[governance] The standards about the RPKI are out

Wed Feb 8 11:27:19 EST 2012

On Feb 8, 2012, at 4:42 PM, Avri Doria wrote:
> This does bring up the question: to what extent with this capability be implemented by the equipment providers and to what extent doe people expect it to be deployed.  Is thee already good lots of running code and trial implementations.    Are ISPs buying into it and ready to test and deploy?

The specification is only two months old, and while I believe
that there is running code, you'd need to check with the authors
regarding what testing and development activities are underway.

> Also, are you arguing that there is nothing to be seen here, and we should just move on because there is no governance issue that needs exploration and understanding?  I.e IETF is taking care of it, so we have nothing to be concerned about.

Strange.  I have said nothing of the sort, only that the author's
particular assertion has been overtaken by events.  Depending on one's 
definition of "Internet Governance", there are certainly aspects of RPKI 
which warrant consideration (but then again for some definitions of IG
that may be said of nearly every component of Internet infrastructure...)

Example: Layer 2 switches often are built with the ability to relay all 
packets received on any port to a monitoring port.  Is this technical 
capability an Internet Governance matter?  What if the monitoring port 
can be accessed remotely in a surreptitious manner?  What if vendors 
provided the access details to governments upon request?  At one point 
did this technical capability move into a "governance" matter, with 
implications far beyond that of simple compliance with law?

Personally, I do see Internet Governance considerations with respect 
to RPKI, but not arising from the technical capabilities, but from the 
inherent control and transparency aspects that arise with the potential
for government intervention in RPKI matters. I will note, however, that
these issues all exist presently, in that governments can already obtain 
the exact same outcomes if they can order changes be made to the Internet 
number registries.

Whether the technology is the Whois directories of address registrants, 
or the present routing registries that are run by RIRs, or the emerging 
use of RPKI, the issues are pretty much the same:

 - Under what circumstances are governments expected/allowed
   to intervene in the Internet infrastructure?
 - What transparency should exist regarding these interventions?
 - How are intergovernmental issues minimized during interventions?

In my personal opinion, establishing common expectations for questions 
such as the above should be the priority, and serve to focus on the 
actual concerns that need community exploration and understanding.

My thoughts alone; I have not consulted with any other parties in the
preparation of these views, including specifically ARIN, ICANN, USG, 
UN, ITU, or any candidate for the upcoming US Presidential election.

FYI,
/John

-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t