[governance] Re: IG questions that are not ICANN [was: Irony]
Meryem Marzouki
marzouki at ras.eu.org
Tue Dec 11 04:53:13 EST 2007
What is needed is, for each issue of interest, to identify who (from
CS) is doing what in which organization/venue/framework, and then
report (thus be accountable), keep track and take stock of all this.
Some of us are active at the regional level, and this does make sense
and probably leads to important outcome. Others act rather at the
national level. And only few can target the global level.
But such a practical organization first supposes to think beyond
simply being "CS" or not, and to see where we agree on positions/
views. I assume this list (to take only this example) has clearly
shown that being "CS" doesn't mean being like-minded.. Actually, CS
means almost nothing, but that's another debate:)
Best,
Meryem
Le 10 déc. 07 à 20:01, Ian Peter a écrit :
> What Bill said – if we are going to do anything in the field of
> Internet governance, we have to deal with less than perfect
> organizations such as UN, governments, corporations, ITU, ICANN,
> IGP, and, dare I say it, the civil society caucus.
>
>
>
> If we can find a way to participate, we should. We should at least
> follow Bill’s suggestion that we ask for CS participation on the
> Committee of Experts. We could submit a raft of names for
> consideration asking that at least one be appointed (all submitted
> candidates should be people who we know would report back and
> liaise with CS)
>
>
>
> Ian Peter
>
> Ian Peter and Associates Pty Ltd
>
> PO Box 10670 Adelaide St Brisbane 4000
>
> Australia
>
> Tel (+614) 1966 7772 or (+612) 6687 0773
>
> www.ianpeter.com
>
> www.internetmark2.org
>
> www.nethistory.info
>
>
>
> From: William Drake [mailto:drake at hei.unige.ch]
> Sent: 10 December 2007 19:54
> To: Governance
> Subject: Re: [governance] Re: IG questions that are not ICANN [was:
> Irony]
>
>
>
> Good morning, sunshine,
>
> On 12/10/07 3:14 AM, "Milton L Mueller" <mueller at syr.edu> wrote:
>
> >> -----Original Message-----
> >> From: William Drake [mailto:drake at hei.unige.ch]
> >> See above. Re: flawed yes, but fatally---this obviously depends
> on the
> >> issue, the industry players involved, their degree of consensus and
> >> support
> >> for the approach taken and their ability to implement it, which
> with
> >> respect
> >> to security I wouldn't make a sweeping statement about before
> actually
> >> investigating. When law enforcement, national security, and
> intelligence
> >> agencies work with major telcos, manufacturers, applications
> providers etc
> >> it seems odd to just assume this cannot matter at all.
> >
> > That kind of work is going on in many places, and the ITU is not
> the most
> > significant place for it. Indeed, the ITU is rather marginalized
> these days.
>
> This authoritative pronouncement is based on what, precisely?
> You've mapped the topology of all the work being done on all the
> security issues in all the relevant institutions, examined the ITU
> work program in relation to this, and determined that there is no
> interface and cross-pollination between these efforts, and that the
> routine practice of bringing work from, e.g. regional and tech-
> specific forums into ITU for multilateral adoption at the global
> level is of no significance to anything, and hence all the
> thousands of people involved from every government, major network
> operator, manufacturer, etc that are constantly over here just come
> to go shopping? Or are you really saying that you don't follow
> these things and therefore they don't matter?
>
> I have, as you know, written quite a bit over the years about the
> historical evolution and contemporary decline of the telecom
> regime, so I not only get the marginalization argument, but have
> made it. However, it's worth noting that this marginalization is
> relative; for example, while the telecom regulation treaty directly
> shapes a declining share of activity, carriers from the US alone
> (just one of 191 member states) still settle over $7 billion a year
> under its terms and are fairly concerned about current proposals
> for change. But that doesn't matter I guess, since it's not about
> domain names. The extent of marginalization is also highly
> variable: for spectrum management it's non-existent, for standards,
> including security-related aspects, it depends on a host of factors
> per previous. In some cases the main action is elsewhere, in some
> it's not.
>
> > And if civil society critics succeeded, after the kind of HUGE
> effort that it
> > would take, in getting an influential seat at some ITU table then
> the chances
> > are great that certain parties would forum-shift to somewhere else.
>
> I have absolutely no illusions that CS would make a HUGE effort and
> wasn't proposing this. But since the Argentine-Swiss proposals to
> open the door to CS are the focus of active debate right now, it'd
> be nice if CS wasn't entirely silent, which just makes it easier
> for the more retrograde governments to say why bother, they don't
> care anyway. At a post-WSIS ITU meeting a couple years ago, I
> presented a quickly assembled statement that was signed by two
> dozen caucus people criticizing the CS lock out and saying this is
> one of the reasons CS doesn't want ITU near IG, and it did get
> their attention. But now that friendly governments are actually
> trying to do something about the matter, we're not there to offer
> any support. Wille and I made presentations on CS inclusion at a
> meeting this year that were perceived I think as sort of solo
> views, not supported by any broader constituency demand. It'd have
> been nice if we'd had a sign on or something, which is not all that
> hard to do, except when the gestalt is, who cares, it's not ICANN.
>
> > No one said the issues of lawful intercept and cybersecurity
> "don't matter."
> > Indeed, if you've been paying attention to IGP's work at all you
> should know
> > that we've been focusing on that quite a bit, with some
> relatively good
> > results in the DNSSEC sphere.
>
> Like all good citizens, I am a dutiful student and hang on IGP's
> every word. Brendan's DNSSEC stuff is interesting and important,
> but it's a piece of a much larger puzzle, which is what we're
> talking about.
>
> > But this kind of politics is trench warfare and it makes little
> sense for CS
> > groups to enter into a battle on the terms and conditions set by
> industry and
> > govts, which is precisely what you are inviting us to do.
>
> Then why did we/you participate in WSIS? Why, for that matter, do
> you participate in ICANN if this is a disqualifier? That's the way
> the world is, so why not pack up our tents and go home?
>
> >> processes are nonetheless consequential, no? Re: top down, ok
> if by this
> >> you mean CS is excluded and a number of segments of relevant
> Internet
> >> industries opt not to get involved. But for those industry
> groupings that
> >> opt to be involved, it is as bottom up as any other standards
> process.
> >
> > Sure. But think of resource allocation. Scarce time, labor money.
> I don't see
> > the case for CS involvement in ITU processes, or for fighting a
> process battle
> > in that forum.
> >
> > You give me a specific issue worth fighting for, and show me that
> ITU is the
> > best place to fight it, then I'll be there. But if you want me to
> knock my
> > head against the wall of a 150 year old bureaucracy trying to
> gain some
> > generic recognition for something called "civil society" no thanks.
>
> Ok, restrict your head banging to a nine year old bureaucracy instead.
>
> FYI, today begins a four day meeting of WP 2 of SG 17 and there's a
> ton of people from irrelevant outfits like VeriSign over there.
> Here's the piffle WP 2 is currently working on:
>
> Supplement 1 to X.800-X.849 series on security: Security baseline
> for network operators
> Security architecture aspects of end users and networks in
> telecommunications
> Framework for creation, storage, distribution and enforcement of
> policies for network security
> Network security assessment/guidelines based on ITU-T
> Recommendation X.805
> Framework for EAP-based authentication and key management
> Guidelines for implementing system and network security
> Overview of cybersecurity
> A vendor-neutral framework for automatic notification of security
> related information and dissemination of updates
> Guidelines for telecommunication service providers for addressing
> the risk of spyware and potentially unwanted software
> Guideline on preventing worm spreading in a data communication network
> User control enhanced digital identity interchange framework
> Identity management use cases and gap analysis
> Identity management framework for global interoperability
> Supplement to X-series Recommendations on identity management:
> Identity management lexicon
> Requirements for global interoperable identity management
> Network security management framework
> Privacy guideline for RFID
> Requirement of security information sharing framework
> Service oriented architecture framework
> Service oriented architecture security
> Information security management guidelines for telecommunications
> based on ISO/IEC 27002
> Risk management guidelines for telecommunications
> Security incident management guidelines for telecommunications
> Telebiometrics related to human physiology
> BioAPI interworking protocol
> Telebiometrics authentication infrastructure
> Telebiometrics digital key framework
> A guideline of technical and managerial countermeasures for
> biometric data security
> A guideline for secure and efficient transmission of multibiometric
> data
> Telebiometrics system mechanism - General biometric authentication
> protocol and profile on telecommunication system
> Telebiometrics system mechanism - Protection profile for client
> terminals
> Device certificate profile for the home network
> Guideline on user authentication mechanism for home network services
> Differentiated security service for secure mobile end-to-end data
> communication
> Authentication architecture in mobile end-to-end data communication
> Correlative reacting system in mobile network
> Security architecture for message security in mobile web services
> Guideline on secure password-based authentication protocol with key
> exchange
> Authorization framework for home network
> Security requirements and framework in multicast communication
> Privacy protection framework for networked RFID services
> Security requirements for peer-to-peer communications
> Security architecture for peer-to-peer network
> Secure end-to-end data communication techniques using TTP services
> Requirement and Framework for USN
> Requirement on countering spam
> Technical framework for countering email spam
> Framework of countering IP multimedia spam
> Guideline on countering email spam
> Overview of countering spam for IP multimedia applications
> Technical means for countering spam
> Interactive countering spam gateway system
> SMS filtering system based on users’ rules
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.503 / Virus Database: 269.16.17/1179 - Release Date:
> 09/12/2007 11:06
>
>
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.503 / Virus Database: 269.16.17/1179 - Release Date:
> 09/12/2007 11:06
> ____________________________________________________________
> You received this message as a subscriber on the list:
> governance at lists.cpsr.org
> To be removed from the list, send any message to:
> governance-unsubscribe at lists.cpsr.org
>
> For all list information and functions, see:
> http://lists.cpsr.org/lists/info/governance
____________________________________________________________
You received this message as a subscriber on the list:
governance at lists.cpsr.org
To be removed from the list, send any message to:
governance-unsubscribe at lists.cpsr.org
For all list information and functions, see:
http://lists.cpsr.org/lists/info/governance
More information about the Governance
mailing list