Re: [irsg] IETF and European Commission

Alissa Cooper <alissa@cooperw.in> Wed, 17 May 2023 16:32 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: wgchairs@ietfa.amsl.com
Delivered-To: wgchairs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE691C14F73F for <wgchairs@ietfa.amsl.com>; Wed, 17 May 2023 09:32:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.093
X-Spam-Level:
X-Spam-Status: No, score=-2.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cooperw.in header.b="sJVurRTp"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="JJ0tqRqo"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q4jklHV1Qleb for <wgchairs@ietfa.amsl.com>; Wed, 17 May 2023 09:32:00 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BAABC15154C for <wgchairs@ietf.org>; Wed, 17 May 2023 09:31:59 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 1DA9E5C00F4; Wed, 17 May 2023 12:31:57 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Wed, 17 May 2023 12:31:57 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cooperw.in; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm3; t=1684341117; x=1684427517; bh=y6 0/aXvm97fiDRsbmoKJn5feW2VKuY/NM9Av5NTFdWo=; b=sJVurRTpXOW1BUq2iT V0zMoJyLUdlkOEZfH+3jg/q/uV6+KP8NvhyE4VOQenTdNrYQYJNLn2mKNSsrZzRy TbQT5fXNAHx6zCvcYV8YfkqoyOnEo1U5cYm03b9TW7WHf/UXCS5ZPT/HE+iH06tJ QqeGcsAWpNvcVfukqvBhkPaswbaYLuHVc4RnFm/bxp1ul/8dmTLqZ1VYy7H61c3W kak8+X1BUNp81qG4fc9wGo3QjfaRyjOvLgaSfr/EqSJ5SeorzHM8vOzvxtuQhSKL GX4T0yr6XHEDfPXfWhCZavryfDn0Xsoh8z+3tt86yCMXvV7AH8+CnUkGzNRN/LAH HOlQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; t=1684341117; x=1684427517; bh=y60/aXvm97fiD RsbmoKJn5feW2VKuY/NM9Av5NTFdWo=; b=JJ0tqRqoYj2nE3+z7XDBFmfcttNFQ SrcaXHu96JuPP9XEkmAyzUI45WokAO0wszJHGiL6f2Is648s/pP5JTA3ezKIC7Ld 8B35fKISGzu60Vdpof0Oqst8Dg7VyIy/VM0wnMgxJJOC4P6wKn0lHaRYRXMaZG3C b0oAvA+PPzLwHumPA12IUPpNsYQAadqt0qoPt7grLM8iYht1AB0Kymm2+YJWTYDm HxaU7itns6OPvjoWTYbJSNvUdqk5zo7FekhgjSNJOVLUfOD/DccYnoDPkNfm8MoT v2MSSUQWCOGlK4GdWP40NodTzQp/jiK53+IbdcgMVW5fshRxphfCAN+RQ==
X-ME-Sender: <xms:fAFlZJOVSZMOY_UjSZkSNEUB00n7sl7kFsOyi2soqmUv3w_GowJlWQ> <xme:fAFlZL_dMHjX2sfwydiehhtyD-8V_ZwUo6_WIb3WJvglRE74CbIzdjSwZ2Z7QFxhm D4IEAYhwJ7DWhpoBw>
X-ME-Received: <xmr:fAFlZIRcfBnShUlVEOtuYyDvy5P9WPUzBV90CrZtXE9KZsuzTjM1TrjnhBOCrkeksJ6KBqQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrfeeiuddguddtvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhkfgtggfuffgjvefvfhfosegrtdhmrehhtdejnecuhfhrohhmpeetlhhi shhsrgcuvehoohhpvghruceorghlihhsshgrsegtohhophgvrhifrdhinheqnecuggftrf grthhtvghrnhephfefleehffevhfffgeffueeghfekffffudevgfegudfhgeejgfdtgfeg feeuieefnecuffhomhgrihhnpegvuhhrohhprgdrvghupdhivghtfhdrohhrghdpfhhorh humhhsthgrnhgurggrrhguihhsrghtihgvrdhnlhdpihhnthgvrhhnvghtrdhnlhdpshhs rhhnrdgtohhmpdgtrhhithhitggrlhhinhhfrhgrlhgrsgdrnhgvthdpnhhivghlshhtvg hnohgvvhgvrhdrnhgvthdpnhhlnhgvthhlrggsshdrnhhlpdhhthhtphhsrghnughtlhhs ughkihhmrghnuggumhgrrhgtihhpvheivghttgdrsggvshhtnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomheprghlihhsshgrsegtohhophgvrhif rdhinh
X-ME-Proxy: <xmx:fAFlZFtopZvKFhOpEzeNmy9BD2v0_zMqKGWPOx0EUyo7zTmU_w3RAQ> <xmx:fAFlZBf1VjvJzZOuynRJriXhpomqPrrYCkKFYxaPIJ_EJvCvb25U1g> <xmx:fAFlZB2hU8jOi4iaYp9rvhTHUqVe-zZIJnIqQ5NGYoYta5Yu1AdJYg> <xmx:fQFlZI5k2-BIO-9NXiMwsiSc6MhEyl-2G_-AmggwYTw_BPzF-Fg7uw>
Feedback-ID: i1214409c:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 17 May 2023 12:31:55 -0400 (EDT)
From: Alissa Cooper <alissa@cooperw.in>
Message-Id: <F4B437D0-AC9A-402E-8CB1-DC8260D4B236@cooperw.in>
Content-Type: multipart/alternative; boundary="Apple-Mail=_ADAD46E4-7A8B-4EC4-A3AA-BAA7CF033B28"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.500.231\))
Subject: Re: [irsg] IETF and European Commission
Date: Wed, 17 May 2023 09:31:43 -0700
In-Reply-To: <9b05c310-b4e5-c174-8c27-10cc2fc74050@NLnetLabs.nl>
Cc: Jane Coffin <jane@connecthumanity.fund>, Toerless Eckert <tte@cs.fau.de>, Niels ten Oever <mail@nielstenoever.net>, Working Chairs <wgchairs@ietf.org>, Mallory Knodel <mknodel=40cdt.org@dmarc.ietf.org>
To: Benno Overeinder <benno@nlnetlabs.nl>
References: <CADNypP_534rHN8CgZfx6DfR=vrLC8uHzzWKStmdCWSVtuujqZQ@mail.gmail.com> <372d7a6d-0a6d-7f92-a10e-fb52bacde80d@cdt.org> <CAAk_8j0O1yzKo7wPdKadMccDsY2optYXOkTeJjgpm0s=FuDZCg@mail.gmail.com> <8c19c1a2-a20a-4901-cddd-48e33998396c@nielstenoever.net> <CAAk_8j02Ytz4wfb2SHRMbqMX=-mtim_wuWnGBbXhKPSHibquvA@mail.gmail.com> <9a9ba038-4384-dfe2-72f0-6d1f5c7f5fa4@nielstenoever.net> <CAAk_8j3bX4x8N546XbqcSCz0st4C7pg+H_zwHPRs4Q3HurS3sw@mail.gmail.com> <ZGQbaxoZ5XEJy8G3@faui48e.informatik.uni-erlangen.de> <CAAk_8j0_oZWS96oKAsyYHZJNCCuy2G_RETHrvuvFpmyb_d3axA@mail.gmail.com> <9b05c310-b4e5-c174-8c27-10cc2fc74050@NLnetLabs.nl>
X-Mailer: Apple Mail (2.3731.500.231)
Archived-At: <https://mailarchive.ietf.org/arch/msg/wgchairs/cxl6Zd75OOBnRiYhidOL2LXUlzY>
X-BeenThere: wgchairs@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Working Group Chairs <wgchairs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wgchairs>, <mailto:wgchairs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wgchairs/>
List-Post: <mailto:wgchairs@ietf.org>
List-Help: <mailto:wgchairs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wgchairs>, <mailto:wgchairs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 May 2023 16:32:02 -0000

Also, I thought one of the core functions of the EU MSP on ICTs was to use the rolling plan [0] to identify standards produced outside the three European standardization organizations that are relevant to key technology areas, providing a consolidated view for decision makers in national governments and other authorities who may want to reference them in RFPs and other instruments if not in law. The IETF’s contributions are coordinated by Andrei Robachevsky and Mat Ford from ISOC. The 2023 contributions and archives from prior years are available at [1].

Alissa

[0] https://joinup.ec.europa.eu/collection/rolling-plan-ict-standardisation/rolling-plan-2023
[1] https://wiki.ietf.org/group/iab/Multi-Stake-Holder-Platform

> On May 17, 2023, at 8:47 AM, Benno Overeinder <benno@nlnetlabs.nl> wrote:
> 
> Not EU, but for the Netherlands there are (strongly) recommended open standards for the public sector, the so-called "past toe of leg uit" (apply or explain) list.  The standards include IETF standards, as well as other standards from other domains.
> 
> The apply and explain list has been codified by Forum Standaardisatie, see https://www.forumstandaardisatie.nl and https://www.forumstandaardisatie.nl/en/netherlands-standardisation-forum.
> 
> Instrumental in the adoption of Internet standards is https://internet.nl/, which has an API for bulk measurements to create an overview of the public sectors and their adoption of standards such as DNSSEC, HTTPS and TLS, DKIM and DMARC, IPv6, etc.
> 
> Best,
> 
> -- Benno
> 
> 
> 
> On 17/05/2023 03:21, Jane Coffin wrote:
>> There is that
>> On Tue, May 16, 2023 at 8:10 PM Toerless Eckert <tte@cs.fau.de <mailto:tte@cs.fau.de>> wrote:
>>    Should one start to wonder how it can be that the EU relies likely
>>    almost solely on
>>    IETF/TCP protocols for their own networks, if not for all the users and
>>    industries in the EU ? How does that with with harmonization
>>    requirements ?
>>    ---
>>    Toerless
>>    On Tue, May 16, 2023 at 03:18:42PM -0400, Jane Coffin wrote:
>>     > Many thanks, Niels.
>>     >
>>     > On Tue, May 16, 2023 at 2:42 PM Niels ten Oever
>>    <mail@nielstenoever.net <mailto:mail@nielstenoever.net>>
>>     > wrote:
>>     >
>>     > > Hi Jane,
>>     > >
>>     > > I checked with the excellent Olia Kanevskaia and she confirmed
>>    what I
>>     > > said: EU can only refer to harmonized standards because it presumes
>>     > > compliance with EU directives and regulations.
>>     > >
>>     > > This is also why CEN/CENELEC is now playing a role in the new
>>    draft AI
>>     > > regulation (even though some academics argue this will not hold
>>    up because
>>     > > of inherent democratic deficits [0]).
>>     > >
>>     > > Best,
>>     > >
>>     > > Niels
>>     > >
>>     > >
>>     > > [0] See for instance para 52-57
>>     > >
>>    https://deliverypdf.ssrn.com/delivery.php?ID=526026122121112015065079030079002004021019084010061003029097008119085101094126103098117019034042056022028000080068074000030123105078049036082098020111006082021085011024058017110080086095027094117113097001118001069071065103108101124116068023026122020020&EXT=pdf&INDEX=TRUE <https://deliverypdf.ssrn.com/delivery.php?ID=526026122121112015065079030079002004021019084010061003029097008119085101094126103098117019034042056022028000080068074000030123105078049036082098020111006082021085011024058017110080086095027094117113097001118001069071065103108101124116068023026122020020&EXT=pdf&INDEX=TRUE>
>>     > >
>>     > > Veale, Michael, and Frederik Zuiderveen Borgesius. 2021.
>>    “Demystifying the
>>     > > Draft EU Artificial Intelligence Act—Analysing the Good, the
>>    Bad, and the
>>     > > Unclear Elements of the Proposed Approach.” Computer Law Review
>>     > > International 22 (4): 97–112.
>>     > >
>>     > > On 16-05-2023 18:32, Jane Coffin wrote:
>>     > > > Hi Niels -
>>     > > >
>>     > > > I had an inkling it was something like this as a UK colleague
>>    was quite
>>     > > clear that the UK carefully went out of its way to include IETF
>>    vis-a-vis
>>     > > standards.
>>     > > > Let me find out more re that.
>>     > > >
>>     > > > It would be great if you could ask your legal colleagues re this.
>>     > > >
>>     > > > Best,
>>     > > > Jane
>>     > > >
>>     > > > On Tue, May 16, 2023 at 12:28 PM Niels ten Oever
>>    <mail@nielstenoever.net <mailto:mail@nielstenoever.net>
>>     > > <mailto:mail@nielstenoever.net
>>    <mailto:mail@nielstenoever.net>>> wrote:
>>     > > >
>>     > > >     Hi Jane,
>>     > > >
>>     > > >     As far as I know, in its legislation the European Union
>>    (EU) can
>>     > > only refer to 'harmonised standards'. A harmonised standard is
>>    a European
>>     > > standard developed by a recognised European Standards
>>    Organisation: CEN,
>>     > > CENELEC, or ETSI. This is why, for instance, CEN adopts ISO
>>    standards in
>>     > > Europe, through the prefix “EN ISO” (see also Vienna
>>    Agreement). So it are
>>     > > just CEN, CENELEC and ETSI standards that are commonly referred
>>    to in
>>     > > European legislation and policies.
>>     > > >
>>     > > >     Through CEN, CENELEC, and ETSI international standards
>>    also often
>>     > > get translated to national standards bodies (NSBs)(but
>>    sometimes they also
>>     > > get translated directly from ISO/IEC to NSBs). Then countries
>>    can refer to
>>     > > it in national legislation as well in my understanding.
>>     > > >
>>     > > >     But I can ask my law colleagues to verify.
>>     > > >
>>     > > >     Best,
>>     > > >
>>     > > >     Niels
>>     > > >
>>     > > >
>>     > > >
>>     > > >     On 16-05-2023 17:39, Jane Coffin wrote:
>>     > > >      > All -
>>     > > >      >
>>     > > >      > Some countries - like Armenia (or at least in 2006) --
>>    indicated
>>     > > in the Telecoms Law that ITU standards were part of their national
>>     > > standards fabric.  Whether they actually put this into practice
>>    is a
>>     > > separate issue (they definitely did on spectrum - Radio Regs -
>>    Treaty).
>>     > > >      > I think the UK (when part of the EC) had to amend some
>>    of its
>>     > > laws (or codes, procedures, you get the point) to include
>>    standards other
>>     > > than ISO, ITU, and specifically include IETF protocols/standards.
>>     > > >      >
>>     > > >      > Does the EC officially accept IETF standards in their
>>    roster of
>>     > > standards?
>>     > > >      > Did some EC countries have to specifically change
>>     > > laws/codes/other/other to include IETF standards outside of any EC
>>     > > processes?
>>     > > >      >
>>     > > >      > I ask this Q as it might be helpful to know at least
>>    whether the
>>     > > EC officially accepts IETF standards, and this flows down to all EC
>>     > > members?  I use the word "accept" as a placeholder for "include by
>>     > > reference in leg, incorporate by ref, other, other appropriate
>>    term".
>>     > > >      >
>>     > > >      > Jane
>>     > > >      >
>>     > > >      >
>>     > > >      >
>>     > > >      >
>>     > > >      >
>>     > > >      > On Tue, May 16, 2023 at 11:05 AM Mallory Knodel <mknodel=
>>     > > 40cdt.org@dmarc.ietf.org <mailto:40cdt.org@dmarc.ietf.org>
>>    <mailto:40cdt.org@dmarc.ietf.org <mailto:40cdt.org@dmarc.ietf.org>>
>>    <mailto:
>>     > > 40cdt.org@dmarc.ietf.org <mailto:40cdt.org@dmarc.ietf.org>
>>    <mailto:40cdt.org@dmarc.ietf.org
>>    <mailto:40cdt.org@dmarc.ietf.org>>>> wrote:
>>     > > >      >
>>     > > >      >     Others will have more context, likely, but I've
>>    engaged with
>>     > > this content rather extensively and it largely focusses on
>>     > > national/regional standards efforts, not international bodies
>>    like the
>>     > > IETF, though it does make mention and understand rather well,
>>    in my view,
>>     > > the relationship between different actors.
>>     > > >      >
>>     > > >      >     -Mallory
>>     > > >      >
>>     > > >      >     On 5/16/23 8:59 AM, Rifaat Shekh-Yusef wrote:
>>     > > >      >>     Hi,
>>     > > >      >>
>>     > > >      >>     Anyone aware of any relationship between the IETF and
>>     > > the European Commission ICT initiative?
>>     > > >      >>     European Multi-Stakeholder Platform on ICT
>>    Standardisation |
>>     > > Shaping Europe’s digital future (europa.eu <http://europa.eu>
>>    <http://europa.eu <http://europa.eu>>) <
>>     > >
>>    https://digital-strategy.ec.europa.eu/en/policies/multi-stakeholder-platform-ict-standardisation <https://digital-strategy.ec.europa.eu/en/policies/multi-stakeholder-platform-ict-standardisation>
>>     > > <
>>     > >
>>    https://digital-strategy.ec.europa.eu/en/policies/multi-stakeholder-platform-ict-standardisation <https://digital-strategy.ec.europa.eu/en/policies/multi-stakeholder-platform-ict-standardisation>
>>     > > >>
>>     > > >      >>
>>     > > >      >>     Regards,
>>     > > >      >>      Rifaat
>>     > > >      >>
>>     > > >      >     --
>>     > > >      >     Mallory Knodel
>>     > > >      >     CTO, Center for Democracy and Technology
>>     > > >      >     gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071
>>    0C32 A271
>>     > > BD3C C780
>>     > > >      >
>>     > > >
>>     > > >     --
>>     > > >     Niels ten Oever, PhD
>>     > > >     Co-Principal Investigator - critical infrastructure lab -
>>    University
>>     > > of Amsterdam
>>     > > >     Assistant Professor - Department of European Studies -
>>    University of
>>     > > Amsterdam
>>     > > >
>>     > > >     W: https://criticalinfralab.net
>>    <https://criticalinfralab.net> <https://criticalinfralab.net
>>    <https://criticalinfralab.net>>
>>     > > >     W: https://nielstenoever.net <https://nielstenoever.net>
>>    <https://nielstenoever.net <https://nielstenoever.net>>
>>     > > >     PGP: 4254 ECD5 D4CF F6AF 8B91 0D9F EFAD 2E49 CC90 C10C
>>     > > >
>>     > >
>>     > > --
>>     > > Niels ten Oever, PhD
>>     > > Co-Principal Investigator - critical infrastructure lab -
>>    University of
>>     > > Amsterdam
>>     > > Assistant Professor - Department of European Studies -
>>    University of
>>     > > Amsterdam
>>     > >
>>     > > W: https://criticalinfralab.net <https://criticalinfralab.net>
>>     > > W: https://nielstenoever.net <https://nielstenoever.net>
>>     > > PGP: 4254 ECD5 D4CF F6AF 8B91 0D9F EFAD 2E49 CC90 C10C
>>     > >
>>    --     ---
>>    tte@cs.fau.de <mailto:tte@cs.fau.de>
> 
> -- 
> Benno J. Overeinder
> NLnet Labs
> https://www.nlnetlabs.nl/
>