From Andrea.GLORIOSO at ec.europa.eu Mon Jun 3 08:51:58 2013 From: Andrea.GLORIOSO at ec.europa.eu (Andrea.GLORIOSO at ec.europa.eu) Date: Mon, 3 Jun 2013 06:51:58 +0000 Subject: [cooperation-wg] Change of representative of the European Commission Message-ID: <0E54E4EA78DD6A40BC64BF9D089600591D2DA7BE@S-DC-ESTJ04-B.net1.cec.eu.int> Dear all, I would like to let you know that following an internal restructuring within the "International relations" unit of DG CONNECT, the official "liaison" of the European Commission with the RIPE Cooperation Working Group will be - as of today - Mr Achilleas Kemos (in copy). A request to subscribe Mr Kemos to this mailing list has already been submitted this morning. Until the subscription becomes effective, thanks for keeping Mr Kemos in copy to further exchanges. Best regards, -- Andrea Glorioso (Mr) European Commission - DG Communication Networks, Content and Technology Unit D1 (International relations) + Task Force on Internet Policy Development Avenue de Beaulieu 25 (4/64) / B-1049 / Brussels / Belgium T: +32-2-29-97682 M: +32-460-797-682 E: Andrea.Glorioso at ec.europa.eu Twitter: @andreaglorioso Facebook: https://www.facebook.com/andrea.glorioso LinkedIn: http://www.linkedin.com/profile/view?id=1749288&trk=tab_pro The views expressed above are purely those of the writer and may not in any circumstances be regarded as stating an official position of the European Commission. Les opinions exprim?es ci-dessus n'engagent que leur auteur et ne sauraient en aucun cas ?tre assimil?es ? une position officielle de la Commission europ?enne. Be transparent - Sign up to the European Commission's Register of Interest Representatives http://ec.europa.eu/transparency/regrin -------------- next part -------------- An HTML attachment was scrubbed... URL: From gordon.lennox.13 at gmail.com Mon Jun 3 10:33:26 2013 From: gordon.lennox.13 at gmail.com (Gordon Lennox) Date: Mon, 3 Jun 2013 10:33:26 +0200 Subject: [cooperation-wg] CoE -"Network Neutrality and Human Rights" Message-ID: <3736B012-86E8-4C86-9019-6F37A746DA3F@gmail.com> Last week the Council of Europe had a "multi-stakeholder dialogue on network neutrality and human rights". See: http://www.coe.int/t/informationsociety/ http://www.coe.int/t/informationsociety/NN%20Conf%202013/default_en.asp It was a good meeting. Some of the flavour can be had from Chris Marsden's opening presentation. http://www.slideshare.net/EXCCELessex/pre-history-of-european-network-neutrality-and-human-rights A short outcomes paper of the major points of discussion is now being prepared which will, after participants comments, be communicated to the 47 member state representatives of the CoE Steering Committee on Media and Information Society (CDMSI) to consider and propose further action. Regards, Gordon From gordon.lennox.13 at gmail.com Mon Jun 3 10:39:18 2013 From: gordon.lennox.13 at gmail.com (Gordon Lennox) Date: Mon, 3 Jun 2013 10:39:18 +0200 Subject: [cooperation-wg] CoE -"Network Neutrality and Human Rights" Message-ID: <5F3BE604-CB68-40D5-B1C3-98A0672AA942@gmail.com> Last week the Council of Europe had a "multi-stakeholder dialogue on network neutrality and human rights". See: http://www.coe.int/t/informationsociety/ http://www.coe.int/t/informationsociety/NN%20Conf%202013/default_en.asp It was a good meeting. Some of the flavour can be had from Chris Marsden's opening presentation. http://www.slideshare.net/EXCCELessex/pre-history-of-european-network-neutrality-and-human-rights A short outcomes paper of the major points of discussion is now being prepared which will, after participants comments, be communicated to the 47 member state representatives of the CoE Steering Committee on Media and Information Society (CDMSI) to consider and propose further action. Regards, Gordon From maria at sunet.se Mon Jun 3 15:44:13 2013 From: maria at sunet.se (=?iso-8859-1?Q?Maria_H=E4ll?=) Date: Mon, 3 Jun 2013 15:44:13 +0200 Subject: [cooperation-wg] Minutes Cooperation WG - RIPE66 Dublin Message-ID: Dear Coop WG friends, Here are the minutes from the meeting: Cooperation Working Group Agenda Thursday, 16 May 11:00 ? 12:30 The Co-Chairs introduced the agenda. Maria H?ll noted her new role as CEO for SUNET, the Swedish university network. A. RIPE NCC External Relations Update Paul Rendek, Chris Buckridge, RIPE NCC Paul Rendek spoke about the RIPE NCC's External Relations work, focusing on developments in the law enforcement area and some of the issues that have been raised by Internet stakeholders in the Middle East (including suggestions of the need for an "Arab RIR"). Chris Buckridge presented updates on two International Telecommunication Union (ITU) events, the World Conference on International Telecommunications (WCIT-12) and the World Telecommunications/ICT Policy Forum (WTPF-13). He also discussed the Internet-related work going on in the Organisation for Economic Co-operation and Development (OECD), which the RIPE NCC and industry partners are contributing to via the Internet Technical Advisory Committee (ITAC) to the OECD. Jim Reid noted the challenges faced in engaging a complex organisation like the ITU, and asked about the broader strategy of RIPE NCC to handle this. Chris noted that goal was to address the government concerns at the heart of the complex discussions, and that coordination and resource-sharing between technical organisations (including the other RIRs and I* organisations) was vital to achieving this in the ITU context. Paul Rendek also noted that the complexity and specificity of the ITU forums can be a strength, providing an outlet for ITU stakeholders to consider or study issues without affecting policy-making in other forums. Tahar Schaa noted a defensive tone in some of the RIRs' submissions in the WTPF process, and argued that the RIRs should be more confident in pressing the case that the current governance systems have been responsible for the Internet's emergence and growth. He also suggested that many of the issues identified by governments, such as multilingual TLDs, are not pressing issues for Internet users. Chris noted that this kind of feedback is one reason that the RIPE NCC reports on its engagement in such detail. He also noted that there is a need to engage governments without aggravating their concerns - how to achieve this is an ongoing discussion. Constanze B?rger commended the RIPE NCC's engagement, and encouraged other governments to bring their concerns to open forums such as the RIPE Cooperation Working Group. B. eID and Trust Services Regulation in the EU Andrea Servida, European Commission DG CONNECT Andrea Servida presented on the European Commission's draft European Regulation regarding electronic identification and trust services for electronic transactions in the EU market. He described the scope of the proposed Regulation, its intended purpose, and how the Commission sees it being implemented by Member States. Jim Reid questioned how the electronic data gathered by eID services would be stored, used or potentially misused. Andrea noted that the set-up of such systems (including safeguards for user data) would generally be handled at a national level, but that at the cross-border level, the European Commission will work to establish appropriate mechanisms to ensure that only the information necessary for a specific purpose can be accessed. Patrick Tarpey asked about the intended use of secondary national legislation and whether this might result in security and operational practices differing from state to state, including the strength of cryptographic controls. He noted that such differences could means gaps in security. Andrea noted that the proposal is intended to improve on the current situation, and that while there may be differences across states, the Commission is working with Member States to ensure that there will be common levels of security assured. Patrick sought clarification on whether this might result in different approaches to revocation of cryptographic material; Andrea noted that the goal of the Regulation would be to help harmonise such differences across Member States. Tahar Schaa questioned whether the Regulation was intended to cover (or create competition for) existing electronic identification mechanisms from the private sector, such as Google or Amazon IDs. Andrea noted that the intention is that Member States could decide to bring any existing identification mechanisms, whether public or private, under legislation within the framework of the Regulation. He clarified though that the intent is only for the Regulation to cover identification schemes used to access public services. Patrik F?ltstr?m noted that Article 5 of the Regulation notes that the Commission will maintain a list of electronic ID schemes to be accepted by EU Member States, and expressed surprise that the Commission had not been involved in the discussions surrounding development and deployment of DNSSEC and RPKI schemes. He identified a clash between such schemes, developed through bottom-up processes in the technical community, and this Regulation. Andrea argued that the Commission had conducted extensive public consultation, and that the Regulation leaves the choice to Member State which eID schemes to use; the list maintained by the Commission will help facilitate the use of eIDs across different countries which will require building trust. D. Public/Private Cooperation on Internet Issues: The Irish Experience Michele Neylon, Blacknight Internet Solutions Ltd Michele Neylon presented on the Irish Internet industry and its relationship to the Irish government, particularly regarding Internet governance issues. He also noted that the Irish industry has been relatively slow in IPv6 adoption. Donal Cunningham noted that his company had been asked, when tendering for a government project, to include IPv6 compatibility, and that the government then followed up by actually asking for their IPv6 allocation. Brian Nisbet noted that one area of positive activity from the Irish government was that the Department of Communications and Department of Education had been investing heavily in broadband for schools. Michele suggested that while there was good work being done, it was being done in isolation, and that better coordination between the public and private sectors would be welcome. C. Building Cooperation with the Academic Networks Community Maria H?ll, SUNET Maria delivered a very brief presentation, noting her new role with the Swedish university network, and highlighting the importance of cooperation between all stakeholder groups, including academia. She emphasised her hope to see national research and education networks (NRENs) take a greater interest in Internet governance issues. Paul Rendek noted that the RIPE NCC is focused on building relationships with NRENs, and this includes helping them get involved in Internet governance discussions. Maria closed the meeting. _________________________________ Best regards, Maria H?ll Co-Chair RIPE Cooperation WG -------------- next part -------------- An HTML attachment was scrubbed... URL: From ripencc-management at ripe.net Mon Jun 17 10:49:32 2013 From: ripencc-management at ripe.net (Axel Pawlik) Date: Mon, 17 Jun 2013 10:49:32 +0200 Subject: [cooperation-wg] RIPE NCC Response to Proposed EC Regulation on Electronic ID and Trust Services References: <51B9C8DF.5010600@ripe.net> Message-ID: <09BB2AFB-6EC0-4657-A419-8B8736916C71@ripe.net> Dear colleagues, At the recent RIPE 66 Meeting, Andrea Servida of the European Commission delivered a presentation on the proposed EU Regulation on electronic identification and trust services for electronic transactions in the internal market. Video, transcript and minutes of the session are available at: https://ripe66.ripe.net/programme/meeting-plan/coop-wg/ Text of this proposed Regulation is available on the European Commission website: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52012PC0238:EN:NOT [available in various languages and formats] Based on the RIPE 66 presentation and the discussions that it provoked, the RIPE NCC has identified a number of serious concerns with the proposal, and we believe that the current proposal text may be interpreted in ways that conflict with the basic intent of the Regulation. Specifically, we believe that the proposal could be interpreted as applying to technologies and services beyond electronic identification (eID) and eID-related trust services, perhaps extending to cover unrelated technologies to eID such as Domain Name Security Extensions (DNSSEC) and Resource Public Key Infrastructure (RPKI). An analysis about the scope of the proposed Regulation and possible implications can be found at: https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/analysis-of-the-proposed-eid-regulation/ Such a broad scope for the Regulation could serve to inhibit efforts by the Internet technical community in the EU (often in collaboration with colleagues and counterparts around the world) to secure the infrastructure of the Internet. We also believe that such a broad scope is not the intention of the Regulation. The RIPE NCC plans to send a letter, detailing our concerns and specific suggestions for edits to the text of the Regulation, to relevant Members of the European Parliament (MEPs), European Commission staff and government officials. A draft of this letter can be found at: https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/letter-regarding-eid-regulation/ It is important to send this letter quickly to ensure that officials have a chance to reflect on our concerns before committing to a position on the Regulation. With that in mind, we would appreciate any feedback from the RIPE community on the language of the letter, the positions and the strategy. Such feedback may be provided on the Cooperation Working Group mailing list or directly to the RIPE NCC at . We would also welcome any information that community members can provide on MEPs that might have an interest in this issue. We encourage RIPE community members to contact their national MEPs regarding this Regulation, and please feel free to use any or all of the language found in the draft RIPE NCC letter. Best regards, Axel Pawlik Managing Director, RIPE NCC From michele at blacknight.com Mon Jun 17 14:19:21 2013 From: michele at blacknight.com (Michele Neylon :: Blacknight) Date: Mon, 17 Jun 2013 12:19:21 +0000 Subject: [cooperation-wg] RIPE NCC Response to Proposed EC Regulation on Electronic ID and Trust Services In-Reply-To: <20130617085802.CBD135A4010@merlin.blacknight.ie> References: <51B9C8DF.5010600@ripe.net> <20130617085802.CBD135A4010@merlin.blacknight.ie> Message-ID: Axel Thanks to you and RIPE for taking the lead on this. I've forwarded it to a couple of other interested parties. With respect to the current draft I'm supportive of the proposed text Regards Michele On 17 Jun 2013, at 03:49, Axel Pawlik wrote: > Dear colleagues, > > At the recent RIPE 66 Meeting, Andrea Servida of the European Commission delivered a presentation on the proposed EU Regulation on electronic identification and trust services for electronic transactions in the internal market. Video, transcript and minutes of the session are available at: > https://ripe66.ripe.net/programme/meeting-plan/coop-wg/ > > Text of this proposed Regulation is available on the European Commission website: > http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52012PC0238:EN:NOT > [available in various languages and formats] > > Based on the RIPE 66 presentation and the discussions that it provoked, the RIPE NCC has identified a number of serious concerns with the proposal, and we believe that the current proposal text may be interpreted in ways that conflict with the basic intent of the Regulation. > > Specifically, we believe that the proposal could be interpreted as applying to technologies and services beyond electronic identification (eID) and eID-related trust services, perhaps extending to cover unrelated technologies to eID such as Domain Name Security Extensions (DNSSEC) and Resource Public Key Infrastructure (RPKI). An analysis > about the scope of the proposed Regulation and possible implications can be found at: > https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/analysis-of-the-proposed-eid-regulation/ > > Such a broad scope for the Regulation could serve to inhibit efforts by the Internet technical community in the EU (often in collaboration with colleagues and counterparts around the world) to secure the infrastructure of the Internet. We also believe that such a broad scope is not the intention of the Regulation. > > The RIPE NCC plans to send a letter, detailing our concerns and specific suggestions for edits to the text of the Regulation, to relevant Members of the European Parliament (MEPs), European Commission staff and government officials. A draft of this letter can be found at: > https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/letter-regarding-eid-regulation/ > > It is important to send this letter quickly to ensure that officials have a chance to reflect on our concerns before committing to a position on the Regulation. With that in mind, we would appreciate any feedback from the RIPE community on the language of the letter, the positions and the strategy. Such feedback may be provided on the Cooperation Working Group mailing list or directly to the RIPE NCC at . > > We would also welcome any information that community members can provide on MEPs that might have an interest in this issue. We encourage RIPE community members to contact their national MEPs regarding this Regulation, and please feel free to use any or all of the language found in the draft RIPE NCC letter. > > Best regards, > > Axel Pawlik > Managing Director, RIPE NCC > -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From patrik at frobbit.se Mon Jun 17 20:16:00 2013 From: patrik at frobbit.se (=?iso-8859-1?Q?Patrik_F=E4ltstr=F6m?=) Date: Mon, 17 Jun 2013 20:16:00 +0200 Subject: [cooperation-wg] FYI: From the European Commission: human rights guidance for 3 business sectors References: <5DFE64F58A6E724EB163CB43B4F0410B0A35EEC5@S-DC-ESTB02-J.net1.cec.eu.int> Message-ID: <91E8BA03-45B6-4627-A52F-F381C6FD4461@frobbit.se> Hi, As you can see below European Commission just released human rights guidance for 3 business sectors. I have helped COM and specifically IHRB with their piece of the work, and I know others on this list have also helped. Everything from more formal support to extremely good comments that have helped making the documents what they finally ended up being. Patrik F?ltstr?m Head of Research and Development Netnod Begin forwarded message: > From: > Subject: From the European Commission: human rights guidance for 3 business sectors > Date: 17 juni 2013 18:23:09 CEST > To: > > We are pleased to announce the publication of the European Commission Sector Guides on Implementing the UN Guiding Principles on Business and Human Rights. > > > Download the Guides here: http://ec.europa.eu/enterprise/newsroom/cf/itemdetail.cfm?item_id=6711&lang=en&title=European%2DCommission%2Dpublishes%2Dhuman%2Drights%2Dguidance%2Dfor%2D3%2Dbusiness%2Dsectors > > The Guides ? for employment and recruitment agencies, ICT companies, and oil and gas companies ? were developed over the past 18 months by Shift and IHRB through extensive research and multistakeholder consultation with representatives from the three industries as well as governments, trade unions, civil society, academia and other experts. Read more about the Guides? development here. > > Each Guide offers practical advice on how to implement the corporate responsibility to respect human rights in day-to-day business operations in each industry through step-by-step guidance. At each step, they summarise what the UN Guiding Principles expect, offer a range of approaches and examples for how to put them into practice, and link users to additional resources that can support their work. They are intended to help companies ?translate? respect for human rights into their own systems and cultures. > > Many thanks to all those who have contributed to this process. > > Best regards, > > > CSR Team > > European Commission > Enterprise and Industry Directorate-General > Unit ENTR.D.1 > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.png Type: image/png Size: 41083 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image008.png Type: image/png Size: 47321 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image009.png Type: image/png Size: 50079 bytes Desc: not available URL: From gordon.lennox.13 at gmail.com Mon Jun 17 21:28:01 2013 From: gordon.lennox.13 at gmail.com (Gordon Lennox) Date: Mon, 17 Jun 2013 21:28:01 +0200 Subject: [cooperation-wg] Prism In-Reply-To: <91E8BA03-45B6-4627-A52F-F381C6FD4461@frobbit.se> References: <5DFE64F58A6E724EB163CB43B4F0410B0A35EEC5@S-DC-ESTB02-J.net1.cec.eu.int> <91E8BA03-45B6-4627-A52F-F381C6FD4461@frobbit.se> Message-ID: On 17 Jun, 2013, at 20:16, Patrik F?ltstr?m wrote: > I have helped COM and specifically IHRB with their piece of the work... Patrik, I know you have also been very involved in helping with the Data Retention legislation. With all the discussion around Prism it might be interesting if you could bring people up to date on where we are now on that. Gordon -------------- next part -------------- An HTML attachment was scrubbed... URL: From gordon.lennox.13 at gmail.com Tue Jun 18 22:05:14 2013 From: gordon.lennox.13 at gmail.com (Gordon Lennox) Date: Tue, 18 Jun 2013 22:05:14 +0200 Subject: [cooperation-wg] Prism In-Reply-To: References: <5DFE64F58A6E724EB163CB43B4F0410B0A35EEC5@S-DC-ESTB02-J.net1.cec.eu.int> <91E8BA03-45B6-4627-A52F-F381C6FD4461@frobbit.se> Message-ID: On 17 Jun, 2013, at 21:28, Gordon Lennox wrote: > > On 17 Jun, 2013, at 20:16, Patrik F?ltstr?m wrote: > >> I have helped COM and specifically IHRB with their piece of the work... > > Patrik, > > I know you have also been very involved in helping with the Data Retention legislation. > > With all the discussion around Prism it might be interesting if you could bring people up to date on where we are now on that. > > Gordon Sweden and the Data Retention Directive... "The European Court of Justice in a decision dated 30 May ordered Sweden to pay a lump sum of ?3 million euros for its delay in transposing the controversial 2006 EU data retention directive into national law in time. ..." http://www.ip-watch.org/2013/06/01/eu-anti-terror-data-retention-directive-meeting-resistance-in-eu-courts/ :-) Gordon -------------- next part -------------- An HTML attachment was scrubbed... URL: From patrik at frobbit.se Wed Jun 19 15:42:46 2013 From: patrik at frobbit.se (=?iso-8859-1?Q?Patrik_F=E4ltstr=F6m?=) Date: Wed, 19 Jun 2013 15:42:46 +0200 Subject: [cooperation-wg] Prism In-Reply-To: References: <5DFE64F58A6E724EB163CB43B4F0410B0A35EEC5@S-DC-ESTB02-J.net1.cec.eu.int> <91E8BA03-45B6-4627-A52F-F381C6FD4461@frobbit.se> Message-ID: On 18 jun 2013, at 22:05, Gordon Lennox wrote: > On 17 Jun, 2013, at 21:28, Gordon Lennox wrote: > >> On 17 Jun, 2013, at 20:16, Patrik F?ltstr?m wrote: >> >>> I have helped COM and specifically IHRB with their piece of the work... >> >> Patrik, >> >> I know you have also been very involved in helping with the Data Retention legislation. >> >> With all the discussion around Prism it might be interesting if you could bring people up to date on where we are now on that. >> >> Gordon > > Sweden and the Data Retention Directive... > > "The European Court of Justice in a decision dated 30 May ordered Sweden to pay a lump sum of ?3 million euros for its delay in transposing the controversial 2006 EU data retention directive into national law in time. > > ..." > > http://www.ip-watch.org/2013/06/01/eu-anti-terror-data-retention-directive-meeting-resistance-in-eu-courts/ First of all, I think the money Sweden have to pay is worth it, given how (relatively) good the Swedish implementation is compared to for example Denmark ;-) Joke aside, and while trying to ignore the fact I am from Sweden and think the Swedish implementation is quite correct, there have been I think two problems with the DRD. 1. Participation in various groups The participation in various groups that discuss the directive have been the entities that do want such tools. Other groups (for example Article29) have strongly been against the directive. Because of this, COM have had a very hard time trying to find what the real consensus is. I have felt quite lonely in various expert groups that have reviewed the implementations that have existed. 2. Relationship with technology The directive do talk about things like "messages". And give examples like SMS, email, MMS etc. And "web browsing" is something different, not included in the directive and in Sweden explicitly excluded. I even wrote a few papers for COM on the matter. The problem was that the people that want DRD to cover as much as possible claimed also web based messaging (i.e. the HTTP transaction) did fall under the directive. My response has all the time been that we have to choose between: (a) requiring DPI so that only webmail http transactions are included or (b) treat webmail as any other http transaction, i.e. not be covered. In Sweden we did pick alternative (b) btw. This discussion completely stalled because some "experts" did claim there is *no* difference from a technical perspective between web based access to messages and IMAP or POP based access. We also had issues with various NAT implementations, or risk thereof (CGN anyone?). There was a discussion on whether the directive itself should be implemented, or the intention of the directive, and if the latter, if more should be covered than what the directive describes. Should (for example) *ALL* NAT devices in EU be required to log any port/address mapping? Yes, some people did want that, and now go back to (1) above, and understand the discussion was quite difficult. So, we do know that the directive did not really lead to the harmonization one wanted, and the question is what COM will do. I know that a new expert group is to be created. See mail below. I have myself decided to no longer have time to work on this. Specifically given the enormous problems I had related to (2) above. It was impossible to win. Begin forwarded message: > From: > Subject: Data Retention Expert Group > Date: 19 april 2013 16:05:07 GMT+01:00 > To: > > Dear all > > With apologies for the group email, I thought you might find the attached documents of interest. > > The Commission has decided to set up a new expert group on data retention, following the expiry of the previous group which met from 2008-2012, and applications to be a member are invited and should be sent by 3 June 2013. > > Further details, including French and German versions of the Commission decision and call for applications, will be on our website early next week. Please feel free to forward on to whoever you think might be interested. > > Have a good weekend. > > Christian > > > Patrik -------------- next part -------------- A non-text attachment was scrubbed... Name: 20130418 Data Retention Expert Group Decision EN.pdf Type: application/pdf Size: 65249 bytes Desc: not available URL: -------------- next part -------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: call EN.pdf Type: application/pdf Size: 426330 bytes Desc: not available URL: -------------- next part -------------- From gordon.lennox.13 at gmail.com Fri Jun 21 20:29:40 2013 From: gordon.lennox.13 at gmail.com (Gordon Lennox) Date: Fri, 21 Jun 2013 20:29:40 +0200 Subject: [cooperation-wg] eID and Trust Services Message-ID: <4FCD7065-86F4-47C5-B0C5-31999E86BD9C@gmail.com> Here is a video of an exchange in the Parliament on the topic presented and discussed in Dublin. https://www.youtube.com/watch?v=wPqbqjisF6Y Regards, Gordon From chrisb at ripe.net Thu Jun 27 15:32:40 2013 From: chrisb at ripe.net (Chris Buckridge) Date: Thu, 27 Jun 2013 15:32:40 +0200 Subject: [cooperation-wg] RIPE NCC Launches New Initiatives at EuroDIG 2013 References: <8CEA2569-743B-4FAE-8504-67CB2657B17B@ripe.net> Message-ID: <3077E8EA-7320-409F-B41A-287BB4A436D8@ripe.net> Dear colleagues, The RIPE NCC has posted a report on our participation at last week's EuroDIG (European Dialogue on Internet Governance) meeting in Lisbon, including two new initiatives launched by the RIPE NCC at the event: https://www.ripe.net/internet-coordination/news/about-ripe-ncc-and-ripe/ripe-ncc-launches-new-initiatives-at-eurodig-2013 Best regards, Chris Buckridge External Relations Officer, RIPE NCC From chrisb at ripe.net Fri Jun 28 17:11:56 2013 From: chrisb at ripe.net (Chris Buckridge) Date: Fri, 28 Jun 2013 17:11:56 +0200 Subject: [cooperation-wg] RIPE NCC Response to Proposed EC Regulation on Electronic ID and Trust Services In-Reply-To: <09BB2AFB-6EC0-4657-A419-8B8736916C71@ripe.net> References: <51B9C8DF.5010600@ripe.net> <09BB2AFB-6EC0-4657-A419-8B8736916C71@ripe.net> Message-ID: <77EC1D26-44B1-457A-9381-7EA83899AD30@ripe.net> Dear colleagues, Thank you to all who provided feedback on the RIPE NCC's proposed response to the draft EU Regulation regarding electronic identification and trust services. Based on discussions with Members of the European Parliament (MEPs) on how to effectively engage the legislative process at this stage, the RIPE NCC has distributed a revised letter to various MEPs involved in reviewing the proposed Regulation. Rather than proposing specific amendments to the Regulation, we have supported a number of amendments already proposed by MEPs that would address our concerns with the Regulation. Our overall position and arguments remain unchanged. A copy of this letter is available at: https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/ripe-ncc-letter-to-meps-regarding-eid/ Best regards, Chris Buckridge External Relations Officer, RIPE NCC On 17 Jun 2013, at 10:49 AM, Axel Pawlik wrote: > Dear colleagues, > > At the recent RIPE 66 Meeting, Andrea Servida of the European Commission delivered a presentation on the proposed EU Regulation on electronic identification and trust services for electronic transactions in the internal market. Video, transcript and minutes of the session are available at: > https://ripe66.ripe.net/programme/meeting-plan/coop-wg/ > > Text of this proposed Regulation is available on the European Commission website: > http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52012PC0238:EN:NOT > [available in various languages and formats] > > Based on the RIPE 66 presentation and the discussions that it provoked, the RIPE NCC has identified a number of serious concerns with the proposal, and we believe that the current proposal text may be interpreted in ways that conflict with the basic intent of the Regulation. > > Specifically, we believe that the proposal could be interpreted as applying to technologies and services beyond electronic identification (eID) and eID-related trust services, perhaps extending to cover unrelated technologies to eID such as Domain Name Security Extensions (DNSSEC) and Resource Public Key Infrastructure (RPKI). An analysis > about the scope of the proposed Regulation and possible implications can be found at: > https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/analysis-of-the-proposed-eid-regulation/ > > Such a broad scope for the Regulation could serve to inhibit efforts by the Internet technical community in the EU (often in collaboration with colleagues and counterparts around the world) to secure the infrastructure of the Internet. We also believe that such a broad scope is not the intention of the Regulation. > > The RIPE NCC plans to send a letter, detailing our concerns and specific suggestions for edits to the text of the Regulation, to relevant Members of the European Parliament (MEPs), European Commission staff and government officials. A draft of this letter can be found at: > https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/letter-regarding-eid-regulation/ > > It is important to send this letter quickly to ensure that officials have a chance to reflect on our concerns before committing to a position on the Regulation. With that in mind, we would appreciate any feedback from the RIPE community on the language of the letter, the positions and the strategy. Such feedback may be provided on the Cooperation Working Group mailing list or directly to the RIPE NCC at . > > We would also welcome any information that community members can provide on MEPs that might have an interest in this issue. We encourage RIPE community members to contact their national MEPs regarding this Regulation, and please feel free to use any or all of the language found in the draft RIPE NCC letter. > > Best regards, > > Axel Pawlik > Managing Director, RIPE NCC > From paf at frobbit.se Fri Jun 28 17:33:39 2013 From: paf at frobbit.se (=?windows-1252?Q?Patrik_F=E4ltstr=F6m?=) Date: Fri, 28 Jun 2013 17:33:39 +0200 Subject: [cooperation-wg] RIPE NCC Response to Proposed EC Regulation on Electronic ID and Trust Services In-Reply-To: <09BB2AFB-6EC0-4657-A419-8B8736916C71@ripe.net> References: <51B9C8DF.5010600@ripe.net> <09BB2AFB-6EC0-4657-A419-8B8736916C71@ripe.net> Message-ID: Thanks Chris, Athina and others at RIPE NCC for this work. Excellent! Patrik On 17 jun 2013, at 10:49, Axel Pawlik wrote: > Dear colleagues, > > At the recent RIPE 66 Meeting, Andrea Servida of the European Commission delivered a presentation on the proposed EU Regulation on electronic identification and trust services for electronic transactions in the internal market. Video, transcript and minutes of the session are available at: > https://ripe66.ripe.net/programme/meeting-plan/coop-wg/ > > Text of this proposed Regulation is available on the European Commission website: > http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52012PC0238:EN:NOT > [available in various languages and formats] > > Based on the RIPE 66 presentation and the discussions that it provoked, the RIPE NCC has identified a number of serious concerns with the proposal, and we believe that the current proposal text may be interpreted in ways that conflict with the basic intent of the Regulation. > > Specifically, we believe that the proposal could be interpreted as applying to technologies and services beyond electronic identification (eID) and eID-related trust services, perhaps extending to cover unrelated technologies to eID such as Domain Name Security Extensions (DNSSEC) and Resource Public Key Infrastructure (RPKI). An analysis > about the scope of the proposed Regulation and possible implications can be found at: > https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/analysis-of-the-proposed-eid-regulation/ > > Such a broad scope for the Regulation could serve to inhibit efforts by the Internet technical community in the EU (often in collaboration with colleagues and counterparts around the world) to secure the infrastructure of the Internet. We also believe that such a broad scope is not the intention of the Regulation. > > The RIPE NCC plans to send a letter, detailing our concerns and specific suggestions for edits to the text of the Regulation, to relevant Members of the European Parliament (MEPs), European Commission staff and government officials. A draft of this letter can be found at: > https://www.ripe.net/internet-coordination/internet-governance/multi-stakeholder-engagement/eu/letter-regarding-eid-regulation/ > > It is important to send this letter quickly to ensure that officials have a chance to reflect on our concerns before committing to a position on the Regulation. With that in mind, we would appreciate any feedback from the RIPE community on the language of the letter, the positions and the strategy. Such feedback may be provided on the Cooperation Working Group mailing list or directly to the RIPE NCC at . > > We would also welcome any information that community members can provide on MEPs that might have an interest in this issue. We encourage RIPE community members to contact their national MEPs regarding this Regulation, and please feel free to use any or all of the language found in the draft RIPE NCC letter. > > Best regards, > > Axel Pawlik > Managing Director, RIPE NCC > From roland at internetpolicyagency.com Sun Jun 30 12:57:13 2013 From: roland at internetpolicyagency.com (Roland Perry) Date: Sun, 30 Jun 2013 11:57:13 +0100 Subject: [cooperation-wg] Prism In-Reply-To: References: <5DFE64F58A6E724EB163CB43B4F0410B0A35EEC5@S-DC-ESTB02-J.net1.cec.eu.int> <91E8BA03-45B6-4627-A52F-F381C6FD4461@frobbit.se> Message-ID: In message , at 15:42:46 on Wed, 19 Jun 2013, Patrik F?ltstr?m writes >The problem was that the people that want DRD to cover as much as possible claimed also web based messaging (i.e. the HTTP transaction) did >fall under the directive. My response has all the time been that we have to choose between: (a) requiring DPI so that only webmail http >transactions are included or (b) treat webmail as any other http transaction, i.e. not be covered. In Sweden we did pick alternative (b) btw. > >This discussion completely stalled because some "experts" did claim there is *no* difference from a technical perspective between web based >access to messages and IMAP or POP based access. There is of course a technical (operational) difference between IMAP/POP and Webmail, which should be fairly easy to demonstrate. However, from a regulatory (public policy) point of view, it's clear that all forms of email are "messages", including webmail. The objectives of law enforcement would probably be satisfied if logging of webmail was restricted to messages to/from a small set of "top 10" global providers. They are never looking for universal solutions, just to pick the low-hanging fruit. [I know some people will say "but the criminals will just move to a different and less well known webmail provider", but any tech-savvy criminal will already be communicating by something other than IMAP/POP or Webmail, so they need a different approach anyway.] -- Roland Perry From liman at autonomica.se Sun Jun 30 20:39:48 2013 From: liman at autonomica.se (Lars-Johan Liman) Date: Sun, 30 Jun 2013 20:39:48 +0200 Subject: [cooperation-wg] Prism In-Reply-To: (Roland Perry's message of "Sun, 30 Jun 2013 11:57:13 +0100") References: <5DFE64F58A6E724EB163CB43B4F0410B0A35EEC5@S-DC-ESTB02-J.net1.cec.eu.int> <91E8BA03-45B6-4627-A52F-F381C6FD4461@frobbit.se> Message-ID: <22k3lbqw7f.fsf@ziptop.autonomica.net> roland at internetpolicyagency.com: > There is of course a technical (operational) difference between > IMAP/POP and Webmail, which should be fairly easy to demonstrate. > However, from a regulatory (public policy) point of view, it's clear > that all forms of email are "messages", including webmail. Umm ... I have a gut feeling that someone is trying to split hairs here. E-mail has existed in many ways, shapes, and forms over the years. "Webmail" doesn't strike me as a well defined term, and you have to be careful using IMAP/POP as terminology for e-mail. E-mail can be carried in the strangest of ways, and the following chain is far from unusual: web browser --> web server --> mail server --> SMTP connection --> mail server --> Microsoft Exchange server --> IMAP connection --> web server --> web client. Which part is or isn't involved? (This is a rhetorical question - no need to answer.) E-mail is message passing between users. I'm not sure the protocol matters that much ... Best regards, /Lars-Johan Liman #---------------------------------------------------------------------- # Lars-Johan Liman, M.Sc. ! E-mail: liman at netnod.se # Senior Systems Specialist ! Tel: +46 8 - 562 860 12 # Netnod Internet Exchange, Stockholm ! http://www.netnod.se/ #---------------------------------------------------------------------- From paf at frobbit.se Sun Jun 30 21:26:22 2013 From: paf at frobbit.se (=?iso-8859-1?Q?Patrik_F=E4ltstr=F6m?=) Date: Sun, 30 Jun 2013 21:26:22 +0200 Subject: [cooperation-wg] Prism In-Reply-To: <22k3lbqw7f.fsf@ziptop.autonomica.net> References: <5DFE64F58A6E724EB163CB43B4F0410B0A35EEC5@S-DC-ESTB02-J.net1.cec.eu.int> <91E8BA03-45B6-4627-A52F-F381C6FD4461@frobbit.se> <22k3lbqw7f.fsf@ziptop.autonomica.net> Message-ID: <48096A22-98BD-49F3-8D80-713070256165@frobbit.se> On 30 jun 2013, at 20:39, Lars-Johan Liman wrote: > web browser --> web server --> mail server --> SMTP connection --> > mail server --> Microsoft Exchange server --> IMAP connection --> web > server --> web client. > > Which part is or isn't involved? (This is a rhetorical question - no > need to answer.) > > E-mail is message passing between users. I'm not sure the protocol > matters that much ... I think it is the other way around. To be able to know what to save data about, one must have recommendations that do say exactly where and what to retain. In the paper I wrote that was not accepted I explained exactly what Lars-Johan explain above, and concluded that as SMTP and IMAP connections are involved data about the messages will be retained. I.e. webmail consists of one "web" transaction between client and web server, and one email transaction from the web server to the mail server. If now mail is to be retained the mail transaction has to be retained. As web transactions are not to be retained that leg should and will not be retained -- even if it is a web transaction that as a result will generate email. That was not acceptable by the parties that to me obviously where not happy with the result during the discussions in the European Parliament where it to be at least was clear that web should not be retained. And I get somewhat bad taste in my mount when I heard people after decision is taken in the European Parliament that web is not to be retained still try to retain "some" web transactions. Patrik