Re: [cooperation-wg] DNS4EU - proposal for a community response - draft

2022-02-09 Thread Desiree Miloshevic 


> On 7 Feb 2022, at 14:09, Shane Kerr  wrote:
> 
> Desiree,
> 
> Thank you for this proposal!

And thank you for the questions, thoughts and comments Shane.
My brief answers, questions bellow.


> On 03/02/2022 20.16, Desiree Miloshevic wrote:
>> We’d like to know if there is some support from members for having a RIPE 
>> community response on this proposal?
> 
> I think that a RIPE community response makes sense.
> 
>> We would really appreciate your feedback or any comments you’d wish to make 
>> or if you'd like us to work further on this.
> 
> I have some feedback, inline below.
> 
>> Proposed DNS4EU RIPE community statement comments
>> 1.
>>RIPE community believes that governance of the DNS resolution chain,
>>which is such an important element of everybody's Internet
>>connectivity, should involve all stakeholders and can not solely
>>rely on legislation and regulatory oversight.
> 
> I think we should be careful with this. For me, it's not really important 
> that everyone who could conceivably be considered a stakeholder to be 
> involved in governance of DNS resolution. Do we really think it is important 
> if bodies like GEMA or other intellectual property organizations are part of 
> this (to pick one of many possible groups who could claim to be a 
> stakeholder)?
> 
> If the goal is to provide the best system for EU citizens and residents, then 
> that should be the focus. Certainly access providers and other DNS operators 
> can proxy their users' interests, and have a lot of expertise, and should be 
> involved though.
> 
Multistakeholder means an opportunity for stakeholders to be involved (e.g. 
technical community, academia, private sector, govts, civil society) and not 
that everybody always needs to be involved. It ensures that a decision making 
processes involve more actors and do not depend on a single stakeholder’s 
decision.  We should not be deciding who should or not be involved - MSM model 
means it’s broader than one stakeholder, in this case, the legislator.
 
>> 2.
>>RIPE Community hopes that any winning bidder will adhere to what we
>>see as a fundamental property of the Internet, with a diverse and
>>competitive landscape, anchored on the principles of
>>multistakeholder Internet governance.
> 
> "bidders"? Or do expect that any contracts awarded would be to a single 
> organization?

No, the word bidder is broader than a single entity but we can change/clarify 
that wording, thank you for spotting!
In my view, it'd be a good idea If diverse organisations come together and 
apply as a consortium, 
which I believe is also the idea behind the call.

> 
>> 3.
>>RIPE Community believes that the responsibility of well-functioning
>>Internet access including the DNS resolution is with the access
>>providers. We believe it should stay that way.
> 
> Should it? Do access providers want this? Is this really the best way to 
> provide performant, reliable, and secure DNS to users?

It’s one possible model and of course there are other models that can co-exist. 
Since access providers already provide Internet access why wouldn’t they also 
provide a DNS resolution?
For smaller providers, I agree that it could be perceived as additional work.

> 
> I think the market forces do not line up properly with recurvive DNS at the 
> provider level... I doubt many customers choose a provider based on their 
> high-quality DNS service, and so it becomes something that companies must 
> provide even though it doesn't make them money. It's a cost.

You are right, but it's also possible that the market can align well at the 
provider level. With this significant financial help it could be less of a 
cost. 
It's one of the many options. An access provider should always have a choice of 
which DNS resolver service to use or and/or run its own.

I Agree that majority of customers do not choose a provider based on its 
high-quality DNS service.
We know that some browsers, applications, operators, device manufacturers 
decide for themselves and provide no choice, but perhaps this is changing. I’m 
sure someone can provide more input.

Some companies can align very well along the market forces (and recursive DNS 
at the provider level) and make it good for the end user 
and other companies can also align well with the market forces but perhaps act 
less in the best interest of the end user.

> 
> Public DNS resolvers make recursive DNS pay for itself, either by donations 
> (as in the case of Quad9), paid subscriptions (as in the case of OpenDNS), or 
> using the data gained for some other purpose in their operations (presumably 
> the case for Google and Cloudflare). So money spent is improving their actual 
> service; that is, a benefit.

I read this as: Diversity in the Public DNS resolvers exists as well as 
different market models and they should be self-sufficient.
Financial gains generated by the service should go towards further service

Re: [cooperation-wg] DNS4EU - proposal for a community response - draft

2022-02-07 Thread Shane Kerr 

Desiree,

Thank you for this proposal!

On 03/02/2022 20.16, Desiree Miloshevic wrote:


We’d like to know if there is some support from members for having a 
RIPE community response on this proposal?


I think that a RIPE community response makes sense.

We would really appreciate your feedback or any comments you’d wish to 
make or if you'd like us to work further on this.


I have some feedback, inline below.


Proposed DNS4EU RIPE community statement comments


 1.
RIPE community believes that governance of the DNS resolution chain,
which is such an important element of everybody's Internet
connectivity, should involve all stakeholders and can not solely
rely on legislation and regulatory oversight.


I think we should be careful with this. For me, it's not really 
important that everyone who could conceivably be considered a 
stakeholder to be involved in governance of DNS resolution. Do we really 
think it is important if bodies like GEMA or other intellectual property 
organizations are part of this (to pick one of many possible groups who 
could claim to be a stakeholder)?


If the goal is to provide the best system for EU citizens and residents, 
then that should be the focus. Certainly access providers and other DNS 
operators can proxy their users' interests, and have a lot of expertise, 
and should be involved though.



 2.

RIPE Community hopes that any winning bidder will adhere to what we
see as a fundamental property of the Internet, with a diverse and
competitive landscape, anchored on the principles of
multistakeholder Internet governance.


"bidders"? Or do expect that any contracts awarded would be to a single 
organization?



 3.
RIPE Community believes that the responsibility of well-functioning
Internet access including the DNS resolution is with the access
providers. We believe it should stay that way.


Should it? Do access providers want this? Is this really the best way to 
provide performant, reliable, and secure DNS to users?


I think the market forces do not line up properly with recurvive DNS at 
the provider level... I doubt many customers choose a provider based on 
their high-quality DNS service, and so it becomes something that 
companies must provide even though it doesn't make them money. It's a cost.


Public DNS resolvers make recursive DNS pay for itself, either by 
donations (as in the case of Quad9), paid subscriptions (as in the case 
of OpenDNS), or using the data gained for some other purpose in their 
operations (presumably the case for Google and Cloudflare). So money 
spent is improving their actual service; that is, a benefit.



 4.
We understand that to be able to minimise some risks when the end
user selects a random DNS resolver, a possible and feasible solution
is to have the access provider run their local DNS resolvers and/or
an additional DNS resolver as a back-up.


I guess this means that when an end users picks a DNS resolver that 
there is a back-up. Probably that's fine, although more and more this is 
not the user picking, but rather their browser picking some DNS over 
HTTP (DoH) server. Also, note that this is not standard practice 
today... I don't think that I have ever seen a configuration for 
resolution that asks for backup servers.



 5.

We hope that the EU could allocate DNS4EU funds to the local
Internet community and encourage Internet access providers to run
their local DNS resolvers. Additionally, the funds can be also used
towards the development of open source software for better and
affordable DNS resolution services.


I'm all for this! There are plenty of companies both for-profit and 
non-profit in the EU that write DNS open source software and provide 
free DNS services.


Cheers,

--
Shane


OpenPGP_0x3732979CF967B306.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/cooperation-wg

Re: [cooperation-wg] DNS4EU - proposal for a community response - draft

2022-02-07 Thread Michele Neylon - Blacknight via cooperation-wg 
Agreed

I think this entire thing from the EC is just plain nuts.

The draft statement is good and I’d support it.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
https://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845


From: cooperation-wg  on behalf of Olivier MJ 
Crépin-Leblond 
Date: Saturday, 5 February 2022 at 20:51
To: Desiree Miloshevic , Cooperation Working Group 

Cc: Sebastien Bachollet 
Subject: Re: [cooperation-wg] DNS4EU - proposal for a community response - draft

[EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised 
sources.
Dear Desiree,

on this, speaking from a personal perspective and not EURALO, which I'll leave 
to Sébastien Bachollet, I should add that I agree with the points the Statement 
makes, with the added point that the inherent robustness of the Internet has 
always been due to its diversity: diverse technologies with nameservers and 
resolvers that were running on a variety of technologies. Putting together a 
uniform set of DNS resolvers, all of which run on the same technology, will 
actually weaken the European Internet infrastructure rather than enhance it, as 
it will reduce that diversity of technologies that mitigates attacks using 
specific security flaws and buggy updates.
Kindest regards,

Olivier
On 03/02/2022 22:16, Desiree Miloshevic wrote:
Dear members, dear all

Further to the RIPE NCC’s summary of the DNS4EU Open House discussion and 
further to your witnessing of our earlier 'transparent wordsmithing 
consultation' with other RIPE - WG Chairs,
I’d like to propose the following high level statement draft for your 
consideration.

Julf and myself, as Co-Chairs are in agreement with this draft statement and 
Achilleas had excused himself due to his affiliation with the EC.

We’d like to know if there is some support from members for having a RIPE 
community response on this proposal?

We would really appreciate your feedback or any comments you’d wish to make or 
if you'd like us to work further on this.

Many thanks for your consideration and the feedback,

Desiree
--
Coop WG Co-Chair

Proposed DNS4EU RIPE community statement comments



  1.  RIPE community believes that governance of the DNS resolution chain, 
which is such an important element of everybody's Internet connectivity, should 
involve all stakeholders and can not solely rely on legislation and regulatory 
oversight.

  1.  RIPE Community hopes that any winning bidder will adhere to what we see 
as a fundamental property of the Internet, with a diverse and competitive 
landscape, anchored on the principles of multistakeholder Internet governance.

  1.  RIPE Community believes that the responsibility of well-functioning 
Internet access including the DNS resolution is with the access providers. We 
believe it should stay that way.

  1.  We understand that to be able to minimise some risks when the end user 
selects a random DNS resolver, a possible and feasible solution is to have the 
access provider run their local DNS resolvers and/or an additional DNS resolver 
as a back-up.

  1.  We hope that the EU could allocate DNS4EU funds to the local Internet 
community and encourage Internet access providers to run their local DNS 
resolvers. Additionally, the funds can be also used towards the development of 
open source software for better and affordable DNS resolution services.

On 2 Feb 2022, at 15:26, Chris Buckridge 
mailto:chr...@ripe.net>> wrote:

Dear colleagues,  Thank you to all who joined for the RIPE NCC Open House 
discussion of DNS4EU on Monday, 31 January. We have posted a summary of some 
key points and links to the video archive here:  
https://labs.ripe.net/author/chrisb/dns4eu-ripe-ncc-open-house-discussion/ 
Cheers Chris --  To unsubscribe from this mailing list, get a password 
reminder, or change your subscription options, please visit: 
https:<https://lists.ripe.net/mailman/listinfo/cooperation-wg>





--

Olivier MJ Crépin-Leblond, PhD

http://www.gih.com/ocl.html
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/cooperation-wg

Re: [cooperation-wg] DNS4EU - proposal for a community response - draft

2022-02-05 Thread Olivier MJ Crépin-Leblond 

Dear Desiree,

on this, speaking from a personal perspective and not EURALO, which I'll 
leave to Sébastien Bachollet, I should add that I agree with the points 
the Statement makes, with the added point that the inherent robustness 
of the Internet has always been due to its diversity: diverse 
technologies with nameservers and resolvers that were running on a 
variety of technologies. Putting together a uniform set of DNS 
resolvers, all of which run on the same technology, will actually weaken 
the European Internet infrastructure rather than enhance it, as it will 
reduce that diversity of technologies that mitigates attacks using 
specific security flaws and buggy updates.

Kindest regards,

Olivier

On 03/02/2022 22:16, Desiree Miloshevic wrote:

Dear members, dear all

Further to the RIPE NCC’s summary of the DNS4EU Open House discussion 
and further to your witnessing of our earlier 'transparent 
wordsmithing consultation' with other RIPE - WG Chairs,
I’d like to propose the following high level statement draft for your 
consideration.


Julf and myself, as Co-Chairs are in agreement with this draft 
statement and Achilleas had excused himself due to his affiliation 
with the EC.


We’d like to know if there is some support from members for having a 
RIPE community response on this proposal?


We would really appreciate your feedback or any comments you’d wish to 
make or if you'd like us to work further on this.


Many thanks for your consideration and the feedback,

Desiree
--
Coop WG Co-Chair

Proposed DNS4EU RIPE community statement comments


1.
RIPE community believes that governance of the DNS resolution
chain, which is such an important element of everybody's Internet
connectivity, should involve all stakeholders and can not solely
rely on legislation and regulatory oversight.

2.

RIPE Community hopes that any winning bidder will adhere to what
we see as a fundamental property of the Internet, with a diverse
and competitive landscape, anchored on the principles of
multistakeholder Internet governance.

3.
RIPE Community believes that the responsibility of
well-functioning Internet access including the DNS resolution is
with the access providers. We believe it should stay that way.
4.
We understand that to be able to minimise some risks when the end
user selects a random DNS resolver, a possible and feasible
solution is to have the access provider run their local DNS
resolvers and/or an additional DNS resolver as a back-up.
5.

We hope that the EU could allocate DNS4EU funds to the local
Internet community and encourage Internet access providers to run
their local DNS resolvers. Additionally, the funds can be also
used towards the development of open source software for better
and affordable DNS resolution services.

On 2 Feb 2022, at 15:26, Chris Buckridge mailto:chr...@ripe.net>> wrote:
Dear colleagues, Thank you to all who joined for the RIPE NCC Open
House discussion of DNS4EU on Monday, 31 January. We have posted a
summary of some key points and links to the video archive here:
https://labs.ripe.net/author/chrisb/dns4eu-ripe-ncc-open-house-discussion/

Cheers Chris -- To unsubscribe from this mailing list, get a
password reminder, or change your subscription options, please
visit: https: 




--
Olivier MJ Crépin-Leblond, PhD
http://www.gih.com/ocl.html
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/cooperation-wg

Re: [cooperation-wg] DNS4EU - proposal for a community response - draft

2022-02-05 Thread Salam Yamout 
I think issuing the statement is a good idea.
Maybe you want to add a point that there is a risk of disruption of service
when changing something that has been working for more than 25 years?
Salam

On Thu, Feb 3, 2022 at 8:16 PM Desiree Miloshevic 
wrote:

> Dear members, dear all
>
> Further to the RIPE NCC’s summary of the DNS4EU Open House discussion and
> further to your witnessing of our earlier 'transparent wordsmithing
> consultation' with other RIPE - WG Chairs,
> I’d like to propose the following high level statement draft for your
> consideration.
>
> Julf and myself, as Co-Chairs are in agreement with this draft statement
> and Achilleas had excused himself due to his affiliation with the EC.
>
> We’d like to know if there is some support from members for having a RIPE
> community response on this proposal?
>
> We would really appreciate your feedback or any comments you’d wish to
> make or if you'd like us to work further on this.
>
> Many thanks for your consideration and the feedback,
>
> Desiree
> --
> Coop WG Co-Chair
>
> Proposed DNS4EU RIPE community statement comments
>
>
>
>1. RIPE community believes that governance of the DNS resolution
>chain, which is such an important element of everybody's Internet
>connectivity, should involve all stakeholders and can not solely rely on
>legislation and regulatory oversight.
>
>
>1.
>
>RIPE Community hopes that any winning bidder will adhere to what we
>see as a fundamental property of the Internet, with a diverse and
>competitive landscape, anchored on the principles of multistakeholder
>Internet governance.
>
>2. RIPE Community believes that the responsibility of well-functioning
>Internet access including the DNS resolution is with the access providers.
>We believe it should stay that way.
>
>3. We understand that to be able to minimise some risks when the end
>user selects a random DNS resolver, a possible and feasible solution is to
>have the access provider run their local DNS resolvers and/or an additional
>DNS resolver as a back-up.
>
>4.
>
>We hope that the EU could allocate DNS4EU funds to the local Internet
>community and encourage Internet access providers to run their local DNS
>resolvers. Additionally, the funds can be also used towards the development
>of open source software for better and affordable DNS resolution services.
>
>
>On 2 Feb 2022, at 15:26, Chris Buckridge  wrote:
>
>Dear colleagues,
>
>Thank you to all who joined for the RIPE NCC Open House discussion of
>DNS4EU on Monday, 31 January. We have posted a summary of some key points
>and links to the video archive here:
>
>https://labs.ripe.net/author/chrisb/dns4eu-ripe-ncc-open-house-discussion/
>
>Cheers
>Chris
>--
>
>To unsubscribe from this mailing list, get a password reminder, or
>change your subscription options, please visit: https:
>
>
> --
>
> To unsubscribe from this mailing list, get a password reminder, or change
> your subscription options, please visit:
> https://lists.ripe.net/mailman/listinfo/cooperation-wg
>
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/cooperation-wg

[cooperation-wg] DNS4EU - proposal for a community response - draft

2022-02-03 Thread Desiree Miloshevic 
Dear members, dear all

Further to the RIPE NCC’s summary of the DNS4EU Open House discussion and
further to your witnessing of our earlier 'transparent wordsmithing
consultation' with other RIPE - WG Chairs,
I’d like to propose the following high level statement draft for your
consideration.

Julf and myself, as Co-Chairs are in agreement with this draft statement
and Achilleas had excused himself due to his affiliation with the EC.

We’d like to know if there is some support from members for having a RIPE
community response on this proposal?

We would really appreciate your feedback or any comments you’d wish to make
or if you'd like us to work further on this.

Many thanks for your consideration and the feedback,

Desiree
--
Coop WG Co-Chair

Proposed DNS4EU RIPE community statement comments



   1. RIPE community believes that governance of the DNS resolution chain,
   which is such an important element of everybody's Internet connectivity,
   should involve all stakeholders and can not solely rely on legislation and
   regulatory oversight.


   1.

   RIPE Community hopes that any winning bidder will adhere to what we see
   as a fundamental property of the Internet, with a diverse and competitive
   landscape, anchored on the principles of multistakeholder Internet
   governance.

   2. RIPE Community believes that the responsibility of well-functioning
   Internet access including the DNS resolution is with the access providers.
   We believe it should stay that way.

   3. We understand that to be able to minimise some risks when the end
   user selects a random DNS resolver, a possible and feasible solution is to
   have the access provider run their local DNS resolvers and/or an additional
   DNS resolver as a back-up.

   4.

   We hope that the EU could allocate DNS4EU funds to the local Internet
   community and encourage Internet access providers to run their local DNS
   resolvers. Additionally, the funds can be also used towards the development
   of open source software for better and affordable DNS resolution services.


   On 2 Feb 2022, at 15:26, Chris Buckridge  wrote:

   Dear colleagues,

   Thank you to all who joined for the RIPE NCC Open House discussion of
   DNS4EU on Monday, 31 January. We have posted a summary of some key points
   and links to the video archive here:

   https://labs.ripe.net/author/chrisb/dns4eu-ripe-ncc-open-house-discussion/

   Cheers
   Chris
   --

   To unsubscribe from this mailing list, get a password reminder, or
   change your subscription options, please visit: https:
   
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/cooperation-wg