Proposal

APrIGF 2024 Session Proposal Submission Form
Part 1 - Lead Organizer
Contact Person
Ms. Siti Nurliza Samsudin
Email
Organization / Affiliation (Please state "Individual" if appropriate) *
Sinar Project
Designation
Technologist
Gender
Female
Economy of Residence
Malaysia
Primary Stakeholder Group
Civil Society
List Your Organizing Partners (if any)
NA
Part 2 - Session Proposal
Session Title
Enhancing Internet and Web Standards to address DNS Tampering
Session Format
Workshop (60 minutes)
Where do you plan to organize your session?
Onsite at the venue (with online moderator for questions and comments from remote participants)
Specific Issues for Discussion
The Internet Monitoring Action Project (iMAP) releases annual reports on the state of internet censorship covering 9 countries in Southeast Asia (Burma, Cambodia, Indonesia, Philippines, Malaysia, Thailand, Vietnam), Hong Kong (China) and India using data from OONI (Open Observatory Network Interference). Findings from the report revealed that DNS tampering is the most commonly used method of blocking of websites in the region, whereby ISPs (internet service providers) would redirect the DNS to a blockpage. The findings also revealed that these blockpages are either empty, ‘NXDOMAIN’, or come with a written notice from a government authority about the website being blocked. In most of the cases, the blocking is conducted in a non-transparent manner without notification to either the website owners or users.

From a security and internet engineering point of view, DNS tampering without any errors raised for host queries or visible notification in client interfaces such as web browsers may pose a security or engineering issue to clients and services, as they are redirected unexpectedly to an unknown address or page.

This session is aimed to discuss the potential solutions via extensions or updates to internet and web standards and implementations for DNS hijacking and tampering such as but not limited to:

– [RFC 9364] DNSSEC (Domain Name System Security Extensions): enable authentication process to trusted domain name lookups in the Domain Name System (DNS)
– [RFC 7858] DNS over TLS: ensuring that DNS queries are private and hidden from ISPs
– [RFC 4924] HTTP response code 451 (“ Unavailable For Legal Reasons”): Proposed standard error code to be displayed in the HTTP response when a resource is denied access as a consequence of a legal demand
– Reviewing other relevant Internet and Web Standards to provide users more flexibility and control over their usage of the internet
Describe the Relevance of Your Session to APrIGF
As demand increases for governments and service providers in the region to address the need for blocking and controlling access to the Internet, governments in the region are expected to increase their control over the internet despite the possible negative implications on the freedom of the citizens. While it may be debatable on its necessity and the balance between internet regulation and freedom, DNS tampering or hijacking raises technical and engineering issues with the current system of resolving hostnames. Solutions discussed during the session will directly contribute to the overarching theme (“Shaping Responsible Internet Governance”) and the thematic track (“Security & Trust”), where it is expected that various stakeholders such as ISPs, network operators, engineers and software implementers would be able to contribute on identifying the challenges in implementing the solutions, as well as other solutions that may be more feasible.

In particular, these are the expected outcomes of the session:
– For solutions that have already been proposed, the session will aim to assess the challenges faced in implementing them, as well as policy or governance frameworks that may be necessary to accompany the technical solutions
– Increased awareness on the current method of blocking of websites and the potential consequences to internet users in terms of security and access
– Discussions on better mechanisms in carrying out legitimate blocking of websites
Methodology / Agenda (Please add rows by clicking "+" on the right)
Time frame (e.g. 5 minutes, 20 minutes, should add up to 60 minutes) Description
5 minutes Introduction to iMAP (presentation slides)
10 minutes Findings of the iMAP Internet Censorship Reports (presentation slides)
10 minutes Outlining potential solutions to the issue (presentation slides)
20 minutes Discussion on topics (group breakout session):- Group 1: Issues and challenges on solutions outlined; Group 2: Policy and governance frameworks to accompany the technical solutions (e.g. resources, who will implement which); Group 3: Other technical solutions to be proposed. The group breakout session will be conducted online, so that in-person participants may also get input from online participants through their devices (after scanning a QR code to join the meeting). While it is planned to have only 3 groups, we may adjust the sizing of the groups depending on the number of participants. If they are too small (<10), we may only have 2 groups with Group 1 combined with Group 3. Overall, it is proposed that the total number of participants should not exceed 40 to optimize the discussion.
15 minutes Group presentations and conclusion
Moderators & Speakers Info (Please complete where possible)
  • Moderator (Primary)

    • Name: Siti Nurliza Samsudin
    • Organization: Sinar Project
    • Designation: Technologist
    • Gender: Female
    • Economy / Country of Residence: Malaysia
    • Stakeholder Group: Civil Society
    • Expected Presence: In-person
    • Status of Confirmation: Confirmed
    • Link of Bio (URL only): https://www.linkedin.com/in/siti-nurliza-s/
Please explain the rationale for choosing each of the above contributors to the session.
Siti Nurliza is a Technologist at Sinar Project who leads the iMAP project, the internet censorship monitoring project covering 9 countries in the region. She analyzes the data from OONI as part of the reporting to be used in internet freedom advocacy. She also provides technical assistance to country partners in analyzing the data and using the OONI tools. This proposed session is a follow-up to her presentation at IAB Workshop on Barriers to Internet Access of Services (BIAS) where she presented on the findings of iMAP which highlighted the most common method used to block websites in the region i.e. DNS tampering.

There is no other facilitator or moderator to be proposed for now; however if there is any interest, they would help with facilitating the group discussions.
If you need assistance to find a suitable speaker to contribute to your session, or an onsite facilitator for your online-only session, please specify your request with details of what you are looking for.
- Someone who works on security/ DNSSEC from APNIC
- Someone who works on W3C UX for browser security e.g. Mozilla Foundation; and/or
- Registrar like MyNIC, DotAsia etc.
Please declare if you have any potential conflict of interest with the Program Committee 2024.
No
Are you or other session contributors planning to apply for the APrIGF Fellowship Program 2024?
Yes
APrIGF offers live transcript in English for all sessions. Do you need any other translation support or any disability related requests for your session? APrIGF makes every effort to be a fully inclusive and accessible event, and will do the best to fulfill your needs.
No
Brief Summary of Your Session
The Internet Monitoring Action Project (iMAP) releases annual reports on the state of internet censorship covering 9 countries in Southeast Asia (Burma, Cambodia, Indonesia, Philippines, Malaysia, Thailand, Vietnam), Hong Kong (China) and India using data from OONI (Open Observatory Network Interference). Findings from the report revealed that DNS tampering is the most commonly used method of blocking of websites in the region, whereby ISPs (internet service providers) would redirect the DNS to a blockpage. The findings also revealed that these blockpages are either empty, ‘NXDOMAIN’, or come with a written notice from a government authority about the website being blocked. In most of the cases, the blocking is conducted in a non-transparent manner without notification to either the website owners or users.

From a security and internet engineering point of view, DNS tampering without any errors raised for host queries or visible notification in client interfaces such as web browsers may pose a security or engineering issue to clients and services, as they are redirected unexpectedly to an unknown address or page.

This session was aimed to discuss the potential solutions via extensions or updates to internet and web standards and implementations for DNS hijacking and tampering such as but not limited to:
– [RFC 9364] DNSSEC (Domain Name System Security Extensions): enable authentication process to trusted domain name lookups in the Domain Name System (DNS)
– [RFC 7858] DNS over TLS: ensuring that DNS queries are private and hidden from ISPs
– [RFC 4924] HTTP response code 451 (“ Unavailable For Legal Reasons”): Proposed standard error code to be displayed in the HTTP response when a resource is denied access as a consequence of a legal demand
– Reviewing other relevant Internet and Web Standards to provide users more flexibility and control over their usage of the internet
Substantive Summary of the Key Issues Raised and the Discussion
-DNS tampering is the most common method used to block websites in the Southeast Asia region.
-Websites are redirected to a block page or unknown address, without notification to website owners or users.
-This poses a security issue, and in this case the malicious actor that tampered is a government authority.
-In the breakout session, there were 3 groups of discussion:
+Issues and challenges of the proposed solutions
++DNSSEC would give a sense of security
++HTTP 451 needs to be adopted together with the other solutions
++Coordination between providers and compliance requirements may not aligned
++Cost to train engineers to implement the solutions
++Low awareness of technology e.g. in Thailand with low takeup rate of DNSSEC
++Inhibited by the technology we understand, what they can do and how it prevents malicious attacks
+Policy and governance frameworks required
++Responsible for the solutions: government, ISPs, registries, end-users
Petitions
++Multistakeholder processes
+Other solutions
++Enforce device manufacturers and email clients to implement these solutions e.g. APple
++Such a regulation might go against the freedom of manufacturers to decide what to implement
++Quering multiple databases to see answers
++Home firewalls, personal DNS resolvers, piholes - however these are technical solutions
++DNSSEC certificates need to be refreshed more frequently
Conclusions and Suggestions of Way Forward
More awareness is needed on these. Currently the methods to overcome the issue of DNS tampering can be too technical, and costly. Participants are encouraged to talk to their own networks on the issue so as to increase awareness and discussions.
Number of Attendees (Please fill in numbers)
    • On-site: 32
    • Online: 16
Gender Balance in Moderators/Speakers (Please fill in numbers)
  • Moderators

    • Female: 1
How were gender perspectives, equality, inclusion or empowerment discussed? Please provide details and context.
In the 2nd breakout group, diversity of countries were emphasized in the discussion of the policy and frameworks needed to implement the solutions, as different countries have different governance on censorship and awareness on the issue. In the 3rd group, when discussing other solutions, it was highlighted that the solutions for DNS tampering are currently very technical and may not suit users who are less tech-savvy, and so the solutions should incorporate this as censorship increases.
Consent
I agree that my data can be submitted to forms.for.asia and processed by APrIGF organizers for the program selection of APrIGF 2024.