Hi Sander, On Mon, 2013-05-20 at 20:55 +0200, Sander Steffann wrote:
About the "Obviously, and not only due to RPKI, a classic deterring safe-guard is required": I don't find this obvious at all.
Again, what you said (no sed): On Mon, 2013-05-20 at 15:57 +0200, Sander Steffann wrote:
If the Dutch legal system gets so bad that they require disproportional measures to be taken by the RIPE NCC then I think we have bigger issues and should move the RIPE NCC to a different country.
I am really interested in hearing how you think the decision model should work here: - What are "disproportional" measures? - What should be the triggering mechanism for actually moving the RIPE NCC to another country (possibly outside of the EU) ? If you don't see the above "obvious" it appears you haven't follow the thought behind your quote (and mis-quote) through... Please do so. Burying the head in the sand and wishing "disproportional measures" (yet to be defined) will not happen, is not an appropriate approach. Waiting until they do happen (IF they happen! - which I personally see close to 100%) is very bad stewardship of the Internet. In many European countries the past 15 years, we've seen an (never-ending?) erosion of privacy protections and the various interests who see censorship as a solution to $PROBLEM is hardly diminishing in political influence. We've already seen the Dutch police forward a US court order to the RIPE NCC. The (or some) LEA's obviously know how the RIPE NCC works and what it can do with its central repository/record of Who-has-what-IP, and I very much hope it is public knowledge on this list what some LEA's intentions or desires are with regards to centralized control via the RIR's, in particular the RIPE NCC. RPKI in this respect is entirely a non-issue! It's equivalent to TLS to whois.ripe.net, ie. merely the transport - not the data source. Having backups of the central information systems and clear rules of their abuseability, to guard against the [by me, _completely_] expected coming slippery slope, however, is entirely the core issue and a quite obvious thing to implement. Best, Martin