Clarification of Terminology / Definitions

[michaelaA19]

[Nick Merrill] Consider the end user: if the point is that the distinction between consolidation and centralisation makes it obvious we need to think about the end user, then what is the end goal, what are your recommendations for IRTF?

Response: We could consider/isolate the relevant RFCs and recommendations included therein (e.g HRPC guidelines - RFC 9260), RFC 8890, RFC 8280, and from there identify whether there are any gaps in addressing aspects of centralisation and consolidation from a protocol perspective.

[michaelaA19]

[Nick Merrill] There is a point that standards inform policy and vice versa: need to make this point clearer

[michaelaA19]

[Nick Merrill] Human rights angle has been worked on and could be used/developed further in the draft

Response: Yes, identifying/isolating relevant recommendations from the HRPC guidelines/RFC 9260 would be part of any suggested guidelines, recommendations or questions we’d suggest

[michaelaA19]

[Tobias Fiebeg] With regards to fragmentation, is this an emergent effect of traditional policy making interfering with the original bottom-up- border-and-government-less-self-governance of the Internet?

Response: There are intersections - the most simple/basic one is that the if protocols/standards serve or augment the resource power of certain actors, then this results in consolidation/centralisation, which can further fragmentation by 1) driving policies that seek to address consolidation but which inadvertently lead to fragmentation - e.g data localisation, sender pays 2) creating control points or central points of failure.

[michaelaA19]

[Mark Nottingham] Don't think you do enough to define a crisp line between 'consolidation' and 'centralization' -- early versions of my draft attempted to do so, but I gave up :) Part of the issue here is that 'the design of standards or protocols' often only has at most a minor effect on centralisation -- it's easy to fall into the trap of believing that the protocols dictate all behaviour on the Internet, when in fact they are only a basis. Because they are (usually) generative, they do not constrain so much as enable, a centralization/consolidation happens within that enablement. It might be good to be more distinctive about the effects of those forces. While there are some effects on the Internet, most are seen in the applications built on top of the Internet (and Web).

Response: we aim to do this by assessing how current RFCs focused on the end user address the issues of centralisation and consolidation and then trace any missing elements in relation to the threat of creating choke points and single points of failure. For example, we could have questions relating to whether the protocol would promote decentralisation or not, whether it promotes interoperability or not - that add to/advance the questions in RFC 9260

[michaelaA19]

[Arnaud Taddei] Consider bringing a report of a previous workshop (on fragmentation and human rights in the EU to this community?

[michaelaA19]

[Rahul Gupta] Have we considered the effect of the larger computer market on centralization that happens on the internet?

Response: We could make reference to the point that the general concern with having single points of failure relate to hardware too and that research into how the different layers of the internet and software/applications and hardware relate to each other in relation to the issue of single points of failure is an area that could be beneficial for future research (for example in elucidating the kinds of harms that could arise from the exacerbation of single points of failure from protocol development and implementation)