[governance] Re: IG questions that are not ICANN [was: Irony]
Lee McKnight
lmcknigh at syr.edu
Mon Dec 10 14:53:30 EST 2007
Bill, Ian,
Jumping in as someone who has 'forum shopped' into and out of ITU:
I agree with Milton that ITU can be a total timesink, and agree with Bill that in spite of that it behooves CS to keep pushing on the door if it is starting to sway open; without illusions about how far that may get CS inside.
Legitmating Bill and/or others as CS/IGC ambassadors into that (swamp? ig policy arena? pick your adjective) on the Committee of Experts is I agree worth some effort.
Also, a side door into ITU agenda-setting is through their mega-conferences, for example ITU Telecom Africa in Cairo in May; not that we don;t all have more than enough events to go to already. Usually just industry and regulatory types and a select few academics get on their programs. But the chair of the the ITU program committee Norman Lewis happens to be working for my startup WGC - talk to me offline about that ; )
Lee
Prof. Lee W. McKnight
School of Information Studies
Syracuse University
+1-315-443-6891office
+1-315-278-4392 mobile
>>> ian.peter at ianpeter.com 12/10/07 2:01 PM >>>
What Bill said * if we are going to do anything in the field of Internet
governance, we have to deal with less than perfect organizations such as UN,
governments, corporations, ITU, ICANN, IGP, and, dare I say it, the civil
society caucus.
If we can find a way to participate, we should. We should at least follow
Bill’s suggestion that we ask for CS participation on the Committee of
Experts. We could submit a raft of names for consideration asking that at
least one be appointed (all submitted candidates should be people who we
know would report back and liaise with CS)
Ian Peter
Ian Peter and Associates Pty Ltd
PO Box 10670 Adelaide St Brisbane 4000
Australia
Tel (+614) 1966 7772 or (+612) 6687 0773
www.ianpeter.com
www.internetmark2.org
www.nethistory.info
_____
From: William Drake [mailto:drake at hei.unige.ch]
Sent: 10 December 2007 19:54
To: Governance
Subject: Re: [governance] Re: IG questions that are not ICANN [was: Irony]
Good morning, sunshine,
On 12/10/07 3:14 AM, "Milton L Mueller" <mueller at syr.edu> wrote:
>> -----Original Message-----
>> From: William Drake [HYPERLINK
"mailto:drake at hei.unige.ch%5d"mailto:drake at hei.unige.ch]
>> See above. Re: flawed yes, but fatally---this obviously depends on the
>> issue, the industry players involved, their degree of consensus and
>> support
>> for the approach taken and their ability to implement it, which with
>> respect
>> to security I wouldn't make a sweeping statement about before actually
>> investigating. When law enforcement, national security, and intelligence
>> agencies work with major telcos, manufacturers, applications providers
etc
>> it seems odd to just assume this cannot matter at all.
>
> That kind of work is going on in many places, and the ITU is not the most
> significant place for it. Indeed, the ITU is rather marginalized these
days.
This authoritative pronouncement is based on what, precisely? You've mapped
the topology of all the work being done on all the security issues in all
the relevant institutions, examined the ITU work program in relation to
this, and determined that there is no interface and cross-pollination
between these efforts, and that the routine practice of bringing work from,
e.g. regional and tech-specific forums into ITU for multilateral adoption at
the global level is of no significance to anything, and hence all the
thousands of people involved from every government, major network operator,
manufacturer, etc that are constantly over here just come to go shopping?
Or are you really saying that you don't follow these things and therefore
they don't matter?
I have, as you know, written quite a bit over the years about the historical
evolution and contemporary decline of the telecom regime, so I not only get
the marginalization argument, but have made it. However, it's worth noting
that this marginalization is relative; for example, while the telecom
regulation treaty directly shapes a declining share of activity, carriers
from the US alone (just one of 191 member states) still settle over $7
billion a year under its terms and are fairly concerned about current
proposals for change. But that doesn't matter I guess, since it's not about
domain names. The extent of marginalization is also highly variable: for
spectrum management it's non-existent, for standards, including
security-related aspects, it depends on a host of factors per previous. In
some cases the main action is elsewhere, in some it's not.
> And if civil society critics succeeded, after the kind of HUGE effort that
it
> would take, in getting an influential seat at some ITU table then the
chances
> are great that certain parties would forum-shift to somewhere else.
I have absolutely no illusions that CS would make a HUGE effort and wasn't
proposing this. But since the Argentine-Swiss proposals to open the door to
CS are the focus of active debate right now, it'd be nice if CS wasn't
entirely silent, which just makes it easier for the more retrograde
governments to say why bother, they don't care anyway. At a post-WSIS ITU
meeting a couple years ago, I presented a quickly assembled statement that
was signed by two dozen caucus people criticizing the CS lock out and saying
this is one of the reasons CS doesn't want ITU near IG, and it did get their
attention. But now that friendly governments are actually trying to do
something about the matter, we're not there to offer any support. Wille and
I made presentations on CS inclusion at a meeting this year that were
perceived I think as sort of solo views, not supported by any broader
constituency demand. It'd have been nice if we'd had a sign on or
something, which is not all that hard to do, except when the gestalt is, who
cares, it's not ICANN.
> No one said the issues of lawful intercept and cybersecurity "don't
matter."
> Indeed, if you've been paying attention to IGP's work at all you should
know
> that we've been focusing on that quite a bit, with some relatively good
> results in the DNSSEC sphere.
Like all good citizens, I am a dutiful student and hang on IGP's every word.
Brendan's DNSSEC stuff is interesting and important, but it's a piece of a
much larger puzzle, which is what we're talking about.
> But this kind of politics is trench warfare and it makes little sense for
CS
> groups to enter into a battle on the terms and conditions set by industry
and
> govts, which is precisely what you are inviting us to do.
Then why did we/you participate in WSIS? Why, for that matter, do you
participate in ICANN if this is a disqualifier? That's the way the world
is, so why not pack up our tents and go home?
>> processes are nonetheless consequential, no? Re: top down, ok if by this
>> you mean CS is excluded and a number of segments of relevant Internet
>> industries opt not to get involved. But for those industry groupings
that
>> opt to be involved, it is as bottom up as any other standards process.
>
> Sure. But think of resource allocation. Scarce time, labor money. I don't
see
> the case for CS involvement in ITU processes, or for fighting a process
battle
> in that forum.
>
> You give me a specific issue worth fighting for, and show me that ITU is
the
> best place to fight it, then I'll be there. But if you want me to knock my
> head against the wall of a 150 year old bureaucracy trying to gain some
> generic recognition for something called "civil society" no thanks.
Ok, restrict your head banging to a nine year old bureaucracy instead.
FYI, today begins a four day meeting of WP 2 of SG 17 and there's a ton of
people from irrelevant outfits like VeriSign over there. Here's the piffle
WP 2 is currently working on:
* Supplement 1 to X.800-X.849 series on security: Security baseline
for network operators
* Security architecture aspects of end users and networks in
telecommunications
* Framework for creation, storage, distribution and enforcement of
policies for network security
* Network security assessment/guidelines based on ITU-T Recommendation
X.805
* Framework for EAP-based authentication and key management
* Guidelines for implementing system and network security
* Overview of cybersecurity
* A vendor-neutral framework for automatic notification of security
related information and dissemination of updates
* Guidelines for telecommunication service providers for addressing
the risk of spyware and potentially unwanted software
* Guideline on preventing worm spreading in a data communication
network
* User control enhanced digital identity interchange framework
* Identity management use cases and gap analysis
* Identity management framework for global interoperability
* Supplement to X-series Recommendations on identity management:
Identity management lexicon
* Requirements for global interoperable identity management
* Network security management framework
* Privacy guideline for RFID
* Requirement of security information sharing framework
* Service oriented architecture framework
* Service oriented architecture security
* Information security management guidelines for telecommunications
based on ISO/IEC 27002
* Risk management guidelines for telecommunications
* Security incident management guidelines for telecommunications
* Telebiometrics related to human physiology
* BioAPI interworking protocol
* Telebiometrics authentication infrastructure
* Telebiometrics digital key framework
* A guideline of technical and managerial countermeasures for
biometric data security
* A guideline for secure and efficient transmission of multibiometric
data
* Telebiometrics system mechanism - General biometric authentication
protocol and profile on telecommunication system
* Telebiometrics system mechanism - Protection profile for client
terminals
* Device certificate profile for the home network
* Guideline on user authentication mechanism for home network services
* Differentiated security service for secure mobile end-to-end data
communication
* Authentication architecture in mobile end-to-end data communication
* Correlative reacting system in mobile network
* Security architecture for message security in mobile web services
* Guideline on secure password-based authentication protocol with key
exchange
* Authorization framework for home network
* Security requirements and framework in multicast communication
* Privacy protection framework for networked RFID services
* Security requirements for peer-to-peer communications
* Security architecture for peer-to-peer network
* Secure end-to-end data communication techniques using TTP services
* Requirement and Framework for USN
* Requirement on countering spam
* Technical framework for countering email spam
* Framework of countering IP multimedia spam
* Guideline on countering email spam
* Overview of countering spam for IP multimedia applications
* Technical means for countering spam
* Interactive countering spam gateway system
* SMS filtering system based on users’ rules
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.17/1179 - Release Date: 09/12/2007
11:06
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.17/1179 - Release Date: 09/12/2007
11:06
____________________________________________________________
You received this message as a subscriber on the list:
governance at lists.cpsr.org
To be removed from the list, send any message to:
governance-unsubscribe at lists.cpsr.org
For all list information and functions, see:
http://lists.cpsr.org/lists/info/governance
More information about the Governance
mailing list