Daniel Karrenberg

“Disclosure: I am one of the founders of RIPE and both the first and a current employee of the RIPE NCC. I have also been an IETF participant, working group chair and chair of the Internet Society board of trustees and as such have played a role in IETF governance. Dan, No, the IETF is not perfect and neither is the RIPE community. We all carry the history of actions and prejudices of our individual and collective past into our current structures and attitudes. This is no different elsewhere. As an exercise I advise any representative democracy and their rites, unwritten laws and sometimes obscure networks. Whenever I wish to engage a new group I have to do my homework like you started to do. Nowhere have I succeeded in demanding to re-visit previous beliefs and decisions without knowing them and basing my proposals for a big part on the previous work and traditions of the group I am engaging. Neither have I had much success with challenging the attitudes and customs of the group I wish to engage. "As a new attendee, I argued both that I was not part of or aware of previous discussions (which is reason in itself to reassess the previous consensus), and also that the imminent adoption of online safety regulation in the UK and EU is a strong reason to revisit these discussions." will get you nowhere, neither here nor at the IETF and for a reason. Best Daniel”

A friend has pointed out to me that "Neither have I had much success with challenging the attitudes and customs of the group I wish to engage." was a little to terse. What I meant to say is better expressed like this: Neither have I had much success with starting a new engagement by loudly challenging the attitudes and customs of the group I wish to engage without first making it very very clear that I understand and respect the traditions and beliefs of that group. Of course it is OK to express disagreement, but not without showing appropriate respect for said traditions and beliefs. Again, just friendly suggestions.

“I was at the same side meeting and had a different impression. My article in French: https://www.bortzmeyer.org/filtrage-vie-privee.html”

Spot on! With French style. Cordialment Daniel

Disclosure: I am one of the founders of RIPE and both the first and a current employee of the RIPE NCC. I have also been an IETF participant, working group chair and chair of the Internet Society board of trustees and as such have played a role in IETF governance. Dan, No, the IETF is not perfect and neither is the RIPE community. We all carry the history of actions and prejudices of our individual and collective past into our current structures and attitudes. This is no different elsewhere. As an exercise I advise any representative democracy and their rites, unwritten laws and sometimes obscure networks. Whenever I wish to engage a new group I have to do my homework like you started to do. Nowhere have I succeeded in demanding to re-visit previous beliefs and decisions without knowing them and basing my proposals for a big part on the previous work and traditions of the group I am engaging. Neither have I had much success with challenging the attitudes and customs of the group I wish to engage. "As a new attendee, I argued both that I was not part of or aware of previous discussions (which is reason in itself to reassess the previous consensus), and also that the imminent adoption of online safety regulation in the UK and EU is a strong reason to revisit these discussions." will get you nowhere, neither here nor at the IETF and for a reason. Best Daniel

As a community we know quite well what RIPE is about. People are here for a reason. I am not convinced that we need another meta discussion. Talking about principles we should remind ourselves of those we have had from the very beginning of RIPE: the "RIPE Terms of Reference" https://www.ripe.net/publications/docs/ripe-001. For a document written in 1989 this co-author believes that it holds up pretty well. Even the essence of "a globally interoperable, unfragmented Internet" is there, worded more than 30 years ago as: "RIPE promotes and coordinates interconnection of IP networks within Europe and to other continents." Personally I am happy with these principles even after more than 30 years. They guide us well. Maybe we just need to remind ourselves of these principles from time to time and interpret them in the current context. Should we agree that we need to work on revising our principles, we should start from ripe-001 and word them as much as possible in terms of what we actually *do* .

Deliberate change requires setting goals, working towards them and checking progress. So what diversity goals should we set ourselves. In gender diversity the popular/simplistic goal has been to reflect world population: classical 50/50 or contemporary with more categories. Shane also voices this in the podcast. But is this the right benchmark? Shouldn't we set goals based on the diversity of groups that are closer to our community? I have seen some organisations setting diversity goals based on current ratios: "We will double the percentage of female graduates in five years time." Others base their goals on statistics of a larger population they serve: "We will have double the percentage of female graduates compared with the average of similar programs in Europe." I strongly believe we should set ourselves realistic goals. I also believe that diversity has other parameters than gender and that our efforts on gender diversity should not lead to a loss of other diversity we have already achieved.

Thank you Alexander for the detailed information. Maybe it would be a good idea to develop some recommendations for ISPs outside Russia on how to deal with these developments. Do you think RIPE could and should help to do this?

It is good to hear that the RIRs as institutions organise support for AFRINIC as a fellow institution. My personal thoughts are first and foremost with the AFRINIC staff; they need to pay the bills and sustain their families. I understand that so far AFRINIC has been able to pay salaries. As a community we should stand ready to help the *people* of AFRINIC if that should become necessary. I am aware of a fundraising campaign (https://www.tespok.co.ke/?page_id=14001) and I have personally contributed a small amount. Some AFRICAN friends from the early days suggested that we visibly do something similar as a sister community *if it should become necessary*. Our African friends should know that we stand ready do so if necessary!

Very nice article considering that you have to say 'Do not call us!'. ;-) When using IP addresses to identify the source of abuse it is important to keep in mind the possibility of the source address being 'spoofed'. Especially in denial of service attacks what appears to be the address of the source may in fact be the address of the victim. Designers and implementers of automated processes that use IP addresses should take great care about the semantics of IP addresses too. As an author of RFC1918 I regularly get e-mails from automated tools asking me to stop hacking or attacking someone. The only positive development here is that I have not had a query from an LEA about private IP addresses in the past two years or so.