From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 175663CB37 for ; Wed, 11 Oct 2023 14:06:58 -0400 (EDT) Received: by mail-pg1-x52b.google.com with SMTP id 41be03b00d2f7-5a1d91a29a0so74103a12.1 for ; Wed, 11 Oct 2023 11:06:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697047616; x=1697652416; darn=lists.bufferbloat.net; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=JQCjq/b+Li0rvATCjSVXu3fj9K3WYdj2fIqDmwOQ+hA=; b=R/rIRgqkkOv+YebYYrrNaKz+48PD928YTQ2YfqhO8Uf0iBgN/tf0YZEbP1isVK/4qX Q8Aes1pQa58IxpM+L5+Z/JoIsHB1q1Du9vMzHVB+ys5rXACtdeWqVn1iLf24ubRYJ0q3 jWRB/bXVkiQZs8uZqSr2m1+fTvmJu8YFn+S0auhswuxGjc6tcECbxRKz6GyDJ+1LXPDq IJiglxLwD+veB5a7hfI+1bVD6WaWYQmsSMqylv62vv69BQ4RMnMguJGGgrM2D3lamC7/ Di0vhxeMgyFb7WkNMYvKLGa3KXAmzjsTAOAvthWJSO3tf6+zPFSFatv5EhKFtw8YsyJx 8lSA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697047616; x=1697652416; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JQCjq/b+Li0rvATCjSVXu3fj9K3WYdj2fIqDmwOQ+hA=; b=pgRMZhTIUnomy11EZrTLFlFxK41pUB1d/KyZfVwPoAozIoaf+B17Gig17hKClPFEAm x5eJ0oVUVCBc38kwN+hmi52BTNyIdiba9AzMDBmFiO1GinydUkdm63Y46/fA8+QAjeo+ Mz3bXjg6cq5ey3WugGnWokU3D8QUHq18LyEFiYV7FMxoRu6+vsutjP7YFFaUzzMWAa2t mHjECiR4CcdkRms+iIGtM3Ldh3GHpPsyUbGKXBn4MXQGRBuM/ErzNPAi/VRBJGzdGZ3W 6/BhaasqyrpMZxq94Ebfm0tGpnzqICuAcXHUxeP7j1H3sjxQiKxb4l/JsGbEXIwewd0O rzIQ== X-Gm-Message-State: AOJu0Yz/xTJ+HoXEzaj8CNapjya4bYZinlvCxr1cDEWB12cxU6Th6tmp 7ZEjG76XNUeSxVOV45+w3h2pwHDVwr7qSOW7HGQYnGTK1qg= X-Google-Smtp-Source: AGHT+IH7/EucYhbB2HFGh4Ol76kiMIE5EA4QyeKXsCWglelEMmj9JXZrT0q4QkNGzJ/PnJzBwlmZJN+45h00JbWUWHc= X-Received: by 2002:a17:90a:fb98:b0:27d:1521:11a1 with SMTP id cp24-20020a17090afb9800b0027d152111a1mr1073047pjb.31.1697047616290; Wed, 11 Oct 2023 11:06:56 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Dave Taht Date: Wed, 11 Oct 2023 11:06:15 -0700 Message-ID: To: =?UTF-8?Q?Network_Neutrality_is_back=21_Let=C2=B4s_make_the_technical_asp?= =?UTF-8?Q?ects_heard_this_time=21?= Cc: "David Bray, PhD" , Nick Feamster Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [NNagain] Internet Education for Non-technorati? X-BeenThere: nnagain@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: =?utf-8?q?Network_Neutrality_is_back!_Let=C2=B4s_make_the_technical_aspects_heard_this_time!?= List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Oct 2023 18:06:58 -0000 I think y'all are conflating two different labels here. The nutrition label was one effort, now being deploye, the other is cybersecurity, now being discussed. On the nutrition front... We successfully fought against "packet loss" being included on the nutrition label, but as ghu is my witness, I have no idea if a formal method for declaring "typical latency" was ever formally derived. https://www.fcc.gov/document/fcc-requires-broadband-providers-display-label= s-help-consumers On Wed, Oct 11, 2023 at 10:39=E2=80=AFAM David Bray, PhD via Nnagain wrote: > > I was at a closed-door event discussing these labels about two weeks ago = (right before the potential government shutdown/temporarily averted for now= ) - and it was non-attribution, so I can only describe my comments: > > (1) the labels risk missing the reality that the Internet and cybersecuri= ty are not steady state, which begs the question how will they be updated > (2) the labels say nothing about how - even if the company promises to ke= ep your data private and secure - how good their security practices are int= ernal to the company? Or what if the company is bought in 5 years? > (3) they use QR-codes to provide additional info, yet we know QR-codes ca= n be sent to bad links so what if someone replaces a label with a bad link = such that the label itself becomes an exploit? > > I think the biggest risks is these we be rolled out, some exploit will oc= cur that the label didn't consider, consumers will be angry they weren't "p= rotected" and now we are even in worse shape because the public's trust has= gone further down hill, they angry at the government, and the private sect= or feels like the time and energy they spent on the labels was for naught? > > There's also the concern about how do startups roll-out such a label for = their tech in the early iteration phase? How do they afford to do the extra= work for the label vs. a big company (does this become a regulatory moat?) > > And let's say we have these labels. Will only consumers with the money to= purchase the more expensive equipment that has more privacy and security f= eatures buy that one - leaving those who cannot afford privacy and security= bad alternatives? > > On Wed, Oct 11, 2023 at 1:31=E2=80=AFPM Jack Haverty via Nnagain wrote: >> >> A few days ago I made some comments about the idea of "educating" the >> lawyers, politicians, and other smart, but not necessarily technically >> adept, decision makers. Today I saw a news story about a recent FCC >> action, to mandate "nutrition labels" on Internet services offered by IS= Ps: >> >> https://cordcuttersnews.com/fcc-says-comcast-spectrum-att-must-start-dis= playing-the-true-cost-and-speed-of-their-internet-service-starting-april-20= 24/ >> >> This struck me as anecdotal, but a good example of the need for >> education. Although it's tempting and natural to look at existing >> infrastructures as models for regulating a new one, IMHO the Internet >> does not work like the Food/Agriculture infrastructure does. >> >> For example, the new mandates require ISPs to "label" their products >> with "nutritional" data including "typical" latency, upload, and >> download speeds. They have until April 2024 to figure it out. I've >> never encountered an ISP who could answer such questions - even the ones >> I was involved in managing. Marketing can of course create an answer, >> since "typical" is such a vague term. Figuring out how to attach the >> physical label to their service product may be a problem. >> >> Such labels may not be very helpful to the end user struggling to find >> an ISP that delivers the service needed for some interactive use (audio >> or video conferencing, gaming, home automation, etc.) >> >> Performance on the Internet depends on where the two endpoints are, the >> physical path to get from one to the other, as well as the hardware, >> software, current load, and other aspects of each endpoint, all outside >> the ISPs' control or vision. Since the two endpoints can be on >> different ISPs, perhaps requiring one or more additional internediate >> ISPs, specifying a "typical" performance from all Points A to all Points >> B is even more challenging. >> >> Switching to the transportation analogy, one might ask your local bus or >> rail company what their typical time is to get from one city to >> another. If the two cities involved happen to be on their rail or bus >> network, perhaps you can get an answer, but it will still depend on >> where the two endpoints are. If one or both cities are not on their >> rail network, the travel time might have to include use of other >> "networks" - bus, rental car, airplane, ship, etc. How long does it >> typically take for you to get from any city on the planet to any other >> city on the planet? >> >> IMHO, rules and regulations for the Internet need to reflect how the >> Internet actually works. That's why I suggested a focus on education >> for the decision makers. >> >> Jack Haverty >> >> _______________________________________________ >> Nnagain mailing list >> Nnagain@lists.bufferbloat.net >> https://lists.bufferbloat.net/listinfo/nnagain > > _______________________________________________ > Nnagain mailing list > Nnagain@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/nnagain --=20 Oct 30: https://netdevconf.info/0x17/news/the-maestro-and-the-music-bof.htm= l Dave T=C3=A4ht CSO, LibreQos