<div dir="ltr">Carlos<div><br><div>so many of your statements here are false or twisted in your assumed implications that it hurts. No time to go over each of them; plus it may become one more massive distraction. Let's go on to something concrete:</div>
<div><br></div><div>How do you propose to fix it? can you provide an example of a system that works like you wish to be the outcome of NetMundial? Like, a country that has started some serious, scalable fixes? Direct cause-effect links would be preferrable. Pick any paragraph if you don't want to go over the whole list at once. </div>
<div><br></div><div>Alejandro Pisanty</div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Apr 15, 2014 at 4:47 PM, Carlos A. Afonso <span dir="ltr"><<a href="mailto:ca@cafonso.ca" target="_blank">ca@cafonso.ca</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Dear people,<br>
<br>
I recall our discussions with folks in the so-called "technical<br>
community" between IGFs 2006 and 2007, in which the mantra "do not fix<br>
what is not broken" was used to convince us all that management of the<br>
logical infrastructure of the net should not be even considered as an<br>
Internet governance topic in the IGF dialogues (and this with the IGF<br>
prohibited from making recommendations). Thanks to pressure from sectors<br>
of civil society and the government of Brazil (host to the 2007 IGF), we<br>
finally managed to insert the theme in the IGF agenda, but it had to go<br>
under the disguise of "critical Internet resources".<br>
<br>
A bit more than six years passed, and what we see? Relevant and<br>
frightening examples of the frailty of the current "governance" or<br>
coordination model of the network -- mostly in the expert hands<br>
basically of the I* group of entities and forums, which goes beyond just<br>
names, numbers and protocols, and badly in need of fixing (and I assume<br>
that the fix in general will involve more than just technical<br>
coordination measures):<br>
<br>
- The net was revealed as incredibly vulnerable by the revelations on<br>
NSA surveillance, and we discovered that the NIST was at cahoots with<br>
the NSA in "backdooring" the cryptographic systems.<br>
<br>
- The IPv6 transition was literally abandoned by Icann. This on the one<br>
hand is good, since I am one of the people who defend the<br>
decentralization of Iana functions, and the RIRs structure works<br>
technically quite well. But they cannot carry alone the burden of the<br>
political/economic aspects of this transition. A more assertive Icann<br>
(and other stances, such as the ITU pressuring their clients, the big<br>
telcos, and equipment manufacturers taking the transition really<br>
seriously) would have helped avoid this situation of crisis in the<br>
addressing system (just read the situation papers and strong alerts by<br>
Geoff Huston), which by the way increases vulnerability of the net with<br>
improvised concoctions such as CGNAT and so on.<br>
<br>
- The OpenSSL memory leak bug was sitting in our servers for years, to<br>
the joy of NSA and similar peeking folks, and this is an open source<br>
system maintained by the "technical community" -- supposedly, open<br>
source code is there to be verified, double-checked etc, particularly<br>
such a key security element of the net; there is nothing more disruptive<br>
of the net security that we know of since the net became so pervasive<br>
worldwide; I operate a very small non-profit Web service and am<br>
horrified by the implications of this failure to verify the code.<br>
Literally no one could know how far their servers' data have been<br>
compromised after Heartbleed was sitting there for so many years -- and<br>
who knows how many servers are still in need of patching.<br>
<br>
- Now Yahoo decides unilaterally to implement an email verification<br>
feature (DMARC) which is still in beta, affects all its users, and even<br>
the implementation they did is not clear, as Miles Fidelman verified,<br>
and I quote: "They knowingly did massive damage, published some<br>
suggestions on how to mitigate that damage - using a capability defined<br>
in the spec. that they deployed - then say "we don't support that"."<br>
<br>
- And there are signs that Gmail may be taking unilateral measures as<br>
well (not clear yet what is being done), as suspected recently by Lauren<br>
Weinstein.<br>
<br>
In the last two cases, there is a caveat -- they are free, opt-in<br>
services, no one is required to use them to be on the net. But hundreds<br>
of millions of users rely on their services, and these users are<br>
basically "voluntary shareholders" of them, as the profiling of their<br>
presence adds revenue to the respective companies -- but they are a<br>
special kind of shareholders whose share just earns them unlimited mail<br>
and social net services' use in exchange for their profiling. Someone<br>
described these users as "products", which also makes some sense. And<br>
the central fact is that these unilateral measures (using features which<br>
the "technical community" describes as still beta) impact on hundreds of<br>
thousands of email and listserv services worldwide, even on their own<br>
users (!), and their response seems to be "this is what we are doing,<br>
sorry".<br>
<br>
The OpenSSL failure is so incredibly disruptive that some entities who<br>
have Web sites in our servers are happy they never used SSL -- their<br>
argument is: "if I had SSL, it would attract peekers thinking that,<br>
well, this site uses SSL so there may be something worth mining there...<br>
and it is easy to mine!"<br>
<br>
Frankly, there are things scarily broken in this "governance" or<br>
coordination system (and let us recall that coordination does not<br>
necessarily mean centralization), and I hope NETmundial will provide an<br>
opportunity to dialogue on what to do. It is the billions of Internet<br>
users who are expecting us to do something better.<br>
<br>
fraternal regards<br>
<br>
--c.a.<br>
Carlos A. Afonso<br>
[writing in my personal capacity only]<br>
<br>
<br>
_______________________________________________<br>
discuss mailing list<br>
<a href="mailto:discuss@1net.org">discuss@1net.org</a><br>
<a href="http://1net-mail.1net.org/mailman/listinfo/discuss" target="_blank">http://1net-mail.1net.org/mailman/listinfo/discuss</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>- - - - - - - - - - - - - - - - - - - - - - - - - - -<br> Dr. Alejandro Pisanty<br>Facultad de Química UNAM<br>Av. Universidad 3000, 04510 Mexico DF Mexico<br>
+52-1-5541444475 FROM ABROAD<br>+525541444475 DESDE MÉXICO SMS +525541444475<br>Blog: <a href="http://pisanty.blogspot.com" target="_blank">http://pisanty.blogspot.com</a><br>LinkedIn: <a href="http://www.linkedin.com/in/pisanty" target="_blank">http://www.linkedin.com/in/pisanty</a><br>
Unete al grupo UNAM en LinkedIn, <a href="http://www.linkedin.com/e/gis/22285/4A106C0C8614" target="_blank">http://www.linkedin.com/e/gis/22285/4A106C0C8614</a><br>Twitter: <a href="http://twitter.com/apisanty" target="_blank">http://twitter.com/apisanty</a><br>
---->> Unete a ISOC Mexico, <a href="http://www.isoc.org" target="_blank">http://www.isoc.org</a><br>. . . . . . . . . . . . . . . .
</div>