Cooperation Working Group Minutes RIPE 80

Wednesday, 13 May, 15:00-15:45
WG co-Chairs: Johan (Julf) Helsingius and Achilleas Kemos
Scribe: Gergana Petrova
Status: Draft

1. Introduction

Julf Helsingius / Achilleas Kemos

The chairs welcomed attendees and said they would move administrative issues to the mailing list.

2. Re-writing the Narrative: Cybercrime during COVID-19

Nicole van der Meulen, Senior Strategic Analyst at EC3 Europol

This presentation is available here:
https://ripe80.ripe.net/presentations/30-Presentation-EC3-RIPE80.pdf

Carsten Schiefner asked if Europol’s activities and investigations were coordinated with SIDN when going after fake shops.

Nicole said she hadn’t heard of this personally, but some of her operational colleagues might be doing this.

Blake Willis, Zayo / iBrowse / L33 Networks, asked how Europol differentiated between disinformation and cybercrime, e.g. those incentivising people to attack mobile phone towers.

Nicole replied that criminals were able to take advantage of disinformation, for example by selling substances that someone else had claimed would cure COVID 19. This third-party source almost gave them legitimacy. 

Benno Overeinder, NLnet Labs, asked which top-level domains Europol monitored (to identify malicious ones) and which were most affected.

Nicole said she would have to get back to him on this.

Ayane Satomi, Batangas State University, asked what was considered the peak of the cybercrimes related to the pandemic.

Nicole said there were different peaks based on the type of cybercrime or when it occurred. Timewise, the peak was at the end of March. In terms of type, volume and potential impact, it was phishing emails and scams.

Oliver Hohlfeld, Brandenburg University of Technology, asked how the increase in DDoS attacks was measured and against which targets.

Nicole said Europol relied on external sources and nobody had a complete overview.

Lousewies van der Laan, LW International, asked how effective European-level campaigns were – assuming they were aimed at the public at large – and if they were translated and how cultural differences were taken into account.

Nicole said their campaigns indeed targeted the public at large, though in some cases they focused on specific categories such as children or teenagers. Many campaigns were translated into all EU languages, though not all. The translated material was given to law enforcement agencies within the Member States and other organisations that used them for public benefit. Usually the translators tried to take cultural differences into account, though it was difficult to do this to the extent that they would like to.

Per-Åke Wecksell, Swedish Police Authority, asked if many countries in Europe were reporting an increase in grooming taking place on the Internet at the moment.

Nicole replied that the end aim of grooming was meeting in person. She said this question could get a better answer with the subsequent dedicated CSE in the second week of June.

Marco Davids, SIDN, asked how Europol received or found information about malicious sites.

Nicole said that in terms of malicious domain registrations, Europol had an external partner.

3. The New IP Proposal

Marco Hogewoning, External Relations, RIPE NCC

This presentation is available here:
https://ripe80.ripe.net/presentations/16-COOP-NewIP_comms.pdf

Jim Reid, RTFM llp, thanked Marco and his colleagues for their work on this topic. He encouraged people concerned about New IP and the upcoming WTSA to talk to their government and regulator, because they would be the ones taking decisions at WTSA. In addition, the officials would appreciate input from their Internet community to help them formulate their strategy at WTSA and/or the July SG13 meeting.

Constanze Buerger, German Federal Ministry of the Interior, said that Germany supported the sustainable approach of a free and multistakeholder-governed Internet. The technical development of the Internet should take place in the well-known and proven current bottom-up-organised structures. Their analysis supported the statements from the IETF, RIPE and ISOC and they were coordinating this position with the German ITU representatives and others. They were proposing a government roundtable in advance of the WTSA in November 2020 to discuss the views of governments in the RIPE region.

This comment was supported by Panagiotis Papaspiliopoulos, Permanent Representation of Greece to the EU and Vilem Vesely, Czech Ministry of Industry and Trade.

Kurt Kayser, German Federal Ministry of the Interior, asked if this effort for New IP complemented Geoff's report that TCP had reached its limits for a faster Internet.

Marco acknowledged that TCP had limitations on speed. Discussions around IoT had highlighted that there was no need to send a 40-byte header to transmit temperature information that was 2-bytes. However, the New IP discussion was deeper, because it was trying to change the Internet’s governance model. The IETF was the right venue for such discussions. It had been working on this, for example 6LoWPAN or various ideas around changing queuing. The IETF had also discussed QUIC as a potential replacement of TCP. Developing novel uses for the Internet or improving speed should not lead to a complete overhaul of its governance model, especially not behind closed doors in Geneva.

Carsten Schiefner asked what Huawei’s problem statement was.

Marco said it was very vague. For example, that TCP/IP does not work on satellite communications. While this had its challenges, before the crisis people were sending emails from airplanes using TCP/IP over satellite; the fact that fine-tuning was needed didn’t mean it was completely failing.

Freddie McBride, European Communications Office, asked if there were any links between the New IP proposal and Digital Object Architecture.

Marco answered that China preferred blockchain-based technologies over DOA. Even though DOA might reappear, at the moment he hadn’t seen any links.

Jim added that in his experience of SG20 and FG2030, there was no direct linkage between DOA and New IP, though they both fit the narrative of a bigger role for the ITU in Internet governance.

Paul Rendek, Dstream Group, asked if this was viewed as evolution or revolution of the Internet by I* organisations, if the IETF had welcomed discussions on this, if the IETF was engaging with the ITU, and what the general opinion of ITU member states was (beyond those that were driving the proposal).

Achilleas added that Huawei had a huge presence in the IETF groups. He wondered why they hadn’t gone there as well.

Marco answered that the IETF had published a liaison statement about this work. The IETF was user-driven, so if Huawei didn’t bring its proposal forward, it wouldn’t be discussed there. As highlighted by some media outlets, Huawei had come under attack regarding some of the security features in New IP, to which they had replied that the IETF, driven by Huawei, was developing DOTS as a way to mitigate DDoS attacks. He said New IP might get branded as the new Internet, which it really wasn’t. It was not compatible with the Internet and implementing it might lead to further problems downstream.

Finally, Marco mentioned a recent article on RIPE Labs that highlighted upcoming work on EU legislation which might impact network operators.

RIPE Forum

The RIPE Forum is an additional way to participate in RIPE community mailing list discussions using a web-based interface rather than an email client.

Check out the forum