Internet-Draft BIAS Workshop Report February 2024
Kühlewind, et al. Expires 26 August 2024 [Page]
Workgroup:
Network Working Group
Internet-Draft:
draft-iab-bias-workshop-report-00
Published:
Intended Status:
Informational
Expires:
Authors:
M. Kühlewind
D. Dhody
M. Knodel

IAB Barriers to Internet Access of Services (BIAS) Workshop Report

Abstract

The “Barriers for Internet Access of Services (Bias)” workshop was convened by the Internet Architecture Board (IAB) from January 15-17, 2024 as a three-day online meeting. Based on the submitted position papers, the workshop covered three areas of interest: the role of community networks in Internet Access of Services; reports and comments on the observed digital divide; and measurements of censorship and censorship circumvention. This report summarizes the workshop's discussion and serves as a reference for reports on the current barriers to Internet Access.

Note that this document is a report on the proceedings of the workshop. The views and positions documented in this report were expressed during the workshop by participants and do not necessarily reflect IAB's views and positions.

About This Document

This note is to be removed before publishing as an RFC.

The latest revision of this draft can be found at https://intarchboard.github.io/draft-iab-bias-workshop-report/draft-iab-bias-workshop-report.html. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-iab-bias-workshop-report/.

Source for this draft and an issue tracker can be found at https://github.com/intarchboard/draft-iab-bias-workshop-report.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 26 August 2024.

Table of Contents

1. Introduction

The Internet as part of the critical infrastructure affects many aspects of our society significantly, although it impacts different parts of society differently. The Internet is an important tool to reach the Sustainable Development Goals (SDG) [SDG] and to globally support human rights. Consequently, the lack of meaningful access to digital infrastructure and services is also a form of disenfranchisement.

Solely having Internet access is not enough. At the same time as we work to connect the next billion people and reduce the digital divide, it is also important to understand persistent and novel inequalities in the digital age when accessing content and services. There are more and more barriers to meaningful access to the services and applications that run on the Internet. Even if Internet connectivity is available, information and service access may remain challenged and unequal.

This IAB workshop has aimed

1.1. About this workshop report content

This document is a report on the proceedings of the workshop. The views and positions documented in this report are expressed during the workshop by participants and do not necessarily reflect IAB's views and positions.

Furthermore, the content of the report comes from presentations given by workshop participants and notes taken during the discussions, without interpretation or validation. Thus, the content of this report follows the flow and dialogue of the workshop but does not attempt to capture a consensus.

2. Workshop Scope and Discussion

The workshop was organized across three days with all-group discussion slots, one per day. The following topic areas were identified and the program committee organized paper submissions into three main themes for each of the three discussion slots. During each discussion, those papers were presented sequentially with open discussion held at the end of each day.

2.1. Session 1: Community Networks - Their Role in Internet Access of Services

The first day of the workshop focused on the role of Community Networks [RFC7962] as a way to overcome the barriers to Internet Access. Community Networks are self-organized networks wholly owned by the community and thus provide an alternative mechanism to bring connectivity and internet services to those places that lack commercial interest.

Presentations ranged from highlighting the need for measuring Quality of Experience (QoE) for Community Networks, to the potential role the Content Delivery Network (CDN) can play in Community Networks, to the role of Satellite Networks, and finally, to the vital role of the spectrum in this space.

2.1.1. The Quality of Community Networks

[MARTINEZ] highlighted the need to address Quality of Experience (QoE) in discussions around Community Networks. As a community-driven deployment, the knowledge and involvement of individuals can vary; therefore, there are no guarantees of connectivity or quality of service. There is a need to focus on user expectations and how they translate to measurable performance indicators. Further, it asks for better documenting best practices in deploying community networks as well as considering manageability considerations for community networks in protocol development. [GUIFI] as an example Community Network was discussed and some existing resources for Community Networks ([APC], [ISOC], and [TBB]) were shared by the participants.

The inconsistent quality and performance of Satellite Internet is a gap for community networks that rely on non-terrestrial networks (NTNs) for internet access [HU].

2.1.2. Strengthening Community Networks

[BENSON] focused on the prohibitive cost of the transit and Internet service for Community Networks and argued for Content Delivery Networks (CDNs) to provide transit-like and Internet services at no more than at-cost in a mutually beneficial way. Community networks still need backhaul to and from the CDN’s point of presence and models for community-backhaul and open-source CDNs were highlighted. Discussion included [PANGEA] project status as well as legal and commercial considerations in such use of CDNs.

[HU] highlighted that Satellite Internet provided by advanced LEO satellite constellations can play a pivotal role in closing the connectivity gap in the urban-rural digital divide via Satellite-dependent community networks. There existing known performance and management gaps that need focus to enable Satellite Internet to resolve the divide. Further, research directions such as multi-layer satellite networking, autonomous maintenance, and integration between Terrestrial and Non-Terrestrial networks were suggested.

[RENNO] called attention to the coveted 6GHz (part of the C-band with a desirable mix of coverage and capacity) as a prime choice for International Mobile Telecommunication (IMT) for 5G technology while it is in common unlicensed use in the community networks (and small ISPs). Spectrum allocations directly impact industries and market access with ramifications for community networks. Further, there was a discussion on the geopolitical tension because of it.

2.1.3. Discussion

How can the technical community address the management gap and improve best practices for Community Networks? Is the increasing complexity of the Internet making it more challenging to establish connections, and should this be taken into account in the design of the Internet? Should the manageability consideration be expanded to explicitly consider Community Networks? Global Access to the Internet for All (GAIA) [GAIA] research group could be a venue for further discussion and research. Further discussion highlighted the need for readily available knowledge and tools for community networks as well as the tussle with market forces when commercial networks compete with community networks.

2.2. Session 2: Digital Divide - Reports and Comments

Critical internet infrastructure affects many aspects of our society significantly, although differently, the inequitable aspects of which are typically referred to as "digital inclusion" signifying that in efforts to digitalise society, there are those left out due to what is typically called the "digital divide", a related term specific to access to the Internet. These concepts together demonstrate that even if Internet connectivity is available, for some there will remain challenges towards achieving equality. This becomes especially significant as governments view the Internet as an important tool to help them reach the Sustainable Development Goals (SDG) [SDG] and to globally support human rights.

The second day of workshops was essential to understanding the nature of the digital divide. Presentations of reports interrogated at least three key aspects of the digital divide, though there is recognition that there may be more technical aspects of the digital divide that were not present. Those were: differences between population demographics in the provision of online resources by governments, inequality in the use of multilingualized domains and email addresses, and increased costs for end-user downloads of contemporary websites' sizes.

2.2.1. Disparities in service provision

Ralph Holz presented research that exposes the more limited DNS-mediated access to government websites by indigenous communities in Australia as compared to less disadvantaged users in the same population in "Evidence for a digital divide? Measuring DNS dependencies in the context of the indigenous population of Australia". [HOLZ] DNS dependency trends were analysed between two lists of domains serving Australian government sites for Indigenous users and the general population. Researchers found, "evidence that dependencies for the indigenous population are indeed differently configured," indicative of a difference in service provisioning. However qualitative follow-up research is needed to interrogate both the potential reasons for these differences and whether the differences contribute to a "digital divide" that is tangible for Indigenous users.

2.2.2. Lack of consistent acceptance of language scripts

On the topic of availability of Internet services and content in multiple languages "Universal Acceptance of Domain Names and Email Addresses: A Key to Digital Inclusion" was presented by Sarmad Hussain of ICANN. [HUSSAIN] The ICANN community has increased the options for multilingual identifiers through the expansion of the Internet’s DNS for use in domains and email addresses. However, while the work of technical specification and policy recommendations is complete, much work remains to deploy a multiligualized internet. Today there are around 150 internationalised domain names (IDNs) but the barriers to equal rollout of these scripts at the domain level are hindered primarily by software and applications that do not yet recognise these new scripts. "Universal Acceptance" is a programme of action for the internet community at large that can ensure IDNs are accepted and treated consistently.

2.2.3. Web Affordability and Inclusiveness

In "A Framework for Improving Web Affordability and Inclusiveness" Rumaisa Habib presented research on the connection between website size and cost to end users. [HABIB] This critical inquiry presents access in terms of affordability and through measurement demonstrates that the material costs to end users who pay for their connection based on the volume of data they download and upload have risen as the complexity of the web grows. Their research provides a framework for optimisation based on end-user affordability. This framework is anchored to reality: it proposes a fairness metric and suggests systematic adaptations to Web complexity based on "geographic variations in mobile broadband prices and income levels."

2.2.4. Discussion

These three reports discuss very different aspects of current inequalities in Internet access in various parts of the world: service provision, availability, and economic costs. Notably, the reports discuss trends that exacerbate the digital divide beyond the question of connectivity or whether users have access to the Internet, potentially bringing concrete ways that the IETF community can address digital inclusion within its remit.

Discussants noted that while there are some interesting aspects to the problem of the digital divide, such as measurements and frameworks, most of the work is getting this work to the right people at the policy layer so there is an importance of communicating this technical evidence to the right people. The IETF's role could be to build consensus on what the proper solutions presented to decision makers that put research and measurement not only in context but also in a consensus-driven solution space. Another method to better communicate this research is by telling stories of end users in more relatable and relevant terms, which is often a challenge for the technical level and a role for more diverse stakeholders at the more local level.

2.3. Session 3: Censorship - Reports and Circumvention

This session focused on reports of censorship as observed during recent years in different parts of the world, as well as on the use of and expectation on censorship circumvention tools, mainly the use of secure VPN services.

The censorship reports, with a focus on Asia, and specifically India, as well as Russia, as an example where censorship has changed significantly recently, discussed the legal frameworks and court acts that put legal obligations on regional network providers to block traffic. Further, measurements to validate the blocking as well as analyses of how blocking is implemented were discussed, i.e. which protocols are used but also which kind of devices are used to configure the blocking rules and where are they deployed.

2.3.1. Censorship Orders, Measurements, and Device Analysis

[SAMSUDIN] reported on confirmed blocking from 10 countries (Cambodia, Hong Kong (China), India, Indonesia, Malaysia, Myanmar, Philippines, Thailand, Timor-Leste, Vietnam) in the period from 1 July 2022 to 30 June 2023. The blocking was either confirmed by OONI measurements for existing blocking fingerprints, heuristics, i.e. for new blocking fingerprints as well as news reports of blocking orders, or user experiences. Most of these countries block specific content such as porn, gambling, or certain news pages. Interestingly the blocking in Hong Kong and Myanmar is focused on the military and governmental pages of foreign countries. Blocking is often realized by either DNS tampering or HTTP tampering. For DNS, either a decided IP address, a bogon IP address (127.0.0.1), or an empty domain (nxdomain) is used. In case of DNS tampering using a decided IP address or HTTP tampering some countries provide a block page that exposes the blocking, however, more transparency about blocking is requested by civil society organizations and the iMAP project.

[GROVER] further focused the discussion on online censorship in India, Pakistan, and Indonesia. In India, where providers are responsible for implementing the blocking but no method is mandated, the six major ISPs (covering 98.82% of all subscribers) were tested on 4379 blocked websites (based on court orders, user reports, and publicly available or leaked government orders) on DNS poisoning/injection or HTTP/SNI-based censorship. Used censorship techniques and websites blocked were different across ISPs. Multiple ISPs used two different techniques (depending on the website), and all but one provided censorship notices. Providers blocked between 1892 to 3721 (of 4379) pages with only 1115 (27.64%) of pages blocked by all ISPs. [Singh2020] In contrast, in Pakistan, the government can also order the IPSs to perform blocking and blocking has even been observed in the past on the IXP level. Since 2020, there has also a central Web Monitoring System deployed at lines of international connectivity. In Indonesia, initially, the government guided ISPs in how to perform the blocking. The regulations were updated in 2020 to allow Indonesian ISPs to block websites at their discretion. In 2022, there was a proposal by internet service providers to centralise DNS. In Indonesia, a partial block list is publicly available, but without any indication of why something is blocked. [Grover2023]

[BASSO] reported that for Russia a high increase in additions to the Roskomnadzor’s block list was observed in March 2022 as well as in December 2022, foremost covering news pages but also covering human rights organizations and social media, where more than 3500 blocking orders were added to the list by an "Unknown body". Further, blocking of domains that are not in the official Roskomnadzor’s list has been observed as well.

An invited talk presented the work in [WANG] on locating censorship devices by using HTTP and TLS traceroutes, identifying device vendors through fingerprinting, and reverse-engineering censorship triggers by the use of fuzzing. E.g. for the case of Azerbaijan and Kazakhstan, they showed that a significant portion of measurements from remote countries are blocked at the endpoint, indicating local policies but connection resets are also happening in Belarus and Russia. Further, they could identify a set of commercial network devices (firewalls) that are used in these countries for censorship and show how fuzzing can be used to fingerprint and cluster behaviours as well as potentially circumvent the deployed methods.

All speakers called for more transparency by requiring blocking messages as well as publication and auditing of blocklists. Potentially even standardization could help.

2.3.2. Use of VPNs for Censorship Circumvents and user expectations

Further on in the session, the possibility and prevalence of using VPNs for circumvention has been discussed including user expectations and an analysis of security shortcomings of commercial VPN services. The analysis presented in [RAMESH] has shown various problems that lead to data leaks such as leakage of IPv6 traffic, non-browser traffic, or tunnel failure, not upholding user expectations, especially when used in authoritarian regimes for censorship circumvention or private communication.

The question of how common the use of VPNs for circumvention is and its legal implications, as VPNs are illegal in a few countries, has been discussed. E.g. VPNs are not officially banned in India but VPN providers need to store log data and those, who haven’t complied, stopped serving India. However, more data on VPN use and blocking might be needed.

2.3.3. Discussion

After all, there is a cat-and-mouse game between censors and circumvents, however, continued work on protocol enhancements that protect user privacy is essential.

2.4. Key Take Aways

Some key takeaways from the workshop are -

  • There is a need for the technical community to address the management gaps in operating Community Networks.

  • Work should be done in documenting best practices for operating Community Networks.

  • During the development of protocols, explicit manageability considerations related to Community Networks should be considered.

  • Build consensus on solutions that have the most significant impact in fostering digital inclusion. Further, promoting these solutions ensures that efforts to bridge the digital divide are effective and inclusive.

  • Further work to enhance protocols ensuring user privacy should continue.

  • Develop further protocols (or extensions to existing protocols) that enable more transparency on filtering and promote their use and deployment.

  • Develop new VPN-like services and potentially support measurements to understand their deployment and use.

  • Further discussion of these topics could happen in GAIA, HRPC, PEARG, and MAPRG based on the relevance to the research group. The community could also explore if a censorship (and its circumvention) focused group could be created.

3. Informative References

[APC]
"The Association for Progressive Communications (APC)", n.d., <https://www.apc.org/>.
[BASSO]
Basso, S., "How Internet censorship changed in Russia during the 1st year of military conflict in Ukraine", , <https://datatracker.ietf.org/meeting/interim-2024-biasws-03/materials/slides-interim-2024-biasws-03-sessa-online-censorship-in-india-pakistan-and-indonesia-00>.
[BENSON]
Benson, T. A. and M. Fayed, "A ‘C’ in CDN - Access service to and from the Internet at cost for community networks", , <https://www.ietf.org/slides/slides-biasws-a-c-in-cdn-access-service-to-and-from-the-internet-at-cost-for-community-networks-00.pdf>.
[GAIA]
"Global Access to the Internet for All Research Group", n.d., <https://www.irtf.org/gaia.html>.
[GROVER]
Grover, G., "Online censorship in India, Pakistan and Indonesia", , <https://datatracker.ietf.org/meeting/interim-2024-biasws-03/materials/slides-interim-2024-biasws-03-sessa-online-censorship-in-india-pakistan-and-indonesia-00>.
[Grover2023]
Grover, G. and C. Cath, "The infrastructure of censorship in Asia", , <https://archive.org/details/eaten-by-the-internet/>.
[GUIFI]
"Guifi.net", n.d., <https://guifi.net/en>.
[HABIB]
Habib, R., Tanveer, S., Inam, A., Ahmed, H., and A. Ali, "A Framework for Improving Web Affordability and Inclusiveness", , <https://www.ietf.org/slides/slides-biasws-a-framework-for-improving-web-affordability-and-inclusiveness-00.pdf>.
[HOLZ]
Holz, R., Nazemi, N., Tavallaie, O., and A. Y. Zomaya, "Evidence for a digital divide? Measuring DNS dependencies in the context of the indigenous population of Australia", , <https://www.ietf.org/slides/slides-biasws-evidence-for-a-digital-divide-measuring-dns-dependencies-in-the-context-of-the-indigenous-population-of-australia-00.pdf>.
[HU]
Hu, P., "Closing the Performance and Management Gaps with Satellite Internet - Challenges, Approaches, and Future Directions", , <https://www.ietf.org/slides/slides-biasws-closing-the-performance-and-management-gaps-with-satellite-internet-challenges-approaches-and-future-directions-01.pdf>.
[HUSSAIN]
Hussain, S., "Universal Acceptance of Domain Names and Email Addresses - A Key to Digital Inclusion", , <https://www.ietf.org/slides/slides-biasws-universal-acceptance-of-domain-names-and-email-addresses-a-key-to-digital-inclusion-01.pdf>.
[ISOC]
"Community networks help bridge the connectivity gap", n.d., <https://www.internetsociety.org/action-plan/community-networks/>.
[MARTINEZ]
Martínez-Cervantes, L. M. and R. Guevara-Martínez, "Community Networks and the Quest for Quality", , <https://www.ietf.org/slides/slides-biasws-community-networks-and-the-quest-for-quality-00.pdf>.
[PANGEA]
"Project Pangea from Cloudflare", n.d., <https://www.cloudflare.com/en-gb/pangea/>.
[RAMESH]
Ramesh, R., "Investigating the VPN Ecosystem through the lens of Security, Privacy, and Usability", , <https://datatracker.ietf.org/meeting/interim-2024-biasws-03/materials/slides-interim-2024-biasws-03-sessa-investigating-the-vpn-ecosystem-through-the-lens-of-security-privacy-and-usability-00>.
[RENNO]
Rennó, R., "Maximising Connectivity - The Spectrum's Vital Role in Technology Access", , <https://www.ietf.org/slides/slides-biasws-position-paper-by-raquel-renno-01.pdf>.
[RFC7962]
Saldana, J., Ed., Arcia-Moret, A., Braem, B., Pietrosemoli, E., Sathiaseelan, A., and M. Zennaro, "Alternative Network Deployments: Taxonomy, Characterization, Technologies, and Architectures", RFC 7962, DOI 10.17487/RFC7962, , <https://www.rfc-editor.org/rfc/rfc7962>.
[SAMSUDIN]
Samsudin, S., "iMAP (Internet Monitoring Action Project) 2023 Internet Censorship Report", , <https://www.ietf.org/slides/slides-biasws-position-paper-by-raquel-renno-01.pdf>.
[SDG]
"Sustainable Development Goals", n.d., <https://sdgs.un.org/goals>.
[Singh2020]
Singh, K., Grover, G., and V. Bansal, "How India Censors the Web", , <https://dl.acm.org/doi/abs/10.1145/3394231.3397891>.
[TBB]
"Tribal Broadband Bootcamp", n.d., <https://tribalbroadbandbootcamp.org/>.
[WANG]
Raman, R. S., Wang, M., Dalek, J., Mayer, J., and R. Ensafi, "Network Measurement Methods for Locating and Examining Censorship Devices", , <https://datatracker.ietf.org/meeting/interim-2024-biasws-03/materials/slides-interim-2024-biasws-03-sessa-online-censorship-in-india-pakistan-and-indonesia-00>.

Appendix A. Position Papers

19 position papers were submitted to the workshop call for papers. 11 were selected for publication. Papers that were not published either (2) only provided a very prelimited analysis of an idea that was felt to be incomprehensive for discussion at the workshop, or addressed problems that were beyond the scope as dedicated for the workshop discussion e.g. discussing cyber security threads as a barrier for participation or implication of technology in regulation that imposes blocking. Both of these topics pose a potentially severe risk on the open Internet, however, these risks might provide a high risk for all Internet users but do not necessarily imply an unbalance.

All accepted papers are available at: https://datatracker.ietf.org/group/biasws/materials/

This is the list of all published papers:

Community Networks:

Digital Divide:

Censorship:

In addition to the submitted paper two invited talks were presented based on published papers:

Appendix B. Workshop Participants

The workshop participants were Arnaud Taddei, Carlos Pignataro, Carsten Bormann, Cindy Morgan, Colin Perkins, Cory Myers, Dan Sexton, David Guzman, David Millman, David Schinazi, Dhruv Dhody, Gurshabad Grover, Hanna Kreitem, Jane Coffin, Jiankang Yao, Jörg Ott, Juan Peirano, Lai Yi Ohlsen, Luis Martinez, Mallory Knodel, Marwan Fayed, Matthew Bocci, Michael Welzl, Michuki Mwangi, Mirja Kühlewind, Mona Wang, Peng Hu, Ralph Holz, Raquel Renno, Reethika Ramesh, Rumaisa Habib, Sarmad Hussain, Simone Basso, Siti Nurliza Samsudin, Suresh Krishnan, Theophilus Benson, Tirumaleswar Reddy, Tommy Pauly, Vesna Manojlovic, and Wes Hardaker.

Appendix C. Workshop Program Committee

The workshop program committee members were Christopher Wood (IAB, Cloudflare), Dhruv Dhody (IAB, Huawei), Mallory Knodel (IAB, Center for Democracy and Technology), Mirja Kühlewind (IAB, Ericsson), and Tommy Pauly (IAB, Apple).

IAB Members at the Time of Approval

Internet Architecture Board members at the time this document was approved for publication were: TODO

Acknowledgments

TODO acknowledge.

Authors' Addresses

Mirja Kühlewind
Dhruv Dhody
Mallory Knodel