The RIPE Cooperation Working Group held an interim session between RIPE Meetings to discuss the European Union’s proposed revision to the Directive on security of network information systems, or NIS 2.
Marco Hogewoning of the RIPE NCC gave an overview of the NIS 2 problem space, which service providers will fall under scope, the impact on the RIPE NCC (as K-root operator) and other service providers (including DNS providers, ccTLD and TLD operators and IXPs), and the main obligations imposed on those providers.
There was a lot of discussion about the extraterritorial nature of the NIS 2 Directive (and other EU proposals or regulation), including where and how the directive would apply to those providing services within vs. outside of the EU, and who would be responsible for oversight.
Participants also discussed the directive’s possible overreach in applying to anyone providing DNS services at any level, including individual hobbyists who run their own DNS servers or resolvers.
The Cooperation Working Group Co-Chairs suggested that community members should continue the discussion on the Cooperation and DNS Working Group mailing lists, including whether the RIPE community might want to submit its own response to the open consultation.