Skip to main content

Minutes IETF114: iabopen: Tue 13:30
minutes-114-iabopen-202207261330-00

The information below is for an old version of the document.
Meeting Minutes IAB Open Meeting (iabopen) AG Snapshot
Date and time 2022-07-26 17:30
Title Minutes IETF114: iabopen: Tue 13:30
State Active
Other versions markdown
Last updated 2022-07-26

minutes-114-iabopen-202207261330-00

IABOpen Agenda IETF114

Chairs: Mirja Kühlewind, David Schinazi

Topics

Welcome and Status Update (10 mins) - Mirja/David

Slides: Welcome and Status Update

Document Updates

Program Updates

Mark McFadden: I hope you don't close Model-T and instead inject some
energy into it. There are 5 drafts. What the IAB sees as a symptom is
something I think the IAB could solve by providing some of the energy.
One interim meeting doesn't seem like enough to me. My input is, don't
close it, and if you do, make sure you have a place to go with those
documents and contributions.

Mirja Kühelwind: I well understand that desire and that it's not
satisfying to just close the program. But the purpose is to trigger a
conversation in the community, and we don't see the goal acheived. There
are documents that have contributed to the discussion, but a lot of
these were not considered for publication on the IAB stream. We
discussed today that we need a venue for these documents, and I know
that it is frustrating, but I don't think it will be in the IAB. I think
it will be on you to bring the docs to the right place. There are
research groups like PEARG or HRPC, or maybe go to the SEC Area and keep
the discussion there.

Dominque Lazanski: I am the author of 2 of these drafts on threat
models. I support what Mark said, but I think it's not on us
individually, but on us collectively. There is quite a lot going on in
this area. I think this needs some zest and energy from the IAB. I would
support seeing this get another chance so we have a place to discuss
these threats and threat issues.

Mirja Kühelwind: It's important to have a place to discuss with the
community, but the program is failing to do that.

Jari Arkko: I don't think that I have all the answers; I share the pain
that was expressed at the mic. It's not that we will close this and go
away, but there is an opportunity to move some docs forward and continue
the discussions on the architecture-discuss list and other venues.

  • RFC Editor Future Development Program was closed
    • Thanks to all, especially the chairs Eliot & Brian and Peter as
      document editor!

Administrative Support Groups

Workshops

Liaison Updates: ITU-T (Scott Mansfield) (15 mins)

Slides: ITU-T Liaison Summary of work related to IETF - Scott
Mansfield

Data minimization: draft-arkko-iab-data-minimization-principle (Jari Arrko) (10 mins)

Slides: Data Minimization

Invited Talk: EU Digital Markets Act (Luís Cabral, Professor of Economics and International Business, Department of Economics, Stern School of Business, New York University) (20mins)

Slides: EU Digital Markets Act

Wes Hardaker: Thank you. I hope it comes true that this promotes
intererability at a layer higher than we usually see at the IETF these
days. What I am curious about is, does the DMA find a way to avoid some
of the legal loopholes, like finding a way to mandate instant messaging?

Luís Cabral: There are a lot of loopholes. The large corporations have a
lot more technical people who can do those kinds of things. If you are
going to start regulating us like this, we'll stop offering search on
Google--I don't think it's a credible threat.

Stephen Farrell: Dividing interoperability will take a while. From a
regulatory process, how do you see that happening?

Luís Cabral: The DMA suggests there will be a dialogue with the
gatekeepers and some interested third parties. DMA does not have in
detail exactly what it means, it just creates a platform for it to
happen.

Stephen Farrell: Is there a mention of IETF in the docs?

Luís Cabral: I don't actually know, but it should because a lot of this
will amount to technical interoperability details.

Phillip Hallam-Baker: I don't care about the companies, I care about the
users in the walled gardens, that Alice in one walled garden can get up
and move to another walled garden of her choice without losing all of
her friends and contacts.

Luís Cabral: I think this is one of the areas where the DMA is very
specific, but whether or not they can deliver it still a question. The
devil is in the details. I can think of 100 ways for Amazon to screw
this up for the third party. Technical support will be important.
Laywers and economists will not be able to solve this.

Alissa Cooper: There are many ways to acheive interoperabilty, and
standards are just one of those. Does the EC have preferences about how
this interoperability is acheived? A 1:1 dialogue with each gatekeeper
is sub-optimal from our perspective. Can you glean whether they would
prefer to see standardized solutions to some of this? And the flipside
is, there are other EC pieces of legislation that are much more detailed
about this and the need for standards. Is that meaningful, that there is
no explicit language about standardization in this, or was that just
part of the political process?

Luís Cabral: The DMA was created by a bunch of people who know nothing
about the technical details. I don't think there are any preferences,
because I don't think they have any idea how to do it. I think this is
an area where you could make an enormous contribution. I think the goal
is to end with closed systems. I think the EC would be thrilled to have
IAB contributions on this. There are different problems on the
commercial part of the Internet. I don't think there can be one size
fits all on the regulation.

Christian Huitema: I am a bit scared by what you mentioned about sharing
data. You mentioned competition as a big issue, but there is also
surveillance. Companies are acquring data about you to sell products.
Anyone can get all the data all the time, and that seems scary.

Luís Cabral: I agree. Much of this will probably fall under the digial
surveillance act, liability for users' actions. I don't know much about
the DSA, but I think your question probably refers more to that. I don't
think it's an issue of privacy per se, but of allowing proprietary
rights over user-level data.

Mallory Knodel: My quesion is, we've seen the GDPR play out for a few
years now, and I think some people would say they have notes. What are
the mechanisms to revise this, and how long will it take? What kinds of
advocacy would be useful here?

Luís Cabral: The DMA does have provisions for it to be revised in the
next few years. I would guess it will probably be a decade before the
dust is settled. There are enormous risks. There is some evidence
already that GDPR had a negative impact on small start-ups. The cookies
are what allowed a lot of them to thrive.

Open Mic (5 mins)

Please take further questions to the architecture-discuss mailing list.