Hi Harry, Watson, > There are fundamental architectural issues with Internet and Web > security that cannot be fixed, only patched around.
I've spoken to the EC as well, in fact I was one of the ten invited experts attending the closed workshop they organised some weeks ago. Within the EC there does not seem to be much awareness let alone a sense of great urgency in the way that the internet technical community and in particular the people on this list feel it. None of their plans mention surveillance, or Edward Snowden, or even the words security and privacy. And that is the reason why I'm informing people about this consultation and the opportunity to get across how necessary a large investment is. Without simple and unambiguous input from many people that we need to free as much of this budget as possible to revisit every nook and cranny of the design of the internet, the money will evaporate. It is the bigger picture that is missing, and I agree with Watson that we should not be happy with the breadcrumbs and the small wins - this 750 million euro is exactly what is needed to address things properly. At the standards side, at the open source side and at the practical deployment side. Of course the NSA and its many counterparts have much much bigger budgets, but if the EC money is used to empower the right ideas from the community we have a fighting chance. We don't need to settle or even debate the technical course at this moment, it is important now to get enough money allocated to solving the problems of the real internet instead of surfing the hype curve with huge projects that fail horribly. And step two is turning around the processes at the EC, and making them compatible with the way the internet operates - smaller, more agile, bottom up. These budgets have been around for a long time, but I cannot name a single real success story despite billions and billions put in - and to a large degree that is the fault of working with a few very large consortia that suffer from inbreeding. To summarize: I don't think we should settle for 'patches' here and there, we deserve a thoughtful and thorough sanitisation of the whole architecture of the internet and of the web (issues like Rowhammer.js to me are the beginning of the end of the Javascript era). Anyway: hope many of you will respond. The questionnaire is here: https://ec.europa.eu/eusurvey/runner/nextgen-internet And I suggest to keep it simple - the more obscure and technical your comments, the less likely it is to be included in the outcome. Simple wording (the internet is broken, please fix it) might be the most strategic option, although looking at the length of this mail alone I'm afraid that it is very tempting to violate this principle. Best, Michiel Leenaars
signature.asc
Description: OpenPGP digital signature
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
