Dear SwiNOGers,
You may have heard of it (or maybe you joined it); a few weeks ago SwiNOG Org made a special SwiNOG event about lawful intercept. During that event I made an anonymous survey and I was really amazed by some of the results. I'll make it quick; 95% of the audience would like to see the creation of an ISP association (umbrella organisation) representing them towards different authorities and/or towards justice (like the DNS blocking case). During that event I promised the audience that I will personally initiate that process.
---
I have created a wiki that will allow the following points, needed for the foundation assembly, to be organised:
- Organisation of the location / infrastructure - Writing of the Statutes - Name proposals - Committee candidates
All points need to be fully completed in order to organise a consistent foundation assembly.
---
How do you proceed to help?
Worker:
1) Go to the wiki and create an account. http://www.ispnet.ch 2) Drop me an email with your company name and I will give your account access to the restricted area. 3) Fetch a coffee, red bull or whatever activates your brain and start to help.
Internal Lobbyist:
1) Go to your management, talk to them about our issues (new laws, lawful intercept, representation at BAKOM/OFCOM/ÜPF) and how an association could help (need more information? ask me!) 2) Let me know, per email, if you think your company will participate; so we can make a possible list of SMEs willing to be founding members.
---
Lets get to the work! I really expect to be able to have the founding assembly before mid of december. All this preparation work can be done within 2 weeks!
Really, again, lets get to the work!
Sincerely, Pascal Gloor President @ SwiNOG Organisation
Hey Pascal,
On Oct 28, 2010 5:24 AM, "Pascal Gloor" pascal.gloor@spale.com wrote:
Dear SwiNOGers,
You may have heard of it (or maybe you joined it); a few weeks ago SwiNOG Org made a special SwiNOG event about lawful intercept.
I'm sure you have good state on what type of laws there are in play in Switzerland (better than I am, for sure). I wanted to ask you if you had been in touch with other countries' task force teams? I was a member of the NBIP (the dutch foundation for ISPs who were legally bound to comply with interception regulations), and in fact the ISP I worked for directly (www.bit.nl) was a host of two of the physical interception machines because they were sort of in the middle of the country. A good guy to talk to is Pim van Stam and I can introduce you if you have the need.
Just FYI :)
groet, Pim
-- Pim van Pelt pim@ipng.nl
... the creation of an ISP association (umbrella organisation) representing them ...
Because I was asked by several hosting companies and ISPs, I'd like to make this point clear.
The idea of the umbrella assoc./union is to represent ANY company that is offering public internet services in Switzerland.
This includes, but is not limited to:
internet access vpn tunnel brokers web/mail/dns/whatever hosting housing social networks I would even say marketing companies that send mass mail (newsletters, not spam) and so on...
Hope this clarification helps.
Have a nice evening ;-) Pascal
Hi Pascal,
I'm not saying I'm against your below list - haven't thought about it enough yet - but an "ISP association" seems to imply ISPs - Internet Service Providers. Your list might be tending to an "Internet association" (it depends on what "so on" means I guess). It would be good to have an "ISP association" to stand up for ISPs.
An ISP to me means being obligated to register at BAKOM as a telecommunications provider ("Registrierung als gemeldete Fernmeldedienstanbieterin") *because* one is offering some sort of public Internet services. Such an obligation certainly covers a few points on your list. My 2cents worth...
Cheers JIm
On 28/10/2010 19:35, Pascal Gloor wrote:
... the creation of an ISP association (umbrella organisation) representing them ...
Because I was asked by several hosting companies and ISPs, I'd like to make this point clear.
The idea of the umbrella assoc./union is to represent ANY company that is offering public internet services in Switzerland.
This includes, but is not limited to:
internet access vpn tunnel brokers web/mail/dns/whatever hosting housing social networks I would even say marketing companies that send mass mail (newsletters, not spam) and so on...
Hope this clarification helps.
Have a nice evening ;-) Pascal
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
JIm Romaguera wrote:
Hi Pascal,
I'm not saying I'm against your below list - haven't thought about it enough yet - but an "ISP association" seems to imply ISPs - Internet Service Providers. Your list might be tending to an "Internet association" (it depends on what "so on" means I guess). It would be good to have an "ISP association" to stand up for ISPs.
An ISP to me means being obligated to register at BAKOM as a telecommunications provider ("Registrierung als gemeldete Fernmeldedienstanbieterin") *because* one is offering some sort of public Internet services.
AFAIK, the BAKOM obligation applies if you are providing internet _access_ services. "public Internet services" is a much wider definition.
Hi Jim,
I'm not saying I'm against your below list - haven't thought about it enough yet - but an "ISP association" seems to imply ISPs - Internet Service Providers. Your list might be tending to an "Internet association" (it depends on what "so on" means I guess). It would be good to have an "ISP association" to stand up for ISPs.
An ISP to me means being obligated to register at BAKOM as a telecommunications provider ("Registrierung als gemeldete Fernmeldedienstanbieterin") *because* one is offering some sort of public Internet services. Such an obligation certainly covers a few points on your list. My 2cents worth...
Indeed "and so on.." is open. My point was more to say its not restricted (as Per Jessen said) to _ACCESS_ providers. You say it should (maybe) be limited to BAKOM registered providers, don't forget that the new BÜPF law draft includes non-BAKOM registered _SERVICE_ providers (like mail hosting) and I think such an assoc. should also protect them.
Participate is the preparation process and you'll have your word to say. If you wish to be founding member, you will also be able to amend the Statutes and get a vote during the foundation assembly.
See you! Pascal
Hi Pascal & Jens,
If you expand my definition to include an obligation to register (or be registered whether you like it or not) by BAKOM, BUPF or any other government mnemonic *because* of your offering of public Internet services (which is a general term for access, service providers, etc) then I think you've got the membership defintion pretty tight.
But yes I agree - one should participate and then see what plays out in the process.
Cheers JIm
On 28/10/2010 21:51, Pascal Gloor wrote:
Hi Jim,
I'm not saying I'm against your below list - haven't thought about it enough yet - but an "ISP association" seems to imply ISPs - Internet Service Providers. Your list might be tending to an "Internet association" (it depends on what "so on" means I guess). It would be good to have an "ISP association" to stand up for ISPs.
An ISP to me means being obligated to register at BAKOM as a telecommunications provider ("Registrierung als gemeldete Fernmeldedienstanbieterin") *because* one is offering some sort of public Internet services. Such an obligation certainly covers a few points on your list. My 2cents worth...
Indeed "and so on.." is open. My point was more to say its not restricted (as Per Jessen said) to _ACCESS_ providers. You say it should (maybe) be limited to BAKOM registered providers, don't forget that the new BÜPF law draft includes non-BAKOM registered _SERVICE_ providers (like mail hosting) and I think such an assoc. should also protect them.
Participate is the preparation process and you'll have your word to say. If you wish to be founding member, you will also be able to amend the Statutes and get a vote during the foundation assembly.
See you! Pascal
Hi all
Why do you plan to build a new association if there are already so many associations in this industry?
ICTSwitzerland.ch for example is the head association of the ICT industry. Below it there are for example asut.ch, the "Swiss Telecommunications Association" and simsa.ch, the "Swiss Internet Industry Association". Both associations already are involved in the political process of BÜPF and have many members of our industry. Why not just build a new workgroup in one of these associations especially for BÜPF issues?
Just my opinion ;)
Kind regards Claudio Prezzi
COMsulting GmbH
Am 29.10.2010 um 12:08 schrieb Claudio Prezzi:
Hi all
Why do you plan to build a new association if there are already so many associations in this industry?
ICTSwitzerland.ch for example is the head association of the ICT industry. Below it there are for example asut.ch, the "Swiss Telecommunications Association" and simsa.ch, the "Swiss Internet Industry Association". Both associations already are involved in the political process of BÜPF and have many members of our industry. Why not just build a new workgroup in one of these associations especially for BÜPF issues?
Just my opinion ;)
Kind regards Claudio Prezzi
COMsulting GmbH
The IT or "Internet Industry" is not really the same as Internet Provider. People who provide services to internet users have different issues than people who provide the wires. A "YouTube" has to deal for example with copyright issues on a totally different level as they are more in a "responsible situation" while a internet provider just transports content but is not auditing or controlling the content and actually is not even allowed to look at what contents go over his wire. So as you can see in this example, the issues BÜPF would raise are totally different for those two example companies. That means an organisation built out of YouTubes, Google's, Facebooks etc would not be able to understand or at least care less on the issues of an underlying transport layer operator.
As far as ASUT goes, it represents all the big guys. Ttheir approach is also very different. While a Swisscom, Sunrise, Orange, Cable Com can afford 100'000 € boxes to filter traffic just for the fun of it, many small ISP's get killed by those costs. Small ISP's which might serve very specific nice markets and create jobs in specific areas are not being heard. Swinog is basically such an "organisation" where lots of ISP "geeks" are participating but its not organized enough as a legal entity to represent the ISP's.
So my recommendation would be to either build something new (Pascal's Idea) or make SwinOG a real organisation which represents the ISP's better.
Andreas Fink Backbone ehf DataCell ehf SMSRelay AG
[Andreas: please configure your mailer to do line breaks at ~76 or so as my screen still is not 1500 chars wide and a lot of mailers just extend the scrollbar to the right right right right right... especially when one replies, which makes it kind of annoying, just think line breaks make you look cool!]
On 2010-10-29 13:48, Andreas Fink wrote:
[..] internet provider just transports content but is not auditing or controlling the content and actually is not even allowed to look at what contents go over his wire.
Which is exactly what a certain ISPs SMTP setup is currently doing:
- It man-in-the-middles TCP connections on port 25. - It does/follows the full SMTP conversation. - It parses and scores the SMTP data portion. - It rejects the message if it does not like it.
Clearly that ISP has something wrong. The question is of course also what kind of logging they are doing and how many laws they are breaking...
I have still not received a proper snailmail notifation that my ISP is doing this (and possibly other nefarious) methods to the Internet connectivity that I pay for. Nor have I found a way to get this disabled, legally I don't even know that it exists... heck the only reason we do know it exists is because it broke already some people's email setups.
There is only a, hard to find unless one knows the google search query, page which states in part:
"This filter now also checks e-mail from free e-mail providers such as GMX, Google Mail and Hotmail if the e-mail is sent from a [..] connection."
Only those providers? Strange as it is port 25 the whole article is about, and that is where SMTP goes over, all those "free e-mail providers" (okay GMX maybe not) use HTTP as the primary transmission method. Or can we make the conclusion that port 80 is also being inspected by this "ISP"?
It also breaks semi-broken setups causing more problems for other ISPs: "As a result of the introduction of the new spam filter, e-mail that is sent with SMTP authentication via port 25 can no longer be sent."
So very nice of them.
To come back to the original discussion, obviously ISPs are looking at the content, especially when there is a lawful tap involved. The question is now, how this can be communicated to the customers as it is their right to know what is being done with their traffic for which they are paying.
The further question is, should an association like this have ground rules for their membership in which when one becomes a member that states amongst others:
- That the ISP is not doing content-inspection - That the ISP is not doing content modification (eg there are ISPs who attempted to change Google Ads with their own! Although I have not heard about this yet for Switzerland) - That they have a proper abuse contact and handling system.
Greets, Jeroen
/me pass on the debate of what is acceptable as content inspect to protect the innocent.
- That the ISP is not doing content modification (eg there are ISPs who attempted to change Google Ads with their own! Although I have not heard about this yet for Switzerland)
Why do you think google is pushing for opportunistic encryption on the broswer. http://en.wikipedia.org/wiki/Obfuscated_TCP http://www.imperialviolet.org/2010/01/26/sts.html
Thomas
On 2010-10-29 14:45, Thomas Mangin wrote:
/me pass on the debate of what is acceptable as content inspect to protect the innocent.
It is indeed a huge discussion, but the main point is that not providing transparency that it is happening, not notifying users of such a change and not providing an easy documented way to get it turned off is a really bad thing.
And as obviously people who enforce the law require a judge to sign off on doing a tap, which this is also in a way just not a full one, one has to question if this ISP is thus standing above the law.... next to of course wondering what else they are doing with your traffic & data.
- That the ISP is not doing content modification (eg there are ISPs who attempted to change Google Ads with their own! Although I have not heard about this yet for Switzerland)
Why do you think google is pushing for opportunistic encryption on the broswer. http://en.wikipedia.org/wiki/Obfuscated_TCP http://www.imperialviolet.org/2010/01/26/sts.html
I am fully aware why, that is why I mentioned the example ;)
Current partial solution: https://www.eff.org/https-everywhere
Greets, Jeroen
[snip of lots of lines]
The further question is, should an association like this have ground rules for their membership in which when one becomes a member that states amongst others:
- That the ISP is not doing content-inspection
- That the ISP is not doing content modification (eg there are ISPs who attempted to change Google Ads with their own! Although I have not heard about this yet for Switzerland)
- That they have a proper abuse contact and handling system.
Jeroen, what you describe belongs to Net Neutrality. I am fully in favour of Net Neutrality on every aspect of it and I would even expect such an association do run a Net Neutrality quality label for its members respecting it. But is this a reason to exclude the others? We could also say we need GreenIT, we do, really, so lets exclude those who do not follow GreenIT. We could also exclude those who announce more specific routes than they should, those with many customers having infected computers, and so on to an infinite list of issues.
I don't think such an association should exclude ISPs for such reasons (well, at the end, the general assembly decides). The association should, on the other side, push for existing standards and create the non-existing ones (like Net Neutrality). It could push standard on how the Internet service is defined, so customers can expect the same service under the same conditions from different ISPs. And more and more and more.
Cheers, Pascal
On 2010-10-29 23:34, Pascal Gloor wrote: [..]
Jeroen, what you describe belongs to Net Neutrality. I am fully in favour of Net Neutrality on every aspect of it and I would even expect such an association do run a Net Neutrality quality label for its members
respecting it. [..]
I don't think such an association should exclude ISPs for such reasons (well, at the end, the general assembly decides). The association should, on
the other
side, push for existing standards and create the non-existing ones
(like Net Neutrality).
It could push standard on how the Internet service is defined, so
customers can expect
the same service under the same conditions from different ISPs. And
more and more and more.
I agree, 'exclusion' should not be the case, but a single voice and statement is most very likely a good thing, thus if one is a member adhering to, for the association, important parts, can be useful.
You give a possible solution already: "labels" or generally "logos".
One of the things that this association could be giving out to its members are logos, and that can be a huge marketing advantage to its membership and something which could make a reason for an ISP to join the association, next to things like the lawful intercept model etc.
The association can then provide logos for instance for Net Neutrality and IPv6 Support which the member can put on their website and can also use to publish those logos in advertisements and other such material.
The association should be neutral, of course, and can thus provide a huge index of all the ISPs and what they offer, thus providing a way for consumers/enterprises to easily find the service they require, of course they will be influenced by the logos that a company has.
Another thing that then of course comes to mind, is something which at the moment lies a bit closer to my heart and will talk about at the next SwiNOG meeting: central abuse desk. The association can keep a list of confidential contacts which are the true troubleshooters in a network so that when a problem hits (read: botnet etc) there is a central Swiss location for reaching out to all the ISPs that are involved in this.
In similar vain, the association can serve as a consumer comment point about ISPs, along with the overview above, consumer comments could be accepted into the overview thus giving a good view of what consumers are thinking about and what their concerns are. This information can then be used by the contacts at those ISPs to improve/change what they are doing as the comments there will be different than the problems that might not pass through their helpdesks. Of course we can then discuss these comments in general on either a new association list of directly on this list.
Note the 'could' and 'should' etc, just ideas all of it, but there are lots of viable options this could take to make the association well known and respected around the country.
Greets, Jeroen
Hi Guys
not wanting to spoil the party here, but knowing the swiss association "biotope" quite well, it will definitely NOT be easy to make yourself even heard. some thinking points:
- there is ASUT: they are by far the biggest association of telco's and have a corresponding "weight" and voice in Berne. they can make things happen (and vice-versa: they can make things NOT happen). they will probably just laugh at a new association, consisting of mostly small providers, trying (or more: struggling) to get a voice in the big universe which is the politics in Berne
- ICT associations are struggling since years to make themselves heard in Berne. simply put, ICT is lacking of a lobby in Berne. I personally don't think "just another association" is going to change things here - the biggest associations tried to merge a bit more than one year ago and it went competely wrong - because of political interests and some other reasons.
- you WILL need manpower to run this business (association). FREE manpower. from my experience, people are always keen on FOUNDING an association, but when it comes to do some work, they magically disappear or appear to be soo busy. if you can't prove that you're worth being heard (by producing output), the "big ones" and the politicians will just not hear you. and they are the movers and shakers in Berne, always keep that in mind. I know it might not be fair and so on - but it's the reality.
IMHO, you'd better think about the following options before founding the association. you might want to try those options out before, if they prove to be wrong or not bring you to your target, you can always found the association later on.
- consider SWINOG - it IS a brand, so IMHO, you'd better transform SWINOG in such an ISP-single-point-of-contact association than founding a new one (marketing is key: all the people need to get to know you first, that costs effort and ressources) - talk to ASUT, nicely. if they let you group together a Fachgruppe or Arbeitgsruppe to work on said subject, that will lead to better results (politically-wise); papers produced in such a group have a much bigger chance to be heard IMO. - talk to other players / associations on this behalf, if ASUT is not of much help.
just my 2 cents. not wanting to offend anyone, neither trying to get this great idea out of your heads. just playing "advocatus diaboli" here. don't shoot me.
cheers Umbi
Am 29.10.2010 um 12:08 schrieb Claudio Prezzi:
Hi all
Why do you plan to build a new association if there are already so many associations in this industry?
ICTSwitzerland.ch for example is the head association of the ICT
industry.
Below it there are for example asut.ch, the "Swiss Telecommunications Association" and simsa.ch, the "Swiss Internet Industry Association".
Both
associations already are involved in the political process of BÜPF and
have
many members of our industry. Why not just build a new workgroup in one
of
these associations especially for BÜPF issues?
Just my opinion ;)
Kind regards Claudio Prezzi
COMsulting GmbH
The IT or "Internet Industry" is not really the same as Internet Provider. People who provide services to internet users have different issues than people who provide the wires. A "YouTube" has to deal for example with copyright issues on a totally different level as they are more in a "responsible situation" while a internet provider just transports content but is not auditing or controlling the content and actually is not even allowed to look at what contents go over his wire. So as you can see in this example, the issues BÜPF would raise are totally different for those two example companies. That means an organisation built out of YouTubes, Google's, Facebooks etc would not be able to understand or at least care less on the issues of an underlying transport layer operator.
As far as ASUT goes, it represents all the big guys. Ttheir approach is also very different. While a Swisscom, Sunrise, Orange, Cable Com can afford 100'000 € boxes to filter traffic just for the fun of it, many small ISP's get killed by those costs. Small ISP's which might serve very specific nice markets and create jobs in specific areas are not being heard. Swinog is basically such an "organisation" where lots of ISP "geeks" are participating but its not organized enough as a legal entity to represent the ISP's.
So my recommendation would be to either build something new (Pascal's Idea) or make SwinOG a real organisation which represents the ISP's better.
On 2010-10-31 15:45, privo@gmx.ch wrote:
- consider SWINOG - it IS a brand, so IMHO, you'd better transform SWINOG in such
an ISP-single-point-of-contact association than founding a new one
Maybe along the lines of:
SWINOG ISPA = the association, requires membership SWINOG = the community where everybody can join and comment
ISPA = Internet Service Provider Association
Similar in style to what the difference between RIPE/RIPE NCC is. One will have to clearly define the boundaries though in that case and as everybody most likely have mixed up RIPE != RIPE NCC.
Greets, Jeroen
SWINOG ISPA = the association, requires membership SWINOG = the community where everybody can join and comment
ISPA = Internet Service Provider Association
Similar in style to what the difference between RIPE/RIPE NCC is. One will have to clearly define the boundaries though in that case and as everybody most likely have mixed up RIPE != RIPE NCC.
You forgot SwiNOG Organisation Association that already exists. RIPE/RIPE NCC is already an issue, imagine 3 ;-)
Pascal
Hi all,
SWINOG ISPA = the association, requires membership SWINOG = the community where everybody can join and comment
ISPA = Internet Service Provider Association
Similar in style to what the difference between RIPE/RIPE NCC is.
Indeed, RIPE is the Community and it's open to all humans in the Region to discuss into the Working Groups and/or at the meetings. RIPE-NCC is the legal and financial entity, with a regular balance and budget. It is the real legal umbrella for the Community. As ISOC is for IETF. We had the same problem in NRO creation. We had to incorporate NRO into a legal entity (in Uruguay) to allow protection and contract signing with ICANN and the American DoC. So, maybe, we need the same in Switzerland. We've a lot of discussion associations, but not a real legal interface that can protect us against dangerous laws and can seat at various tables to make our voice heard.
Cheers/Manfredo
Si precisa che le informazioni contenute in questo messaggio sono riservate e ad uso esclusivo del destinatario. Qualora il presente messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo ed a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie.
You are hereby informed that this message contains confidential informations intended for the addressee's use only. If yu're not the addressee and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you.
Hi Umbi,
[reference] http://lists.swinog.ch/public/swinog/2010-October/004771.html [/reference]
I've got enough experience in politics to tell you that influence or 'being heard' is not about how big you are, but is definitely about the connections you have. If you have the right chairman you get stuff done, if you don't, you fail. As simple as that and almost independent on how big you are. ASUT on the other hand is a well established TELECOM association. Its Service Provider WG is small and includes almost only the big players. Small ISPs do not join ASUT because they feel useless there or fear they won't be heard.
SwiNOG, respectively SwiNOG Organisation Association is NOT the right entity for that. You would need to rewrite the whole statutes to make it an umbrella organization, change almost the whole board and so, at the end, change almost everything except the name.
Manpower, you're right about that, but without organization you're nowhere. Get a board organize this and you will have manpower. You can also force, by statutes, members (ISPs) to dedicate some manpower. (not talking about a lot of manpower, but if every member dedicates a few days a year, you will have manpower and work done).
just my 2 cents. not wanting to offend anyone, neither trying to get this great idea out of your heads.
You're not. Solutions come through discussions not otherwise.
just playing "advocatus diaboli" here. don't shoot me.
**hit** ;-P
Pascal
-
Andreas Fink -
Claudio Prezzi -
Jeroen Massar -
JIm Romaguera -
Manfredo Miserocchi -
Pascal Gloor -
Per Jessen -
Pim van Pelt -
privo@gmx.ch -
Thomas Mangin