This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[address-policy-wg] Legal counsel on 2008-08 (Initial Certification Policy in the RIPE NCC Service Region)
- Previous message (by thread): [address-policy-wg] Legal counsel on 2008-08 (Initial Certification Policy in the RIPE NCC Service Region)
- Next message (by thread): [address-policy-wg] Legal counsel on 2008-08 (Initial Certification Policy in the RIPE NCC Service Region)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sander Steffann
sander at steffann.nl
Wed Jun 1 23:04:05 CEST 2011
Hi, > How can the "risk" of the government being minimized or limited? Or maybe > being build in such a way that its not easy/possible for government to do > damange? (quite impossible task since the government pretty much can > do whatever they want when they are in power... and the power are giving > to them by the people in most countries) My personal opinion is that the best way to stop any abuse in the future is to leave open the possibility of reverting 2008-08 in the future when such abuse becomes a reality. And we already have that possibility already: a proposal to withdraw or change a policy will always be handled according to the PDP (Policy Development Process). If things go really bad we can change the policy, the NCC can shut down the CA and all certificates can be withdrawn. The end result will be the same internet as we have today: one without (valid) certificates for resources. As long as the certificate system doesn't get abused we get to enjoy the benefits... It will take some time (it can be done in about 10 weeks) to do this should the need ever occur, but as this is a last-resort exit strategy I think this is acceptable. Is this an acceptable solution for everybody? > ... and yes, the problem are there on the hijack side, don't think many > disagree on that.. And I would really like to get a solution for this problem, because I am much more afraid of IPv4 address space hijacks once the NCC IPv4 pool runs out... Thanks, Sander Explicitly not speaking as WG chair!
- Previous message (by thread): [address-policy-wg] Legal counsel on 2008-08 (Initial Certification Policy in the RIPE NCC Service Region)
- Next message (by thread): [address-policy-wg] Legal counsel on 2008-08 (Initial Certification Policy in the RIPE NCC Service Region)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]