IGF 2023 WS #471 The eggs and the basket: fragmentary effects of ECH

Subtheme

Cybersecurity, Cybercrime & Online Safety
New Technologies and Risks to Online Security

Organizer 1: Olaf Kolkman, 🔒
Organizer 2: Mona Gaballa, Internet Society (ISOC)
Organizer 3: Christine Runnegar, 🔒

Speaker 1: Olaf Kolkman, Technical Community, Western European and Others Group (WEOG)
Speaker 2: Alissa Starzak, Private Sector, Western European and Others Group (WEOG)
Speaker 3: Mehwish Ansari, Civil Society, Western European and Others Group (WEOG)

Moderator

Olaf Kolkman, Technical Community, Western European and Others Group (WEOG)

Online Moderator

Christine Runnegar, Technical Community, Western European and Others Group (WEOG)

Rapporteur

Mona Gaballa, Civil Society, Intergovernmental Organization

Format

Birds of a Feather - 90 Min

Policy Question(s)

We are mostly interested in identifying the policy questions that rise around this topic, like:
- In relation to privacy, confidentiality, and censorship, can tradeoffs be made, and guidelines be given?
- If this technology raises concerns about privacy, security, freedom of access to information, etc.
- Who are the relevant stakeholders; what are their needs, views, and goals?
- Proportionality - when filtering access to information, what is the threshold for proportionate use of such control? Who sets it where?
- Who has the responsibility to limit potential damage, what kind of damage, to whom, from what?

What will participants gain from attending this session? A rudimentary understanding of the objective of ECH and how it would work.
The benefits of ECH for users (government, business and individuals).
The effect ECH may have on government or enterprise content filtering.
An appreciation of the policy questions that might arise if there is wide deployment of ECH, and implications for various stakeholders.

SDGs

Description:

Encrypted Client Hello (ECH) is a new encryption mechanism for the web that is in its final stages of development. Whereas today the domain one connects to is visible even when an encrypted channel such as TLS is used, ECH will encrypt this information.
A metaphoric description of the technology is as follows.
Suppose that we have a big warehouse where lorries drive on and off. These lorries traditionally had their company names on the side thereby inferring the goods they are carrying. The change introduced is that these lorries will instead be marked with the name of their transport company. Now less can be inferred about what the lorries are carrying.
Today a remote observer watching web traffic on the Internet can see which site someone visits . ECH would alter that for domains using large cloud providers or content delivery networks; all traffic would appear to go to one specific entry domain. However, for other websites, large or small, that own their own infrastructure, this new mechanism is unlikely to alter what a remote user sees.
Because this encryption mechanism may make it more challenging to identify what domains an Internet user is visiting, it has the potential to either prevent certain forms of blocking and filtering or cause overblocking of content. The overblocking of content causes fragmentary effects.
For enterprise and network services that today rely on visibility, there are other equally granular, more transparent, and effective alternative solutions available. However, the fragmentary effect lay herein that the large providers will serve large amounts of websites that will all be blocked if the censor wants to block only one of these websites. The inadvertently blocked sites may contain infrastructure services (e.g. authentication services) causing ripple effects on a much wider fraction of the Internet.

Expected Outcomes

A report that should inform further debate and may lead to workshops of follow up events. We expect that this is a topic that will need a broader societal debate.

Hybrid Format: We plan for a highly interactive session with active participation on and off site. An experienced zoom moderator is available and we may use on-line tools such as Lucid boards or surveys (TBD)
During the session the moderator will introduce the technical background (hence he is also a speaker) to inform the debate and two speakers will make short introductory remarks. We then open up for discussion. This is explicitly not a panel discussion.