Re: A report on certain standards (was Re: United Nations report on Internet standards)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear all,

Thank you for discussing the report in your community. As main author of the report. There are three things I would like to stress:

1) This is not a U.N. commissioned report, but a pilot within the Internet Governance Forum to test whether the IGF is able to accelerate a long lasting internet governance issue instead of debating it once a year and go home.. To go beyond the "talkshop", a long held wish of representatives from the Dutch technical community. The topic of choice became deployment of internet standards: e.g. DNSSEC, RPKI and BCP38, but also the OWASP top 10, ISO 27001 and secure software;
2) The report does not focus on nor passes any judgement on IETF's or on any other standards bodies' internal procedures. It focuses on how to disseminate the outcomes better, spread knowledge in an understandable language for non-technicians and to deploy the widely agreed upon standards faster. The comments made about the IETF were made by individuals participating in IETF processes, thinking out loud about how the goal of the report could be achieved;
3) The recommendations and steps forward are aggregated opinions from the hundreds of people that took the questionnaire, participated in the break out sessions at the Berlin IGF, from interviews and desk research. From them the authors compiled what we called "pressure points".

Nearly 100% of participants, from all stakeholder communities, agreed that creating a law is not the answer to fast deployment. So we looked at alternatives and identified what we called pressure points in society where those that decide on deployment, usually senior management and higher, can be influenced and put under pressure to start deploying. We identified 25 such points, ranging from consumer product testing, to involving trade organisations, and parliamentarians asking questions in hearings, to research in media on the lack of deployment, and CISO management-handling training.

Others involve people with knowledge, i.e. your community, to assist in translating new standards into layman's speech and in dissemination to non-technical communities. To focus not only on the technicians that have to deploy physically, but on those who can influence decisions to deploy and those deciding on the financial and resource wherewithal to deploy. Many participants, including IETF active, agreed that steps outside of the technical realm are necessary for these standards -and not only the IETF ones as you could see- to be deployed in a serious way, making all internet users more secure immediately and indiscriminately. Ideally without primarily government involvement.

As authors we welcome your opinion, questions and suggestions. The plan is to take this one step further, to start getting messages out, attract missing stakeholders and work together towards solutions and agreed upon steps forward. And indeed, as someone mentioned, as one community. That is the goal. Therefore the next step must be to bring all involved on the same page, like you are for decades already within IETF.

Yours sincerely,

Wout de Natris


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
De Natris Consult

Kamerlingh Onnesstraat 43                                                        Tel: +31 648388813           

2014 EK Haarlem                                                                          Skype: wout.de.natris


denatrisconsult@xxxxxxxxxx

http://www.denatrisconsult.nl

Blog http://woutdenatris.wordpress.com

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux