well.
I
can
I've
seen
again
we're
we're
trying
to
do
something,
a
little
different
which
is
not
advocate
one
thing
or
another.
That's
you
know
what
we're
trying
to
do
is
describe
what
it
would
look
like,
so
that
those
who
do
advocate
can
do
so
with
good
sober
technical
information.
N
We
feel
it's
kind
of
you
know
the
more
appropriate,
for
you
know
engineers
to
say
you
know
if
you're
thinking
about
doing
this,
we're
not
gonna
say
if
this
is
a
good
or
a
bad
idea.
But
if
you
are
thinking
about
this,
here's
what
you
should
know
so
that
you
can
decide
yourself.
Is
this
a
good
or
bad
idea?
N
So
that's
kind
of
the
goal-
and
it's
just
a
question
of
you
know,
is-
is:
is
there
a
consensus
within
ietf
to
actually
do
that
in
terms
of
the
mention
about
poor?
There
is
a
section
on
porous
borders
that
I
think
tries
to
capture
what
you
described.
The
challenge
is
that
you
know
it's
really
not
easy
to
just
disconnect
the
country
and
what
that
means
again.
B
So
yeah,
I
joined
the
queue
as
chair
just
in
response
to
the
chat,
if
there's
interest
here
in
this
draft
since
it
didn't
seem
that
into
area
would
progress
with
it
and
I
think
both
sofia
and
I
are
on
the
same
page
that
we're
not
in
favor
of
adopting
it
here.
But
it
has
been
an
important
discussion
on
the
list,
and
so
we
welcome
that
and
are
glad
that
you
came
to
present
it
here,
because
I
do
think
it's
been
useful
for
folks
to
that.
B
Have
that
have
a
history
with
working
on
draft
censorship
which
isn't
even
in
this
working
group.
So
I
think
the
or
the
research
group
I
think
the
the
action
would
probably
be
to
follow
up
with
a
message
to
the
privacy
research
group
list
about
this
draft
to
see
if
there's
further
discussion
or
interest
from
the
research
group
in
adopting
some
of
the
texts
in
the
censorship
draft.
Although
that
draft
is
probably
going
to
next
call
soon.
B
But
that
again,
you
know
happy
to
have
had
you
discuss
here
since
it
followed
on
from
such
a
strong
discussion
on
the
list,
but
yeah
and
and
thanks
again,
for
that
we
have
a
few
more
folks
in
the
queue
and
I'm
I'm
willing
to
keep
going
over
time.
O
As
long
as
you
need
echo,
I
shut
down
my
pc
already,
so
I
could
not
join
the
queue
to
you.
Stefan,
my
name
is
eric
wink.
I
am
also
the
internet,
arria
director
and
just
to
mention
again
that
andrew
sullivan
from
ice
up,
the
society
has
published
a
nice
paper
two
weeks
ago,
something
which
is
more
on
the
political
aspect
and
it's
really
well
written.
That's
all
I
need
to
say
thank
you.
N
D
E
Good
afternoon,
good
morning,
good
evening
to
people
this
is
an
interesting
draft.
Thanks
to
the
authors
for
for
writing
things
down
and
what
I
was
going
to
say.
Lenny
and
tony
is,
I
think
it
it's.
E
E
I
I
suspect
that
there's
a
fair
amount,
more
elaboration
and
maybe
a
bit
more
discussion
on
goals,
not
not
to
say
you
know
not
to
wade
into
a
you
know
what
goal
is
good
versus
what
goal
is
bad,
but
what
goals
can
be
achieved
just
to
be
a
little
crisper
in
the
draft
around
that
and
then
to
examine
each
of
the
mechanisms
that
you
talk
about
just
a
little
bit
more
crisply
in
that
regard,
and
I
think
you
would
find
I
I
think,
actually
what
what
that
will
lead
people
to,
I
think
likely
very
good
conclusions
from
my
own
political
perspective,
because
this
is
a
obviously
a
field
fraught
with
landmines,
if
you
will
in
the
intellectual
sense-
and
so
I
do
appreciate
the
work
and
I
look
forward
to
seeing
it
continue
somewhere.
N
Thank
you
and
yeah.
You
know,
like
I
said
we're.
We
tried
to
balance
it
with
keeping
things
at
a
high
level.
Again,
we
didn't
want
to
plant
seeds
and
give
people
ideas
and
also
we
want
to
make
it
readable.
To
you
know,
a
50-page
document
is
probably
not
going
to
be.
N
You
know,
readable
to
the
audience
that
we
were
hoping
for,
and
we
didn't
want
to
just
kind
of
live
in
an
echo
chamber
with
an
ietf
of
people
who
already
know
this
stuff,
but
more
as
a
work
that
the
people
who
do
know
this
stuff
want
the
people
who
don't
know
this
kind
of
stuff
to
to
to
know
and
understand,
so
that
they
can
come
to
better
informed
decisions.
B
Yeah
just
briefly
bringing
forward
some
discussion
from
into
area
yesterday,
just
felt
that
it
wasn't
a
great
representation
of
ietf's
mandate
to
keep
everything
connected.
So
it
would
obviously
be
useful
for
folks
who
missed
that
you
can
watch
it
on
youtube
as
well,
anyway,
ben
you're,
the
last
one
on
the
queue
go
right
ahead.
P
Thanks
ben
schwartz,
so
having
had
some
more
time
to
think
about
this
draft,
I
think
that
the
the
best
way
to
make
it
more
useful
would
be
to
change
the
intended
audience.
I
don't
think
that
ietf
documents
are
an
effective
way
to
speak
to
effectively
governments
and
policy
makers,
which,
in
my
view,
is
the
is
the
implicit
audience
here,
because
this
is
about
it's
phrased
in
terms
of
countries
and
and
so
we're
talking
about
actions
that
countries
take
relative
to
each
other.
P
I
think
that's
not
an
audience
that
the
ietf
can
reach
very
effectively,
and
I
think
that
we
we
have
a
real
risk
of
miscommunication.
If
we
try
to
reach
for
that
audience,
I
think
that
what
might
be
more
productive
here
would
be
to
focus
on
the
audience
we
can
reach,
which
is
technical
service
operators,
and
I
think,
there's
a
really
interesting
question
in
there
that
that
you
are
close
to
addressing,
which
is
as
a
as
an
individual
service
operator.
Maybe
an
authoritative,
dns
service
operator
may
be
a
peering
provider.
P
Under
what
circumstance
is
it?
You
know
what
what
should
my
considerations
be
when
I'm
thinking
about
ceasing
to
do
business
with
somebody?
P
You
know
what
are
some,
what
are
some
reasons
why
you
know
what
are
some
goals
that
I
might
be
able
to
achieve
by
deciding
that
I'm
no
longer
willing
to,
for
example,
peer
with
another
as
and
what
are
some
goals
that
I'm
not
going
to
be
able
to
achieve
that
way?.
N
Yeah,
that's
that's
interesting
feedback.
You
know
tony
and
melchior,
and
I
are
you
know,
trying
to
reassess
what
would
be
the
you
know
best
next
steps.
N
You
know,
I'm
I'm
personally
of
the
belief
that
it
would
be
good
if
the
ietf
produced
documents
that
aren't
just
to
be
consumed
by
those.
You
know
preaching
to
the
choir
who
are
only
in
an
itf,
and
I
think
you
know
the
organization
would
be
more
effective
and
maybe
the
world
would
be
a
better
place
if,
if
our
documents
were
were
more
consumable
by
the
general
public
who
are
interested
in
learning
and
understanding
about
the
you
know
such
a
vital
technology.
N
So
but
I
mean
that's,
that's
a
fair
point
that
it
is
challenging
and
you
know
the
idea
of
writing
something
for
operators.
That's.
You
know
an
interesting,
an
interesting
idea
that
I
know
that
the
other
tony
mel
and
I
will
definitely
consider
so.
Thank
you.
N
Welcome
we'd
welcome
any
other
comments
on
the
list
or
emails
to
the
authors.
We'd
be
happy
to
hear
any
other
feedback
and
ideas,
we're
kind
of
open
to
anything.
B
Great,
thank
you
mallory
yep
thanks.
So
much
thanks
to
the
note
takers
for
today's
meeting.
Thanks
to
everybody
who
participated
by
joining
the
queue
and
in
the
chat
really
had
a
great
session
and
sorry,
we
ran
out
of
time
thanks
the
medeco
folks
and
the
people
in
the
room
who
stuck
around
for
us.
So
that's
it.
This
concludes
113
for
hrpc
and
see
you
next
time
and
see
you
on
the
list.