Centralization Scales Governance

[elear]

As you may have noticed, I've been going at it with EKR just a bit on interoperability versus interconnectivity over his discussion about Europe's Digital Markets Act. First, I highly recommend that you check out his and Steve Bellovin's views, as you may find them enlightening. This goes to my earlier issues in several ways:

1. Is the organizational model the one you want or might you take advantage of the timeliness of the DMA debate to think in different terms?

2. Your point about reputation and email is very good and important; and goes to this interconnectivity versus interoperability aspect. What is perhaps important is understanding the relationship between the protocol design and the governance model.

Let's take WhatsApp for example (this is what I mentioned to Eric). They have a way cool approach to abuse reporting: and endpoint sends a message in the clear to a central authority who evaluates it and puts people on the naughty step if it is warranted. It might be possible for WA to share those reports with other services. That happens with email with DMARC and ARF, fur instance. But the governance model is important as well. Would you automatically send an abuse report to Eliot's Bar and Grill IM service without first reviewing it? Would you accept an abuse report and take action from Eliot's Bar and Grill IM service without first reviewing it?

Obviously there are non-protocol aspects here, but the protocol developers need to recognize those as they are building out capabilities.

[elear]

See forthcoming Issue 34 on this as well.

[mnot]

I'm having trouble seeing how this fits into the document -- can you please restate as something more actionable? And perhaps re-title?

[elear]

Yeah, I blathered there a bit. What I was aiming at was something closer to this...

Centralization scales governance. The example I am trying to lay out is the converse: it is difficult to scale governance without some form of centralization. Two examples:

• Google can't just randomly credit ARF reports from anyone, because their data warehouse would be polluted (adversarial ML attack).
• Were WhatsApp to take abuse reports about its users, it would need countermeasures to validate the authenticity of the message. If such reports could come from anywhere, it would also offer a source of DDOS on the abuse system.

But there may be protocol operations that facilitate governance. In the WA example, messages are/could be signed and thus validated. If you bind that to an enforced code of practice, you can even apply violation codes to scale.

[mnot]

This seems to be veering into making recommendations for specific design patterns / architectural decisions, which I've tried to avoid. Does it really fit into this document?

[elear]

I'm not aiming for those recommendations here (tho I did just suggest a handful in the CtA). In this case, what I am trying to call out is the level of complexity we are facing.

[mnot]

what I am trying to call out is the level of complexity we are facing.

That seems like a point worth making. There are many well-intentioned effort to combat centralisation, with limited results (and indeed the draft already calls some out).

[mnot]

I think this might link in very well with #19, but I need to read more.

[mnot]

I think the change above this and the text about the potential benefits of a choke point for governance in s 2.2.2 cover this - please say if you disagree.