[address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andrei Robachevsky
andrei.robachevsky at gmail.com
Thu May 5 16:36:37 CEST 2011
Malcolm, There was an IGF workshop in Vilnius last year "Routing and Resource Certification: Self-governance and security at the core of Internet operations" (http://www.intgovforum.org/cms/component/content/article/102-transcripts2010/632-158) I found Paul Vixie's remark he made there very useful in articulating the trade-offs we are facing here. He said: "I'd like to move from the situation we're in now, where the good guys have no recourse against the bad guys, to a new situation where the good guys will have some recourse against other good guys if these powers are misused, and that is the choice I'd rather see discussed [...]" Andrei Malcolm Hutty wrote on 5/5/11 11:39 : > On 05/05/2011 08:36, Randy Bush wrote: >> shall we have a policy that covers black helicopters and sci-fi attacks >> as well as demanding perfection in everything? > > Black helicopters in slides presentations are amusing. But if you > seriously think the governments, law enforcement and private litigants > won't see this as a new capability to prevent traffic to certain > networks you haven't (note to self: be polite, Malcolm) all the facts. > > Fact 1. In the Co-operation WG where British law enforcement officials > have /already/ been asking for procedures to re-assign netblocks to > their agency because they think that would help prevent traffic flowing > to places where crimes occur. Of course, as a community we could refuse > to cooperate, unless/until the NCC is compelled. > > Nonetheless, this demonstrates LEAs do have both the awareness and the > intent; it's not a wild conspiracy theory. > > Fact 2. There is draft legislation ALREADY going through the EU that if > passed would require all EU governments (including the Dutch) to > introduce laws to "take the necessary measures to obtain the blocking of > access" to certain Internet locations [1]. It could be argued that this > would give Dutch LEAs sufficient power to require the RIPE NCC to revoke > a certificate - or perhaps not; it probably depends on how the > Netherlands chooses to implement this European law if/when it goes through. > > I would say that this shows that the risk, although not certain, is > pressing and immediate, not a vague worry for the distant future. > > Fact 3. There is continuous lobbying within the EU, to which Dutch law > is subject, for greater measures to require Internet intermediaries to > prevent the reachability of certain Internet locations. This has mainly > focussed on network operators, but more recently EU officials have > opened dialogue with ccTLD registries and the RIPE NCC too. > > There's no end of topics for which some people believe controlling > access to Internet locations would be a useful means of fighting some > social evil - child pornography and copyright infringement have in my > estimation the largest and most organised lobbying in favour of such > measures, but there's also active work in the areas of terrorism, > "cybercrime" generally, gambling, xenophobia racism and hate-speech, > just off the top of my head. > > In my view the range of actors who would seek to use any new capability > is wide, and they are outside our control as a technical community. They > operate at the political level, and they have no interest in the > technical community's opinions, apart from an answer to the question > "What is it technically possible for the RIPE NCC to do to impede > reachability to the locations we specify?" > > Once the RIPE NCC comes to be seen as a "gateway controller" that can > significantly impact the reachability of "bad" networks, it will > irrevocably become a ongoing target for use as a tool of public policy > enforcement. > > > Malcolm > > [1] I'm referring to Article 21 of the Draft Directive on Child Sexual > Exploitation, which is currently in Trialogue negotiations between the > European Parliament, Commission, and Council of Ministers. > http://bit.ly/9D5cg8 >
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]