[At-Large] ICANN Blog : Relying on ICANN Community-Developed Processes for a Safe, Secure Interne

Karl Auerbach karl at cavebear.com
Thu Jan 6 22:39:45 UTC 2022


On 1/6/22 9:39 AM, Dev Anand Teelucksingh via At-Large wrote:
>
> ICANN Blog : Relying on ICANN Community-Developed Processes for a 
> Safe, Secure Internet
>
In our race to be safe and secure we are forgetting about maintenance, 
monitoring, diagnostics, and repair.

Our layers of security are making it harder to keep the net running.

I've been working on the monitor/diagnose/repair side of things for more 
than 4 decades.  I've watched as the number and strength of security 
walls being erected, walls that make running the net hard,  is increasing.

Yes, we need security.  But we also need means to keep the net running 
and to fix it when thing go awry.

Few have been willing to discuss this trade-off between security and 
maintenance/repair.

The solution may require empowerment of people with special privileges 
and use of privileged tools of exceptional power; a cadre of privileged 
internet priests.

The creation of such a cadre has been strongly resisted when that cadre 
has taken the form of things like backdoors into cryptography.  However, 
to keep the net alive sometimes people and tools are going to have to go 
into the cellars and sewers of the net where unpleasant and 
uncomfortable things will be seen.  To my mind this all comes down to 
ethics and trust, the trust that those who have special powers to 
maintain the net operate within a set of ethical guidelines backed by 
strong enforcement.

At the present time the internet is like a patent on a surgical table.  
Perhaps the patient is sick, perhaps not, perhaps in need of immediate 
care.  But on our present internet the doctors are locked outside the 
building and the the surgeon is allowed only butter knives rather than 
sharp scalpels.

The internet has become a lifeline utility - health, safety, and even 
lives depend on it.  That will increase in the future.

Yet we have only weak and filtered means to monitor the net, to 
understand its pathologies; to even know when things are working badly 
(whether due to failure, attack, or simple mis-configuration) are, at 
best, weak; and to make repairs.

Questions of security must be considered, hand-in-hand, with matters of 
the necessary access and the sharp, potentially dangerous, tools that 
must be wielded to keep thins operating well.

         --karl--

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://atlarge-lists.icann.org/pipermail/at-large/attachments/20220106/a734c6ec/attachment.html>


More information about the At-Large mailing list