The end of an era: Gert Döring on his time at RIPE
Gert Döring has chaired the RIPE Address Policy Working Group for close to two decades. Representing one of the first German ISPs, SpaceNet, he helped create RIPE’s process for adopting policies. Looking back, he thinks the RIPE community has to start adapting to the “bigger” internet. But even as he departs from his chair role, he will continue to be present, he says to CENTR.
Talking Backdoors: Forcing a round peg into a square hole
In an appeal to the RIPE community Patrik Fälström, Technical Director and Head of Security at Netnod, and Stephen Farrell, Researcher at Trinity College Dublin and long time Security Area Director at the IETF, spoke out against the next wave of “not so secure encryption” proposals from the European Union. A recent Council of Ministers’ paper from the Portugese Presidency underlines once more the need for access to end-to-end encrypted communication.
A broader view of security
DNS traffic encryption is all the rage, with standardisation, software and deployment advancing. But root server operators are questioning encryption for traffic going up to their servers. In a joint public statement of 31 March they declared they would not introduce encryption for the 13 root servers at this point in time. We asked the operators of root servers I and K, Lars-Johan Liman from Swedish operator Netnod and Kaveh Ranjibar from Ripe NCC, why root operators do not want to secure DNS queries by encryption.
CENTR publishes comment on the proposed NIS 2 Directive
Brussels, 19 May 2021 - CENTR, which represents European national top-level domain name registries (ccTLDs) such as .ie or .eu, has published a comment on the Proposal for a Directive on measures for a high common level of cybersecurity across the Union, repealing Directive (EU) 2016/1148 (also known as the NIS 2 Directive).
CENTR is hiring a Policy Officer!
We are looking for a dedicated and highly motivated Policy Officer to join our small, fabulous team in Brussels and serve our international and multilingual membership who are at the core of the internet infrastructure.
EU Policy Update - April 2021
In a nutshell: The European Commission unveiled its proposal on the Artificial Intelligence Act and the EU Strategy to tackle organised crime until 2025. ENISA published research directions for the EU digital strategic autonomy. The Council of Europe published a new draft text of the 2nd Additional Protocol to the Budapest Convention. The negotiators in the European Parliament and the Council of the EU reached a provisional agreement on temporary rules to detect and remove child abuse material. The European Parliament adopted TERREG.
RegeID: help fill in our surveys!
As part of a European-funded project it is involved in, CENTR would be very grateful if European registries and registrars could help it in its research and fill in a survey on using eIDAS.
The Camel’s Back: Recursive to Authoritative DNS with Encryption
With the mushrooming deployment of encrypted DNS transport protocols like DNS over HTTPS (DoH) and DNS over TLS (DoT), one might be seduced into thinking that in-flight confidentiality of DNS queries is a problem done and dusted. A comprehensive modeling of the security threats, however, reveals otherwise.
CENTR publishes comment on the proposed Digital Services Act
CENTR, which represents European national top-level domain name registries such as .ie or .eu, has published a comment on the Proposal for a Regulation on a Single Market For Digital Services (Digital Services Act).
EU Policy Update – March 2021
In a nutshell: The European Commission unveiled its Digital Targets for 2030. Four EU countries called for European digital sovereignty in a letter to the European Commission. The European Data Protection Supervisor issued an opinion on the Europol Regulation proposal and the NIS 2 Directive proposal. The European Court of Justice delivered a judgment about the admissibility of evidence in cases of access to electronic communications traffic and location data. The Council of the EU adopted conclusions on the EU cybersecurity strategy. The European Parliament adopted its resolution on the implementation of the GDPR. EUIPO published a discussion paper on challenges and good practices to prevent the misuse of domain names for IP infringements.