Personal tools
You are here: Home Proceedings Committee Proceedings Technical Policy Committee Archive 2005 Report of Technical Committee 30/04/05
 

Report of Technical Committee 30/04/05

The Technical Committee was to meet in March. For various reasons (Gale wasn't there to remind us, no urgent business, the impact of Apricot and NZNOG travel on the early part of the year) that meeting did not occur. The next meeting will be on 29 April 2005, the day before the council meeting.

Looking back at the last Council meeting minutes I note that “ David Harris was asked to talk to government about XML URIs, for which a discussion paper was released mid January ” . This may come as a surprise to David, as the previous Tech minutes suggested this was a task for the Executive Director and the Technical Manager.

David has created his CA Discussion paper. It is included with the Council papers, but is still considered a draft document and is not for circulation. David has some changes that he might like to make to it.

Apricot was worthwhile. The network infrastructure security seminar was of interest, especially in terms of the obvious focus on the part of the major network vendors to deal with the risks and consequences of DDoS attacks. This has come up at a couple of events since so its an issue “ to come ” . There are dire predictions of internet doom from DDoS, and that preparation time is now. This is interesting and maybe something that NZRS should care about.

The APTLD Technical workshop was a bit light. While it seemed to be an OK forum for people to make their first ever technical presentations, that did not make them interesting or useful. PDT had asked for someone from NZ to give a presentation, and there were no takers – but that is a failing of understanding of the expected level and audience. Presentations on almost any field of Internet management would have been useful.

APNIC administration and security sessions were useful. Of interest were sessions on APNIC and JPNIC setting up CA arrangements for contact. Not a full CA plan, but something sufficient for them to assure communications between them and their customers. The main impression was that like so many things it is not that hard technically but administratively it is a nightmare. Getting from start to implementation has taken quite a long time and really is not as secure or as well organised as one would hope. They are not handling items like key revocation, for example, and the projects are not as robust as I might have expected.

I stumbled in to the APCAUCE meeting almost by accident, when one session finished and on the way to another. Interesting group with some interesting ideas – they miss Mr Harris. There is a very strong belief in some quarters that spam can only be controlled when there is strong legislation in place. Not that legislation can solve the problem, but that without legislation other methods won't have sufficient teeth.

The various sessions of APEET - the AP Enum Engineering Team – convinced me that it is very important that InternetNZ take a leading position in getting this done, and done right. There are obvious security problems with the whole SIP Internet Telephony thing, and we're going about part of it exactly the right way. Refer to the comments about CA – the tech issues are not all that big but the administrative and security issues are big, and need to be addressed from Day One. It is important to make sure everyone realises that ENUM isn't just an internet thing and definitely not just a telephony thing. There is lots of focus on the telephony applications which is only a part of the whole global directory concept. Over-emphasising the telephony aspect is going to create opposition from people we want to cooperate with.

The sessions presented by various regional CERTs were interesting. The Koreans were very pleased that they had managed to drop their international ranking as a source of attacks considerably. User education and vigorous follow-ups of problems, and an active CERT community have gone a long way to solving many of their problems. I am convinced that NZ needs some form of CERT or CERT-like community, but have some questions about how it could be achieved.

Peter did a good presentation for the Apricot bid. I think they want everyone to put in a couple of applications before they agree to one. The conference is a good thing - but perhaps too much of a good thing. I've been to conferences where there was nothing I wanted to hear. At this one there were endless competing streams that were interesting and useful (a rare combination), perhaps too many. We will be able to gauge the interest in an Auckland Apricot by the response to Perth.

Brendan Murray
Chair, Technical Committee

Recommendation: that the Technical Committee report be accepted.

Document Actions