|
Re: WCIT outcome?
2012-12-31 15:10:24
At 1:05 PM -0500 12/31/12, Phillip Hallam-Baker wrote:
On Mon, Dec 31, 2012 at 9:51 AM, John Day
<<mailto:jeanjour(_at_)comcast(_dot_)net>jeanjour(_at_)comcast(_dot_)net> wrote:
Phillip,
The reason that rule is useful is that just as it is ridiculous for
the US representative to the ITU to attempt to convey the positions
of Comcast and Google, it is no more practical for one person to
represent the position of Cisco or Microsoft.
Then I take it from this comment that you believe that all forms of
representative government (and reaching agreements) are ridiculous?
MPs and Congressmen are elected decision makers. ITU participants
can make decisions but they are not binding on anyone and only have
effect if people like me choose to implement them.
This was my point. The standards part of ITU is just like any other
standards organization. But there are other things it does which are
not like this, e.g. spectrum allocation. There are other aspects
with respect to tariffs that are binding on signatories.
Representative democracy without the elections part has neither.
Neither of what?
And it may have escaped your notice but pretty much every government
in the developed world tries to limit the scope of their authority
these days. They have discovered that they prefer to concentrate
their influence on a narrow scope and thus maximize it.
That also was my point, if you had read to the bottom. In fact, I
would suggest that the delegations of the developed world made a
mistake assuming that the scope of the ITU was the same as it always
had been. By doing this, they gave up ground they didn't need to.
Surely you don't believe that pure democracy will work? That myth
had been dispelled 250 years ago.
I lived in Switzerland for two years. They have a government that
passes a budget. How is yours doing?
I am sorry but I am not sure what Switzerland has to do with this
discussion. Last time I looked they had a republic (representative)
form of government not a pure democracy. No one every claimed it was
efficient.
The process of a representative form for creating agreements seems
to be (as flawed as it is) about the best we have come up with.
ITU is not a democratic organization, nor does it aspire to be. So
it is not representative in the slightest. Reciting slogans does not
mean they are applicable
No one claimed it was. In fact, quite the opposite. I claimed it
was organized as a republic form, which does what it is members vote
on. It turns out its members are countries. (As I indicated below,
I am not sure in the changed circumstances this is appropriate.)
Actually one thing you seem to have missed, which I thought you would
have jumped all over. Generally, ITU meetings require unanimity to
have a consensus. This time they went with a simple majority. I
would have thought this would have created a fair amount of
consternation.
Wrt its application in standards outside the ITU it works the same
way. When a voluntary standards organization organizes by country,
it is to give voice to the small companies as well as the Ciscos and
Microsofts. The big guys can send 10s of people (which represents a
different problem) to meetings all over the world. The little
companies can't afford that but they have an interest. Providing
the means for them to agree on what their interest is and to make it
heard is equally important.
It sounds like you are arguing for the hegemony of the robber barons
moved to the 21stC.
I deal with the world as I find it. It is very difficult to change
the Internet without the support of a Microsoft or a Google or a
Cisco. There are a ten billion endpoints deployed. The real obstacle
is the hegemony of the installed base.
;-) Why is that daunting? ;-) I hear that excuse often. If we had
had that attitude when we started this effort 40 years ago. We would
still be patching the PSTN. There would be no Internet. Do you think
the Internet was a success because we convinced IBM and AT&T it was a
good idea?!! I am sorry to see that the younger generation is so
faint of heart. Can't take a little challenge!
Actually, it isn't the ITU that is in the way. It is the structure
of the IETF that gives the big players such power.
Where the problem comes in is when you have a proposal that
requires the active support and participation of stakeholders like
VeriSign. When I told the IETF that DNSSEC would be deployed in
<http://dot.com>dot.com if and only if the opt-in proposal was
accepted, I was stating the official position of a stakeholder
whose participation was essential if DNSSEC was going to be
deployed.
It was a really minor change but the reason it was blocked was one
individual had the crazy idea that blocking deployment of DNSSEC
would cause VeriSign to lose dotcom. He was not the only person
with that idea but he was the only person in a position to wreck
all progress in the IETF if he didn't get his way.
For projects like IPv6 the standards development process needs to
be better at identifying the necessary stakeholders and ensuring
that enough essential requirements of enough stakeholders are met.
Otherwise we end up with yet another Proposed Standard RFC that
everyone ignores.
I would disagree slightly. It is not task of the SDO to identify
the necessary stakeholders but to ensure all of the stakeholder are
represented at all levels. The problems you describe above result
from breaking that rule.
I think the idea that the stakeholders want to participate is a
mistaken one. VeriSign particpates in IETF. Some of the backbone
providers do. But many do not.
Self-fulfilling prophecy. The structure of the IETF makes it
difficult to impossible. So why should they waste their time?
So the frequent result is that IETF develops a widget and the
deployment showstoppers are only discovered during deployment.
That is just bad design. I am not sure I would admit to that if I
were you. It doesn't look good. Indicates that the IETF does not
understand its constituency.
It can get really lonely pointing out to a group of people with some
idea their are bursting to implement that they need to at least talk
to the application providers they need to adopt their idea.
Why? The WCTU said, never marry drunkard to reform him. They will
find out soon enough.
The question is what, if anything, is there left relating to
wireline communication that requires agreement among *governments*?
I can't think of much.
They need to come to an agreement to ban cyber-sabotage like they
have banned chemical and biological weapons.
Do they? Don't you think it is interesting that the countries crying
loudest for this are the source of much of it and have sufficiently
authoritarian regimes that they could shut down next week if they
wanted?
It is far from clear to me that such an agreement would be worth the
paper it was written on, unless it is possible to prove (which we
can't in 99% of the cases) that it was a State that mounted the
attack.
Right now we have a group of US, Russian and Chinese military types
all looking to make their careers at the forefront of the new cyber
arms race. The military managed to piss away trillions of dollars in
wealth with their cold war, now they want to do the same in cyber.
The cold war was ultimately won because the youth of East Germany
simply walked away from the regime.
You really believe that?! The cold war was won, because Gorbachev
*chose* not to repeat the response to the Hungarian and Czech revolts
of '56 and '68. Tian An Men provides a good counter-example. You
need to read Lutwack's Coup d'Etat: A Practical Handbook. Walking
away isn't sufficient.
Like chemical weapons, cyber weapons are far more bark than bite and
what bite there is can hit the attacker. Stuxnet and Flame were
crafted to attack Iran, the vectors were repurposed and targeted at
the US days after they were discovered. We also have the interesting
precedent that the UK has launched a cyber sabotage attack against a
nuclear facility declared as civil and under an IAEA inspection
regime.
We can't stop everyone from developing cyber-sabotage capabilities
but we can push efforts that occur so far underground that they
can't poison attempts to deploy effective defenses. The US and
Chinese critical infrastructures may be separate at a physical level
but they are tightly coupled at a logical and economic level. Any
weapon that affects one is at least capable of bringing down the
other.
This was another point I made although not specifically on
cyber-security. If you look closely at these kinds of attacks they
have little or nothing to do with the functioning of the *Internet.*
They have a lot more to do with what the Internet is used for. (This
is like saying the ITU has some sort of authority over what is said
over the phone. Not something I think is a good idea, although
apparently you do.) Which tells us why the authoritarian regimes are
so big on pushing it. They see cyber-security treaties as a means to
increase their control for domestic suppression and isolate their
populations. Support it if you want, but I certainly would think
twice about it.
That is the task that the ITU should be addressing.
Gawd! I hope not.
It might as well get started on it because one consequence of the
Dubai debacle is that the remaining ITU standards efforts have been
compromised.
The ITU standards efforts were unaffected and irrelevant to what
happened in Dubai. which is too bad. For 30+ years, I have described
their standards efforts as targeted a market window 15 minutes in the
future. Even before you get to how badly flawed they are
technically. The ITU standards effort is just another ho-hum
voluntary standards group like the IETF, or IEEE, or ASTM, or EIA, or
ICAO, or even ISO.
Take care,
John Day
|
|