This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Malcolm Hutty
malcolm at linx.net
Thu May 5 11:39:14 CEST 2011
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/05/2011 08:36, Randy Bush wrote: > shall we have a policy that covers black helicopters and sci-fi attacks > as well as demanding perfection in everything? Black helicopters in slides presentations are amusing. But if you seriously think the governments, law enforcement and private litigants won't see this as a new capability to prevent traffic to certain networks you haven't (note to self: be polite, Malcolm) all the facts. Fact 1. In the Co-operation WG where British law enforcement officials have /already/ been asking for procedures to re-assign netblocks to their agency because they think that would help prevent traffic flowing to places where crimes occur. Of course, as a community we could refuse to cooperate, unless/until the NCC is compelled. Nonetheless, this demonstrates LEAs do have both the awareness and the intent; it's not a wild conspiracy theory. Fact 2. There is draft legislation ALREADY going through the EU that if passed would require all EU governments (including the Dutch) to introduce laws to "take the necessary measures to obtain the blocking of access" to certain Internet locations [1]. It could be argued that this would give Dutch LEAs sufficient power to require the RIPE NCC to revoke a certificate - or perhaps not; it probably depends on how the Netherlands chooses to implement this European law if/when it goes through. I would say that this shows that the risk, although not certain, is pressing and immediate, not a vague worry for the distant future. Fact 3. There is continuous lobbying within the EU, to which Dutch law is subject, for greater measures to require Internet intermediaries to prevent the reachability of certain Internet locations. This has mainly focussed on network operators, but more recently EU officials have opened dialogue with ccTLD registries and the RIPE NCC too. There's no end of topics for which some people believe controlling access to Internet locations would be a useful means of fighting some social evil - child pornography and copyright infringement have in my estimation the largest and most organised lobbying in favour of such measures, but there's also active work in the areas of terrorism, "cybercrime" generally, gambling, xenophobia racism and hate-speech, just off the top of my head. In my view the range of actors who would seek to use any new capability is wide, and they are outside our control as a technical community. They operate at the political level, and they have no interest in the technical community's opinions, apart from an answer to the question "What is it technically possible for the RIPE NCC to do to impede reachability to the locations we specify?" Once the RIPE NCC comes to be seen as a "gateway controller" that can significantly impact the reachability of "bad" networks, it will irrevocably become a ongoing target for use as a tool of public policy enforcement. Malcolm [1] I'm referring to Article 21 of the Draft Directive on Child Sexual Exploitation, which is currently in Trialogue negotiations between the European Parliament, Commission, and Council of Ministers. http://bit.ly/9D5cg8 - -- Malcolm Hutty | tel: +44 20 7645 3523 Head of Public Affairs | Read the LINX Public Affairs blog London Internet Exchange | http://publicaffairs.linx.net/ London Internet Exchange Ltd Maya House, 134-138 Borough High Street, London SE1 1LB Company Registered in England No. 3137929 Trinity Court, Trinity Street, Peterborough PE1 1DA -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3CcEIACgkQJiK3ugcyKhQ1TACfW/MetiGeGRB7/vg+59K3JjVS OmsAni1rVleSySJbJ8ZFlviv+tiqTkdL =eYwd -----END PGP SIGNATURE-----
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]