Re: [perpass] Steer 750 million euro at the EC for 'future internet' the right way
Michiel Leenaars <michiel.ml@nlnet.nl> Fri, 08 April 2016 19:29 UTC
Return-Path: <michiel.ml@nlnet.nl>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B71E12D19D for <perpass@ietfa.amsl.com>; Fri, 8 Apr 2016 12:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, LOTS_OF_MONEY=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nlnet.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DS4ckFs2e2wm for <perpass@ietfa.amsl.com>; Fri, 8 Apr 2016 12:29:14 -0700 (PDT)
Received: from open.nlnet.nl (open.nlnet.nl [185.49.140.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3A7212D10C for <perpass@ietf.org>; Fri, 8 Apr 2016 12:29:14 -0700 (PDT)
Received: from open.nlnet.nl (localhost [127.1.0.1]) by open.nlnet.nl (Postfix) with ESMTP id 68EAC295E5; Fri, 8 Apr 2016 21:29:13 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nlnet.nl; h= content-type:content-type:in-reply-to:mime-version:user-agent :date:date:message-id:from:from:references:subject:subject :received:received; s=gerrit; t=1460143752; x=1461958153; bh=FdF 4968JFdjHK3Gantta1ax01+5IChrgIvkHW6PI8XE=; b=H3uP0lu7ybGx9rH+FCu NcqPBKGnjFdEmSPBZYIUoulNHWJo3r0DyvT8m18HWDacCRe9W3f72F2GdW3RCYQo mdCC2QkKkK14O1dgOSg+dnmyACI9nNp6aLz4gk3F3j0BVAmPsdtW3QzcnmJ2f1Zq x73hBv0dgkOfLbzLYtrL8zOs=
X-Virus-Scanned: amavisd-new at nlnet.nl
Received: from open.nlnet.nl ([127.1.0.1]) by open.nlnet.nl (open.nlnet.nl [127.1.0.1]) (amavisd-new, port 10026) with ESMTP id uaLunANbDHyg; Fri, 8 Apr 2016 21:29:12 +0200 (CEST)
Received: from [IPv6:2001:984:2ab3:1:202:2aff:fed8:6f46] (unknown [IPv6:2001:984:2ab3:1:202:2aff:fed8:6f46]) by open.nlnet.nl (Postfix) with ESMTPSA id A3BD0295DB; Fri, 8 Apr 2016 21:29:12 +0200 (CEST)
To: Watson Ladd <watsonbladd@gmail.com>, Harry Halpin <hhalpin@w3.org>
References: <5707966C.1020100@nlnet.nl> <5707BDAE.6060800@nlnet.nl> <5707CFC5.9010700@w3.org> <CACsn0cnnOtTMB=3wQWcy5So9SOkWeiqirwg98YsLgWBn_oUSxg@mail.gmail.com>
From: Michiel Leenaars <michiel.ml@nlnet.nl>
X-Enigmail-Draft-Status: N1110
Message-ID: <5708068C.3030205@nlnet.nl>
Date: Fri, 08 Apr 2016 21:29:16 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.7.0
MIME-Version: 1.0
In-Reply-To: <CACsn0cnnOtTMB=3wQWcy5So9SOkWeiqirwg98YsLgWBn_oUSxg@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="X7n9K25u33ExtSE7fp0WAop2AVcQWtnMb"
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/OvAPjg3XEqzMzAHFCkoaQVbH2V4>
Cc: perpass@ietf.org
Subject: Re: [perpass] Steer 750 million euro at the EC for 'future internet' the right way
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Apr 2016 19:29:17 -0000
Hi Harry, Watson, > There are fundamental architectural issues with Internet and Web > security that cannot be fixed, only patched around. I've spoken to the EC as well, in fact I was one of the ten invited experts attending the closed workshop they organised some weeks ago. Within the EC there does not seem to be much awareness let alone a sense of great urgency in the way that the internet technical community and in particular the people on this list feel it. None of their plans mention surveillance, or Edward Snowden, or even the words security and privacy. And that is the reason why I'm informing people about this consultation and the opportunity to get across how necessary a large investment is. Without simple and unambiguous input from many people that we need to free as much of this budget as possible to revisit every nook and cranny of the design of the internet, the money will evaporate. It is the bigger picture that is missing, and I agree with Watson that we should not be happy with the breadcrumbs and the small wins - this 750 million euro is exactly what is needed to address things properly. At the standards side, at the open source side and at the practical deployment side. Of course the NSA and its many counterparts have much much bigger budgets, but if the EC money is used to empower the right ideas from the community we have a fighting chance. We don't need to settle or even debate the technical course at this moment, it is important now to get enough money allocated to solving the problems of the real internet instead of surfing the hype curve with huge projects that fail horribly. And step two is turning around the processes at the EC, and making them compatible with the way the internet operates - smaller, more agile, bottom up. These budgets have been around for a long time, but I cannot name a single real success story despite billions and billions put in - and to a large degree that is the fault of working with a few very large consortia that suffer from inbreeding. To summarize: I don't think we should settle for 'patches' here and there, we deserve a thoughtful and thorough sanitisation of the whole architecture of the internet and of the web (issues like Rowhammer.js to me are the beginning of the end of the Javascript era). Anyway: hope many of you will respond. The questionnaire is here: https://ec.europa.eu/eusurvey/runner/nextgen-internet And I suggest to keep it simple - the more obscure and technical your comments, the less likely it is to be included in the outcome. Simple wording (the internet is broken, please fix it) might be the most strategic option, although looking at the length of this mail alone I'm afraid that it is very tempting to violate this principle. Best, Michiel Leenaars
- [perpass] Steer 750 million euro at the EC for 'f… Michiel Leenaars
- Re: [perpass] Steer 750 million euro at the EC fo… Harry Halpin
- Re: [perpass] Steer 750 million euro at the EC fo… Watson Ladd
- Re: [perpass] Steer 750 million euro at the EC fo… Michiel Leenaars
- Re: [perpass] Steer 750 million euro at the EC fo… Hugo Maxwell Connery