Via Bill Woodcock of PCH on NANOG, a founding statement + technical paper on '*Multistakeholder Imposition of Internet Sanctions*' signed by a bunch of people, including former ISOC trustee John Levine. https://www.pch.net/resources/Papers/Multistakeholder-Imposition-of-Internet... EXCERPT *We believe it is now incumbent upon the Internet community to deliberate and make decisions in the face of humanitarian crises. We may not responsibly dismiss such crises without consideration, nor with consideration only for the self-interest of our community’s own direct constituents; instead, maturity of governance requires that self interests be weighed in the balance with broader moral and societal considerations. This document is the beginning of a global Internet governance conversation about the appropriate scope of sanctions, the feasibility of sanctions within the realm of our collective responsibility, and our moral imperative to minimize detrimental consequences. * *Principles for Internet Infrastructure Governance Sanctions * *We, the undersigned, agree to the following principles: * *● Disconnecting the population of a country from the Internet is a disproportionate and inappropriate sanction, since it hampers their access to the very information that might lead them to withdraw support for acts of war and leaves them with access to only the information their own government chooses to furnish. * *● The effectiveness of sanctions should be evaluated relative to predefined goals. Ineffective sanctions waste effort and willpower and convey neither unity nor conviction. * *● Sanctions should be focused and precise. They should minimize the chance of unintended consequences or collateral damage. Disproportionate or over-broad sanctions risk fundamentally alienating populations. * *● Military and propaganda agencies and their information infrastructure are potential targets of sanctions. * *● The Internet, due to its transnational nature and consensus-driven multistakeholder system of governance, currently does not easily lend itself to the imposition of sanctions in national conflicts. * *● It is inappropriate and counterproductive for governments to attempt to compel Internet governance mechanisms to impose sanctions outside of the community’s multistakeholder decision-making process. * *● There are nonetheless appropriate, effective, and specific sanctions the Internet governance community may wish to consider in its deliberative processes. * *Recommendations * *We believe it is the responsibility of the global Internet governance community to weigh the costs and risks of sanctions against the moral imperatives that call us to action in defense of society, and we must address this governance problem now and in the future. We believe the time is right for the formation of a new, minimal, multistakeholder mechanism, similar in scale to NSP-Sec or Outages, which after due process and consensus would publish sanctioned IP addresses and domain names in the form of public data feeds in standard forms (BGP and RPZ), to be consumed by any organization that chooses to subscribe to the principles and their outcome. * *This process should use clearly documented procedures to assess violations of international norms in an open, multistakeholder, and consensus-driven process, taking into account the principles of non-overreach and effectiveness in making its determinations. This system mirrors existing systems used by network operators to block spam, malware, and DDoS attacks, so it requires no new technology and minimal work to implement. * *We call upon our colleagues to participate in a multistakeholder deliberation using the mechanism outlined above, to decide whether the IP addresses and domain names of the Russian military and its propaganda organs should be sanctioned, and to lay the groundwork for timely decisions of similar gravity and urgency in the future. * Bill writes: *Now we can focus on operationalization. Mailing list, web site, etc. are in the process of being set up.The goal is to have a minimal, lightweight mechanism with BGP and RPZ feeds that networks can voluntarily subscribe to. 99% of the time, they’d be empty. Occasionally, when the Internet community believes that a military or propaganda agency is problematic enough to be worth sanctioning, IPs and domains would be added to the feed. The mechanism is exactly the same as is currently used for blackholing abuse IPs and domains, so doesn’t take anything new on the subscribing network’s side, just one more feed.We’re anticipating that debate over what goes into the list will only happen very occasionally, and the discussion list will be quiet the rest of the time. A lot like NSP-Sec and Outages. And there’ll probably be a lot of overlap with those groups. All are welcome, look for an announcement in a few more days.* -- -------------------------------------- Joly MacFie +12185659365 -------------------------------------- - -- -------------------------------------- Joly MacFie +12185659365 -------------------------------------- -