Discourse is not information war; public media are not cyber weapons

The DNC hack has led to some inflamed rhetoric by the American foreign policy establishment and mainstream journalists. Cold War-type accusations about the malign influence of the Russians have been revived, as Russia is accused of “manipulating” US elections. There are constant references to information warfare between the U.S. and...

Cyberspace and the nature of the state

On December 12, 2014 two IGP principals, Hans Klein and Milton Mueller, organized an invitation-only workshop on the topic of Sovereignty, National Security and Internet Governance in New York City. The initial inspiration for the workshop came from Dr. Mueller’s engagement with the work of Philip Bobbitt. Bobbitt’s book The...

Keep your pants on: Governments want suspenders for secure routing

The difficulty of applying a hierarchically organized PKI to the decentralized world of Internet routing is being fully exposed in a new Internet-draft.  The document represents a rational response to an RPKI that closely ties address resources to a handful of Internet governance institutions, nicely illustrates how governments and national...

China, the US and cybersecurity: is Mandiant promoting a Cold War mentality?

The release of the Mandiant report on "Advanced Persistent Threat 1" (APT1) marked a watershed in US-China relations on cybersecurity. We are glad the security company released the report: it is good that we are now discussing specific allegations backed with specific items of evidence instead of vague accusations about...

The routing security battles intensify

An important debate about the implications of BGPSEC - a new protocol that would use a hierarchical Resource Public Key Infrastructure (RPKI) to validate Internet route announcements - is taking place in the IETF's Secure Inter-domain Routing (SIDR) Working Group. It's a highly technical discussion, but its significance for Internet governance...

Of canaries and coal mines: What happened at VeriSign?

Too many techies still don't understand the concept of due process, and opportunistic law enforcement agencies, who tend to view due process constraints as an inconvenience, are very happy to take advantage of that. That's the lesson to draw from VeriSign's sudden withdrawal of a proposed new “domain name anti-abuse policy” yesterday.

Russia & China propose UN General Assembly Resolution on “information security”

On September 12 China, the Russian Federation, Tajikistan and Uzbekistan released a Resolution for the UN General Assembly entitled “International code of conduct for information security.” The resolution proposes a voluntary 12 point code of conduct based on “the need to prevent the potential use of information and communication technologies for purposes that are inconsistent with the objectives of maintaining international stability and security and may adversely affect the integrity of the infrastructure within States…” The Code seems to be intended to preserve and protect national sovereignty in information and communication.