Cooperation Working Group Minutes RIPE 77

Thursday, 18 October, 09:00-10:30
WG co-Chairs: Johan (Julf) Helsingius and Achilleas Kemos
Scribe: Gergana Petrova
Status: Draft
 

Julf welcomed attendees to the session, asked the audience to approve the minutes from RIPE 76 and invited Chris Buckridge to the stage.

1. ITU Plenipotentiary: Preparations, Expectations and Concerns
Chris Buckridge, RIPE NCC

The presentation is available at:
https://ripe77.ripe.net/presentations/116-Buckridge-Coop-20181018.pdf

Alexander Isavnin, Internet Protection Society, thanked Chris for participating in the activity. He added he would have liked to be informed about such activities earlier. As a Russian citizen, he found it difficult to learn about such activities from Russian state employees or representatives. He would have liked to have received this information sooner from the RIPE NCC. He spoke of a presentation delivered at RIPE 72 in Copenhagen, where Chris outlined all the international organisations RIPE NCC is a member of and asked for a follow up.

Chris clarified that most of the proposals for the Plenipotentiary only came out recently, some came out after his article on RIPE Labs article was published. In addition, most of them are not available publicly, which makes it impossible for the RIPE NCC to send a link for reference. Finally, a lot of these proposals are starting positions, so ringing an alarm would be premature.

Nurani Nimpuno, Asteroid International, thanked Chris for going to the Plenipotentiary and being engaged with the ITU. She added that it was important to have representatives of the RIPE Community there, such as Malcolm Hutty.

Chris added that Hans Petter Holen, Patrik Fältström and a few others were on national delegations.

 Nurani said that it’s difficult for people who have not been there to understand how Plenipots work. Even though RIPE NCC is not going to be presenting any positions, having the RIPE NCC at the Plenipotentiary means that they get to hear the discussions and report back. In addition, organisations like RIPE NCC and ISOC play an important role in corridor discussions, where they can educate governments, explain how things work, for example how IP addresses are distributed; rather than represent a particular position. She finished by saying it is hard to report from these conferences, because there is so much information. This is why she thought that picking out the proposals relevant for the RIPE Community was very helpful. She thanked Chris for writing the RIPE Labs article and mentioned she used it in a meeting with government officials the week before.

 Chris reiterated that the RIPE NCC is very careful not to say that we are representing the community. RIPE NCC only represents the role of RIPE.

 Paul Rendek, RIPE NCC, added that we do not show up with any proposals to meetings such as the Plenipotentiary. RIPE NCC does not engage in public policy. Rather, we help make better public policy through the engagement we have with the various groups that Chris pointed out. The RIPE NCC provides factual, technical information policy-makers need when they prepare their proposals. During the RIPE NCC Roundtables meetings we have made this clear. We go to the Plenipotentiary, since at any point of time governments from our service region can ask us for information relating to their business, which we can then provide.

 Alexander added that people going to these meetings are career politicians. He asked Chris to report back to the community.

 Hans Petter Holen, RIPE Chair, who is joining the Norwegian delegation at the Plenipotentiary, complimented Chris and Marco from RIPE NCC for bringing the IoT discussion to the RIPE meeting last time, which was well ahead of time. He mentioned Chris and the team are making a real improvement for bringing the discussion into the meeting and complimented Chris’s blog post.

 When it comes to participating to the meeting, Hans Petter has had to signed papers prohibiting him from talking about the content of certain confidential meetings. Hans Petter will not make any positions or statements but build a network with a technical glue in the process.

2. Update on the ICANN EPDP on WHOIS/GDPR
Julf Helsingius

The presentation is available at:
https://ripe77.ripe.net/presentations/110-RIPE-EPDP.pdf

Dmitry Burkov, RIPN/FAITID, said that now there is a situation that national laws override any ICANN policy. He asked Julf what result he expects.

 Julf responded that any final agreement needs to comply with GDPR, at least in Europe. Beyond that there are a lot of different opinions and he suspects some sort of compromise will be reached, but nobody knows what exactly yet.

 Dmitry added that some governments are currently silent and ignore the process, because they plan to simply follow national laws and ignore ICANN. Furthermore, access models are absolutely unacceptable in some parts of the world.

 Julf agreed.

 Shane Kerr, Oracle Dyn, speaking for himself, said that ultimately this is about the requirements that ICANN is going to place on publishing information for some TLDs. This is not going to affect ccTLDs or legacy TLDs. He asked if there is any intention to remove privacy preserving registrars.

 Julf said there is big pressure to unify the structure to make sure everybody collects the same kind of data and provides the same kind of access to it. He added that there will definitely be registries and registrars affected, but we do know yet know how.

 Shane said that if there is not going to be removal of privacy preserving services then this is irrelevant, because people who want to hide their information, will still be able to do it.

 Julf answered that they are trying to go for a universal model here.

3. EuroDIG 2019: An Invitation
Arnold van Rhijn, Ministry of Economic Affairs and Climate Policy, Netherlands

Paul Rendek said he values the cooperation between RIPE NCC and Arnold’s team at the ministry. RIPE is glad to be involved and help with in the organisation of EuroDIG as well as participate in panels and workshops.

 Arnold mentioned his ministry is in the process of finalising an MoU with the RIPE NCC to further strengthen their cooperation.

 Achilleas added that the Cooperation WG hopes to hear more about this during RIPE 78.

4. ETNO and RIPE Cooperation
Hervé Clement 

The presentation is available at:
https://ripe77.ripe.net/presentations/117-ETNO-RIPE-cooperation.pptx

Marco Hogewoning, RIPE NCC, clarified that last week RIPE NCC gave a similar presentation to the ETNO community in Brussels asking the same question. Both organisations are willing to move forward but want feedback from their respective communities.

Shane said that from the technical side WG communities are very open, but do not have any formal mechanisms of collaboration. He advised ETNO to find people in their community who are interested in particular topics, such as routing, DNS and either approach WG Chairs or send it to the mailing list where it can be discussed openly.

Achilleas added that earlier this week was the Financial Times/ETNO summit in Brussels, with many interesting discussions.

5. How EU Regulation Affects You
Suzanne Taylor, RIPE NCC

The presentation is available at:
https://ripe77.ripe.net/presentations/109-RIPE-77_Cooperation_EU-regulation_Taylor.pdf

Mohsen Souissi, AFNIC, said that not all ccTLD operators have their own provisions in place already. There can be a difference with the Directive is interpreted into national law and how the law is enforced from country to country. Last month, a legal document was published with about 23 security rules which ccTLD operators need to comply with in 1, 2 or 3 years’ time depending on the rule. No other country he can find does this. Provisions are already in place when it comes to critical infrastructure.

Suzanne replied that because of the vagueness of the rules there is room for interpretation. Some operators have thought of these issues and have some structures in place.

Paul Wilson, APNIC, commented remotely that on intermediary liability, it might be interesting to look at the Manilla principles on intermediary liability (www.manilaprinciples.org), developed mostly by civil-society, which cover issues such as rule of law, transparency, due process  actions such as filtering and take-downs.

Peter Koch, DENIC, added that the European Council worked on this last  and asked if the RIPE NCC had any way to exert influence in the negotiations.

Peter added that some of them are fighting those battles on a more domestic frontline. Practitioners have understood that this overarching security regulation is actually a security threat, because it endangers the informal structures in place, which have been working for the last decades, and puts in place instead too much regulation and the threat of being non-compliant. Putting actors like the RIPE NCC and CENTR at the same table would be very helpful.

Hans Petter Holen said he had looked at the NIS Directive. Two things were not clearly understood. The directive applies to DNS providers of more than two or three hundred thousand domains. That is going further than what is purely critical infrastructure and includes all big players.

Arnold van Rijn added that negotiations are taking place for a new multi-annual framework program within the EU dealing with R&D. Part of that program will be innovation in relationship to the cybersecurity. Secondly, EU elections are coming up on 23 May 2019. The new European Commission will have a new agenda, which means that today is the right time to give the community’s input. They promoted a roadmap for a secure hard- and software based on a PPP approach, not regulation. He called on the RIPE Community to start thinking what they want to include in the RIPE agenda.

Alexander thanked Suzanne for her review and added that the Cooperation WG agenda was quite full and maybe the chairs could ask for a second slot for RIPE 78.

 

RIPE Forum

The RIPE Forum is an additional way to participate in RIPE community mailing list discussions using a web-based interface rather than an email client.

Check out the forum