IGF 2025 - Day 1 - Workshop Room 2 - WS #96 L & A Empower the Global Internet Standards Testing Community

The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.

***

 

>> WOUT DE NATRIS: Good morning. I'm glad the community made the decision that the software behind it would be open source and available for anyone to use. Also with the testing environment that was created that more and more people started to use. Some organisations decided to use the existing tool kit of the organizations built their own and more or less with the same goal, testing how secure their and their country's Internet environments are. Contact remains between the interested parties. People aspired to chase it.

After a few months in preparations, the representatives from different countries and organizations met for the first time. They decided that there's merit in creating a cooperative body in which they can work together, share experience, and agree on and develop next steps. It is a strong form. It is easier to raise the Internet standards. By creating a community, the profile of the work and its outcomes is raised considerably.

Additionally, all involved with learnings from each other experiences, from the outcomes, and how they can be used, from challenges and how they are and were overwhelmed, from arguments used to convince superiors to partnerships making cooperation possible, et, et cetera. This may go for more experienced organizations as much as those in the interest. Other forms of added value melee in cooperation in the future and perhaps coordination on future steps. Formulations appear to the more normalization. Why should I go or you join the community, you ask.

For starters, this provides you and your organisation the inside of how secure and insecure organisations in your country are and allows you for knowledge and insightful responses and policymaking. Let the introduction stop here and introduce the people around me. I'm here with Wouter Kobes, Annemieke Toersen, Daishi Kondo, and Gilberto Zorello.

Please explain.

>> WOUTER KOBES:  I will shortly explain to what the sound is working. Yes, it is? There's concrete steps and how to improve them. If you look through the Norwegian government, they perform better. This is the digital gateway. This is only very minor improvements, still recommended by us.

Basically, everyone can test their own domain names right now if you go to Internet now. For the organizations, it is required to scan a lot of the domain names and on a regular basis.

For this we have dashboards available. This allows for the creation of the reports, scheduled scanning, during the overtime, and basically in total, the Dutch version we see over five million scans nearly from the individual test and the dashboard testing happening right now. As was mentioned, this source code is open source available.

Throughout the years, it has been picked up by other countries. These are a few examples of the use of Internet around the world in Brazil, Denmark, and we see new instances starting in Germany, France, et cetera. Also the project is used in various measuring projects in Portugal, European commission, in which they do not present the web site themselves, but they use it to generate reports for their research.

Over the years, many of these international people have worked with Internet now and worked with the project and gave us feedback. This is also why we're trying to create the community, to make the code base more widely known and also, yeah, also get something good for the community to make the better even better. That's in real short the introduction on the Internet.

>> WOUT DE NATRIS: Thank you very much, Wouter. If you go to the Internet, you can type in the name of your own organization and immediately see how secure or insecure your organisation is. Also you get the add vier on the steps to take to make yourself more secure. It is something you can do here or later at home and show the people responsible for the ICT. Let me go to the next speaker. Alena is going to tell you about how important Internet standards are and why we're having the discussion and why we support the Internet initiatives.

Alena, the floor is yours.

>> ALENA MURAVSKA:  Thank you, Wout. Colleagues here in the room and also colleagues online, I'm grateful for the opportunity to be part of the important launching event. It is an important milestone for the global, technical Internet standard testing community. I'm Alena Muravska. We are responsible for the register of the IP address and system numbers. Why I'm mentioning this. We have a two‑core principles of the Internet.

The register is one of them. Registration ensures the global resources is traceable. The second principle of the Internet is the protocol standardisation. It is a development and adoption of open standards that define how the devices communicate over the Internet. Together, registration and standardization have enabled the Internet to function as a global and permission in the platform for innovation. Internet standards are agreed upon technical specifications that underpin the infrastructure of the Internet. Many of you are familiar with all of this. My explanation is more effort to the people who are less technical in the room. So the Internet open standards are the building blocks that enable interoperability, operability and consistency across the thousands of networks. Open starters also enable Internet security and resilience.

At same time, they support innovation and grow, because they allow people and organisations to create new services that make them available worldwide without needing permission. Open Internet standards are publicly available and deploying through the process that our transparent and open to broad participation and organisations as Internet engineer and task force, many of you are familiar and they play an essential role in the process. Another policymakers are placing the growing emphasis. They recognise their critical importance for the economic development and national security in this changing world.

While the government plays a key role in promoting and supporting the standards, their efforts must compliment, not replace the open and collaborative process that ensured that the Internet remains innovative and accessible for the past few decades. So, we have seen various approaches when it comes to implementation in the Internet standards. Implementation is also a key to success.

Successful examples include governments that have developed, for example, national IP road maps in closed corporation with the technical community, ensuring this road maps are grown in the technical reality in their countries. On the other hand, more politically driven road maps are success for technical experts often failed to meet the expectations. I would like to mention a good example of successful governmental approach. It is the policy implemented by the forum. They develop, apply, or explain the approach that made the governmental entities and public institutions.

In this case, monitoring the metrics and closed collaboration in the community there are the key factors to success. We've also seen that your approach to Internet standards have gradually evolved over the years. Since 2019, already six years ago, the European commission has launched a series of initiatives to strengthen the role of the European Union in standardisation processes and promote its vision for the Internet.

As we all know, the deployment of key Internet standards in the spotlight even more. The implementing the regulation adopted in 2024 requires operators to take appropriate technical and organisational measures, including the adoption of transition plans to modern network. Think about the IPv6 here. The best practice for Internet route and security and measures for DNS in the security.

This requirement is framed in technology neutral and flexible manner. Yet, they reflect the growing intergovernmental interest in driving the deployment of the standards. So the last activity that we've seen in the area is the European commission's established multistakeholder forum on the deploy of Internet standards, supported by the national authorities. The forum aims to defy the best practices, standards, and deployment techniques in the four areas that are network layer, protocols, e‑mail security, DNS security, and router security. This decision is welcome as well as leadership and leadership stays in the technical community.

Why all the story? Because we believe that the testing community could play a key role in monitoring and deployment of adoption of the standards. Testing ensures that standards are not only implemented, but correctly and consistently deployed. It helps to force the interoperability and raises the overall quality of the infrastructure.

There are excellent examples in the process. They have public and private institutions access the compliance and this established Internet standards. They mentioned that as well. The organisational level, test and contribute to more efficient processes and helps integrate security improvements into daily work flows.

On the broader scale, also testing the cooperation and collaborative learning and it creates mechanisms for standards and aligning the efforts of public administers, service providers, and the technical community. Thank you.

>> WOUT DE NATRIS: Thank you, Alena. I think that you showed from the technical community side how important it is to start deploying these standards and also that it is going to become more or less mandatory within the European Union within a year or two.

The next speaker that is coming from Brazil is online. Gilberto Zorello, answer the question how can you join and benefit from the Internet standard testing community as the provision? What are your experiences in the past with running Internet in the Brazilian way?

>> GILBERTO ZORELLO: Good morning. We haven't got very good experience with the Internet here in Brazil. I bring you a short presentation about our experience.

I would like to thank the IGF for the experience. This is our experience with the Internet in Brazil. I'm a program manager from NIC.br that implements the decisions and projects designed by Brazilian Internet Steering Committee, which is responsible for the integration of the Internet services in the country.

Here there's the systems that development management at NIC.br. We have better experience with the Internet now. We called the talk here in Brazil TOP. Test of the standards. It is part of the bigger program that we have the safer Internet program, which aims to help the Internet leaders and providers to reduce security incidents, causing the vulnerabilities and configurations. We are interested in the Internet. It is very important. We aligned with the safer Internet program.

TOP has web interface in Portuguese. That's very important in Brazil. People here don't speak any English. We needed the web interface in Portuguese. The operations start in December 31st. We are currently running the version 1.7 and testing 1.9 and we intend to release the dashboard too.

The project and initiative is by NIC.br. It is disseminated in different counties across the country to lecture and the technical and ISPS association. They have the technical training on the specific topics recommended. They have all of the service. NIC.br with RPKI and IPv6. They have the holdings with the Internet service providers to provide guidance on how to implement the best security practice in the networks and how to choose the testing tube.

We have the audio activities planned to promote the dissemination of good operational practice of NIC.br created and the best operation practice that can get the award. Which rewards the inclusions that implement and continues the improvement in their networks. This year, the competition, the companies that offer the web site for the top circle recommendations that will be awarded.

More of the adoption for the communication technologies in Brazil. It conducts the ICT enterprise survey that measures the adoption of the ICT of the small, medium, and large enterprises. The surveys every two years. Next survey, we'll check the redness for the best security practices for the web sites of these companies close to the top. Okay. That's my presentation. I'm ready for any questions.

>> WOUT DE NATRIS: Thank you. We chose that. It really works in Brazil. Thank you for showing us. We're going to move to the other side of the world. Going to Japan. We have Daishi Kondo. What is your experience with the e‑mail security research and how do you expect to benefit from the international cooperation in the Internet of the international community?

>> DAISHI KONDO: Hello. Good morning, I should say. From Tokyo. The task is about security and two weeks ago I presented the e‑mail security. From my experience in my research, there are security in France. For example, the initiatives such as explaining which has contributed to the high adoption rate of the UN security measures. On the other hand, Japan lacks the policy and counterpart.

In order to promote, the international cooperation is to understand the nature of the differences through the collaboration. Thank you very much.

>> WOUT DE NATRIS: Thank you, Daishi. What it shows is that we already have a lot of people from around the world joining the community and that we are going to ask more people to join. First of all, I want to ask Doreen, if we have any communities online.

>> DOREEN:  He asked will the journey support the use at Internet build now for cryptography usage.

>> WOUT DE NATRIS: I can say the commission of the IGF will Friday morning at 9:00 in Room 1. Where the community is concerned, I can imagine that this is an issue that will come up in the near future as one of the potential testing points. It is being considered already or something that is future, Wouter?

>> WOUTER KOBES:  Most definitely something that will be added to the Internet. And testing suites in due time. You want to make sure the ciphers used, but it is something to be added in the future.

>> WOUT DE NATRIS: I can imagine it will. But the time it is harder to set in the moment. We need the standards to be in place and accepted in the broad way. I've got time for one question before we go to the initial launch. Is there a question in the room? Then we have a microphone that will go around. Please put up your hand. We can have one question.

>> WOUT DE NATRIS: Yes, the gentleman here.

>> AUDIENCE:  Can you hear me? I can't hear myself. I'm on the vice governmental committee in ICANN. I want to know if there's a way to cooperate with certain governments who are interested in implementing not only DNS but cryptography. Sorry. Too early in the morning. I need more coffee. And some other standards. My question is would there be any kind of task force for group or somebody that we can contact specifically that might be interested in implementing the standards? Some way forward.

>> WOUT DE NATRIS: I'll take it first. Then I'll give it to Wouter.

I think the idea behind the community that we're launching in the moment is everybody with an interest in ‑‑ again because the idea behind the community with testing in the standards can participate. That could be from a governmental angle, research angle, technical community and also advices the members. All different sort of parties can join and have already joined. If you would like to promote this in the GAC, we would be more welcome to do that. There's a set of standards in the moment that's in the program. But the idea is to develop the program further in the future. That's something that we hope to be able to coordination between all of the different parties. We can set the next steps together. That's the idea behind starting the international community. Let's talk a little bit after the session and we can see how we can promote this further. Would you like to add, Wouter?

>> WOUTER KOBES:  I think the standards are not to just show you, but a means to implement the standards that are not yet supported. That's the goal of the program. We should get in touch.

>> WOUT DE NATRIS: Thank you for the question. We only have half an hour. I'm seeing people waving there, so we stop in time. I want to thank you for coming and showing your interest in the launch of the international community. You heard what it is, what it does, and why deployment of the Internet standards is crucial. You've heard the experience of the people already working with the Netherlands, Brazil, and Japan. We could have staged some others. We have 30 minutes.

Now, it is time to officially launch the international community in which we're going to cooperate to make everyone understand why not deploying the security Internet standards and ICT best practices for that matter should no longer be an option for anyone manufacturing the devices and offering digital services, et cetera. Just like it should no longer be an option secure by the design as an organization.

I can't think of a bigger driver towards deployment than economic buying power personally. If you have the legislation, if your customer doesn't want you anymore, because you are not delivering, then you are out of business. To get there, to become more aware of the current situation and feel the pressure shown by the testing tool. Okay to join our community. In a moment, they will show you and you can sign up on the forum. You'll receive information for the future meeting probably in October.

I would say, Wouter, let's launch the global Internet standards testing community, DISTC, not before I welcome to the bilateral meeting and you can ask questions, if you like. It is on Thursday morning at 10:30 in the Buschouter Room in the hotel. Wouter, launch out.

>> >> WOUTER KOBES:  I'm not seeing the slides. We have cake to celebrate the launch.

>> WOUT DE NATRIS: Here's the slide. Let's go.

>> WOUTER KOBES:  So we're launching.

>> WOUT DE NATRIS: We're launching. Thank you very much for joining.

Thank you very much for joining. Thank you presenters, Wouter, Alena, Daishi, thank you for the online moderation, Peter for reporting, and for the scribes and the technical people for really perfect preparation that we've had with you. Thank you very much.