<<<
Chronological Index
>>> <<<
Thread Index
>>>
[ga] Re: ICANN and Internet Security and Stability Protection
Dear Michiel, dear Siegfried,
On 11:26 11/10/01, Michiel Leenaars said:
>I don't think ICANN is an appropriate forum to discuss this sort of
>matter. I looked into the ICANN agenda too, to find if they had changed
>course, but there seems to be no mention of anything.
>Am I missing something? They only do domain names, and nothing else.
>agreed. siegfried
The question is not that much if the ICANN is or not the proper place. The
point is that the ICANN - under stress or/and pressures from he USG - has
decided without prior debate to dedicate its coming main yearly meeting to
Security, to the detriment of its pending urgent issues. Making it a press
focal point on the matter.
Crash training and inadequate debates as planed will show the world an
apparent distrust in the current security solutions, an ignorance of the
matter and an inability to propose (for reasons I develop in the last
part). This is endangering the security and the stability of the Internet.
>In fact it is the IETF, IAB and IESG (www.ietf.org) who will really be
>doing this kind of thing, I guess, in cooperation with organisations like
>EuroISPA, RIPE/NCC and ISOC.
I am sorry: here I disagree. There is a need for an Security and Stability
Protection Internet governance advisory center. The structures you quote
and their solutions will be scrutinized as the ICANN, as any other Internet
aspect. The internal review solutions are to be reviewed. They may just
fine, but they are the first to probe. This is like virus tracking: we have
to start with the anti-virus program itself. We are at something serious.
So, this is a good occasion as any to initiate it such a necessary process.
The ICANN is a good place as any, I would say a better place because the
dialog will certainly include governments and the GAC is a proper interface.
>I don't think we should be too paranoid and panicky about it all, too.
You are absolutely right. As Talleyrand said: "slow, slow: we are in
hurry". It has to be an open process by professionals from every area. I am
just initiating the idea: there are many around to take the lead in many areas.
>There are infrastructures (like the electricity infrastructure) that are
>more important and far easy to be targeted, IF that would ever be
>realistic (I personally feel that the recent events showed more symbolism
>- attacking the military and capitalist heart of the country) than actual
>mass scale disruptive tactics. There is little terror in my internet
>connection not working (if you can do that, at any rate). And sane use of
>internet in critical applications should know fallback on or off the net.
I am afraid we do not speak of the same thing, or quite remotely. To keep
with your electricity infrastructure image, the situation of the Internet
is like if most of the current electricity network was still using wood
poles, had no nuclear controlling agencies, no one cared about its
stability and no international agreements had been worked on the matter nor
environment protection. Tchernobyl.
The world has become dependable on the Internet, much more that on the WTC
business messages. Yet the first problem I had reported on Sept 11th was
the distress of VietNamese peasants not knowing how they would survive the
loss of the WTC messages for their current rice campaign.
The first target is that we may tell the press one month from now: the
Internet Community has acknowledged the need, work is under way, there is a
method, there are professionals involved, please help them through your and
your reader contributions. To turn a, initial security and stability break
into a positive thing.
The second target is to benefit from the permanence and the importance of
the security theme to proceed to a complete review from a logical and real
life point of view of the current data network interconnecting solutions of
the world and future needs. Some planing strategy is necessary. These is
Internet: a consensus by its users. But it is nevertheless a major
international industrial, economical, cultural, political, social, legal
etc.. deployment. Time has come to consider how to make it secure and
stability protected as such.
I expect from this several major break through. Innovation, architecture
updates, etc. We have major deployments ahead -TV, new services, proximity
networks, teleurbanism, etc.. and an dramatic increase of the existing
usages. This calls for a far more secure and stable system.
Up to now people have too much looked into the "net" and not enough into
the "inter", to the technicalities and not enough in the social vector, to
the business and not enough to the infrastructure. Users and applications
also makes the architecture of the Internet: how they can be used to add to
the global resilience is an important question. As an example, we cannot
continue to have the world most distributed system ever to depend on a
centralized process on a limited set of 13 machines responding from a data
file of 66 K 10.000 queries a second, 60% of them being a user typo. Nor to
have its deployment limited to the capacity of negotiation of confusing
contracts by two ICANN lawyers. etc... etc...
The concerns range from viruscoms (tricking the DNS in misrouting) or ISP
hacking to NASDAQ crisis, e-mail spying, whois misuse, international DoS
attacks, national protection, resilience to a cut from the root servers,
anti-internet laws, public distrust, e-economy instability, dominance vs
governance, alternative architecture, Internet replacement, social
modelization dependance, reliability in period of crisis, political unrest
dues to e-cultural unbalances, domain name hijacking and legal definition,
private greed or business strategy impacts, IPv6 bottle necks, world
economy dependance, legal status of the Internet corporations, VAT
organization and money laundering, collocation industry, noometry and
authentification, interpol, governance organization, security and stability
warning definition, etc.. etc...
This is terra incognita. It calls on everyone from the governance with
experience To work out an analysis methodology and a modelization with
observatories and test/warning criteria. From then to propose an Internet
Security and Stability Protection Advisory Committee to Govs and governance.
This to be used to filter out/in innovations and proposed changes.
Jefsey Morfin
icp4-subscribe@yahoogroups.com
--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|