This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/address-policy-wg@ripe.net/
[address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andrei Robachevsky
andrei.robachevsky at gmail.com
Thu May 5 16:36:37 CEST 2011
Malcolm, There was an IGF workshop in Vilnius last year "Routing and Resource Certification: Self-governance and security at the core of Internet operations" (http://www.intgovforum.org/cms/component/content/article/102-transcripts2010/632-158) I found Paul Vixie's remark he made there very useful in articulating the trade-offs we are facing here. He said: "I'd like to move from the situation we're in now, where the good guys have no recourse against the bad guys, to a new situation where the good guys will have some recourse against other good guys if these powers are misused, and that is the choice I'd rather see discussed [...]" Andrei Malcolm Hutty wrote on 5/5/11 11:39 : > On 05/05/2011 08:36, Randy Bush wrote: >> shall we have a policy that covers black helicopters and sci-fi attacks >> as well as demanding perfection in everything? > > Black helicopters in slides presentations are amusing. But if you > seriously think the governments, law enforcement and private litigants > won't see this as a new capability to prevent traffic to certain > networks you haven't (note to self: be polite, Malcolm) all the facts. > > Fact 1. In the Co-operation WG where British law enforcement officials > have /already/ been asking for procedures to re-assign netblocks to > their agency because they think that would help prevent traffic flowing > to places where crimes occur. Of course, as a community we could refuse > to cooperate, unless/until the NCC is compelled. > > Nonetheless, this demonstrates LEAs do have both the awareness and the > intent; it's not a wild conspiracy theory. > > Fact 2. There is draft legislation ALREADY going through the EU that if > passed would require all EU governments (including the Dutch) to > introduce laws to "take the necessary measures to obtain the blocking of > access" to certain Internet locations [1]. It could be argued that this > would give Dutch LEAs sufficient power to require the RIPE NCC to revoke > a certificate - or perhaps not; it probably depends on how the > Netherlands chooses to implement this European law if/when it goes through. > > I would say that this shows that the risk, although not certain, is > pressing and immediate, not a vague worry for the distant future. > > Fact 3. There is continuous lobbying within the EU, to which Dutch law > is subject, for greater measures to require Internet intermediaries to > prevent the reachability of certain Internet locations. This has mainly > focussed on network operators, but more recently EU officials have > opened dialogue with ccTLD registries and the RIPE NCC too. > > There's no end of topics for which some people believe controlling > access to Internet locations would be a useful means of fighting some > social evil - child pornography and copyright infringement have in my > estimation the largest and most organised lobbying in favour of such > measures, but there's also active work in the areas of terrorism, > "cybercrime" generally, gambling, xenophobia racism and hate-speech, > just off the top of my head. > > In my view the range of actors who would seek to use any new capability > is wide, and they are outside our control as a technical community. They > operate at the political level, and they have no interest in the > technical community's opinions, apart from an answer to the question > "What is it technically possible for the RIPE NCC to do to impede > reachability to the locations we specify?" > > Once the RIPE NCC comes to be seen as a "gateway controller" that can > significantly impact the reachability of "bad" networks, it will > irrevocably become a ongoing target for use as a tool of public policy > enforcement. > > > Malcolm > > [1] I'm referring to Article 21 of the Draft Directive on Child Sexual > Exploitation, which is currently in Trialogue negotiations between the > European Parliament, Commission, and Council of Ministers. > http://bit.ly/9D5cg8 >
- Previous message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
- Next message (by thread): [address-policy-wg] 2008-08 (Initial Certification Policy in the RIPE NCC Service Region) going to Last Call
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]