Internet Standards and Surveillance by Design

Comments from IETF worker,(www.ietf.org)

Jon Crowcroft (jon@cs.ucl.ac.uk)

Internet Staff Member, and currently

Member of Internet Architecture Board (www.iab.org)

Who am I?

Professor of Computer Science, University College London (http://www.cs.ucl.ac.uk/staff/jon/)

Worked on Internet Protocols for 20 years

Funded by DARPA, HMG, and EU and industry.

What I’ll Talk About…

RFC1984 states IAB and IESG views on requirements for best strength privacy

Recent IETF discussion on legal intercept/wiretap, I.e. consequenecs of CALEA

Also, a few words about the non-implementabilty of RIP

Who IAB/IESG/IETF speak for?

IETF is representative of individual engineers

IESG provide technical leadership

IAB provide strategic guidance

Volunteer organisations – M.O. is best expressed as “Rough Consensus and Working Code”

Very unlike ITU/ETSI (with whom we have liason agreements) which are government or treaty orgs – we are answerable to our membership, which is anyone and everyone.

Why is IP more important?

Next generation mobile, TV and even fixed telephone nets will all be based on IP like principles (if not n IPv4 or IPv6)

To get commodity value and prices, you need to use this technology – when you do this, it gets provided by all to all – there are no more telco/PTT/PNO oligarchies….

What we said

Open Access to Strong Crypto is non negotiable for technical reasons. It is a mandatory requirement.

Specialised Technology in the form of standards are a non requirement in IP networks. At the application level, intercept is easy; at the IP level, impossible.

Mandatory Privacy

Strong crypto is needed for operation and maintenance – preferably public key crypto with certification chains (like PGP)

Needed for safety of critical infrastructure, but service providers and users are indistinguishable in the Internet – hence must be available to all.

Infeasibility of RIP

Dynamic Routing

Multiple administrations (>40,000 ISPs)

Asymmetric inter-domain (BGP) routes – most international paths involve 3 or more administrations if you want to trace a conversation.

Triangular mobile IP routes

Multicast anonymity, Etc etc etc

IP level intercept considered braindead

First you need to capture and filter packets on fiber in most core and inter-tier-1 provider points at >10Gbps now. Computers don’t have fast enough memory or buses to store more than a couple of seconds of this. In 2001, UK academic nets, for example, would require 2 terabits per second worth of storage. You can’t filter, ship or store this:

Say you need to ship it somewhere – over what network? The net would have to be the square of its current speed – the agencies can’t afford this …

Close

I can rehearse the arguments from RFC1984, and I could re-summarise the raven debate on CALEA and IP but these are all available online

What is necessary in the EU is to inject some technical clue into the service provider community, imho, ASAP


	Comments from IETF worker,(www.ietf.org)
	Jon Crowcroft (jon@cs.ucl.ac.uk)
	Internet Staff Member, and currently
	Member of Internet Architecture Board (www.iab.org)


	Professor of Computer Science, University College London (http://www.cs.ucl.ac.uk/staff/jon/)
	Worked on Internet Protocols for 20 years
	Funded by DARPA, HMG, and EU and industry.


	RFC1984 states IAB and IESG views on requirements for best strength privacy
	Recent IETF discussion on legal intercept/wiretap, I.e. consequenecs of CALEA
	Also, a few words about the non-implementabilty of RIP


	IETF is representative of individual engineers
	IESG provide technical leadership
	IAB provide strategic guidance
	Volunteer organisations – M.O. is best expressed as “Rough Consensus and Working Code”
		Very unlike ITU/ETSI (with whom we have liason agreements) which are government or treaty orgs – we are answerable to our membership, which is anyone and everyone.


	Next generation mobile, TV and even fixed telephone nets will all be based on IP like principles (if not n IPv4 or IPv6)
	To get commodity value and prices, you need to use this technology – when you do this, it gets provided by all to all – there are no more telco/PTT/PNO oligarchies….


	Open Access to Strong Crypto is non negotiable for technical reasons. It is a mandatory requirement.
	Specialised Technology in the form of standards are a non requirement in IP networks. At the application level, intercept is easy; at the IP level, impossible.


	Strong crypto is needed for operation and maintenance – preferably public key crypto with certification chains (like PGP)
	Needed for safety of critical infrastructure, but service providers and users are indistinguishable in the Internet – hence must be available to all.


	Dynamic Routing
	Multiple administrations (>40,000 ISPs)
	Asymmetric inter-domain (BGP) routes – most international paths involve 3 or more administrations if you want to trace a conversation.
	Triangular mobile IP routes
	Multicast anonymity, Etc etc etc


	First you need to capture and filter packets on fiber in most core and inter-tier-1 provider points at >10Gbps now. Computers don’t have fast enough memory or buses to store more than a couple of seconds of this. In 2001, UK academic nets, for example, would require 2 terabits per second worth of storage. You can’t filter, ship or store this:
	Say you need to ship it somewhere – over what network? The net would have to be the square of its current speed – the agencies can’t afford this …


	I can rehearse the arguments from RFC1984, and I could re-summarise the raven debate on CALEA and IP but these are all available online
	What is necessary in the EU is to inject some technical clue into the service provider community, imho, ASAP