NordVPN Promotion

Home / Blogs

ITU’s Wise WTSA DOA Decision

The venerable old International Telecommunication Union (ITU) tradition finished up yesterday. Indeed, very late yesterday. The 568 representatives from 92 National Administrations met in a Tunisian town on the Mediterranean to make some key decisions about intergovernmental standards meetings for the next four years—a body known as the WTSA (World Telecommunications Standardization Assembly). In the end, they avoided what could have been a dreadful mistake and emerged a better organization.

As one of the strangest episodes since these events began in 1924, the principal focus and most contentious development revolved around strident advocacy by three country blocs to pin the organization’s future on a technical platform that has been circulating around the industry for 20 years with almost no takers. Known as “the Digital Object Architecture (DOA)” or “the Handle System,” it is being proffered as the unitary global means to tag and query information about the provenance and location of every physical and virtual digital object connected to or available on every communication/ICT network in the world. The complete platform package—including the specifications, implementation software, products, and services—is presently being promoted and sold by a small new Swiss entity called the DONA Foundation established under law not known for its transparency. The disposition of the related intellectual property rights as well as the involvement of existing and former ITU officials have also given rise to concern.

The three blocs at WTSA consisted of the Russian Communications Commonwealth (RCC), the Arab States Administrations, and the African Telecommunication Union—whose members also hold partner positions in the DONA Foundation, including rights to sell the products and services. At US$50 per registration and US$50 per year maintenance per identifier, there is also a revenue incentive. Russia in particular has been the strongest supporter of the platform for the past eight years in multiple ITU bodies and its secretariats.

The three blocs of nations advanced a dozen different proposals for DOA/Handle mandates in six different WTSA resolutions dealing with cybersecurity, identification systems, e-health, detecting counterfeit devices, data privacy, and mobile theft. The proffered provisions were almost identical—essentially mandating the ITU and world collectively meet all these needs via the DONA Foundation’s products and services.

The transcripts show that over the eight days of WTSA, ten meeting sessions were held at which the proposals were discussed 150 times. Late last night—after it became clear that most of the rest of the world was not going to accept the proposals—they were dropped. The friendly but firm arguments made for that result by a broad array of nations consisted of both institutional wisdom and technical methodology. The ITU-T considers requirements and potential solutions. It does not behave anti-competitively and pre-ordain specific products and services of private foundations—especially for all digital objects for which there are already many existing solutions actually used by industry.

Although a good decision was made at the WTSA, the reality is that there are three related work items already underway in two ITU-T Study Groups relating to IoT. Over the next four years and beyond, hopefully, the collective wisdom of WTSA-16 on this matter prevails.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Anthony Rutkowski, Principal, Netmagic Associates LLC

The author is a leader in many international cybersecurity bodies developing global standards and legal norms over many years.

Visit Page

Filed Under

Comments

Sorting out issues Patrice Lyons  –  Nov 6, 2016 8:29 PM

With respect to the outcomes of the WTSA-2016 gathering, there was an implication in your blog that emerging technologies such as capabilities based on ITU-T Recommendation X.1255 were somehow blocked from further consideration at ITU.  This is simply not correct. What appeared contentious was the attempt by some to block consideration of the need for interoperability across information systems that move the discussion from location-specific identification of ports on machines to provision of identification and/or resolution services for digital entities going forward. This is an important issue that shouldn’t be neglected. 

    You raise again issues previously addressed in my reply to your earlier “snake oil” blog; however, for convenience, a few of the facts you still appear to ignore or misunderstand include:

1.  X.1255 is an ITU Recommendation approved in September 2013, and the DONA Foundation is a non-profit technical organization, founded in January 2014; they are quite separate.  There is no dependency for members of the public who wish to implement X.1255 that they obtain any patent, trademark or other rights or permissions from the DONA Foundation.

Perhaps your interpretation stems from the continuing relationship between various ITU-T study groups, in particular SG17, where work has been underway for a few years on developing systems operating under the trademarks OID and CYBEX. This was evident at WTSA-2016 (see Resolution 50, Draft Report of WTSA-2016, http://www.itu.int/en/ITU-T/wtsa16/Documents/WTSA16_Draft_Proceedings_E.pdf).

From the blog you appear to be arguing for only one system, or perhaps a limited set of existing systems, to be considered at ITU-T going forward? There are already many different information systems deployed in the Internet, and many others will surely be introduced in the coming years.

From even a cursory reading of X.1255, it should be evident that one basic purpose of the Recommendation is to provide for interoperability across not just existing information systems, but various emerging systems, services, resources and other entities represented in digital form.  Further discussions at ITU-T should not merely focus on interoperability of one or more pre-existing information systems like “telephone numbers, “OIDs,” or IP addresses. Interoperability across different systems was the original promise and hope engendered by the Internet.  Since the beginning of the Internet “logical extensions and follow-ons” to the original technologies deployed   were anticipated. Building on and compatible with existing Internet, technical implementations of the technology introduced in Recommendation X.1255 hold the promise of enabling interoperability of digital entities going forward. This is an important consideration where identification of digital entities that is not location specific may not be required, e.g., Software Defined Networking environments.

As Mr. Daniel Sepulvada of the U.S. State Department recently noted (for full blog, see https://blogs.state.gov/stories/2016/11/02/internet-things-challenges-and-opportunities):  “Another challenge is ensuring inter-operability across IoT devices and data, where appropriate. Technologists tell us that the IoT must retain the ability to respond to new technology, business opportunities, and social factors while at the same time maintaining this inter-operability.”

2.  In the context of X.1255, there is no charge for implementing the Recommendation. As indicated in my Comment #11 (October 31, 2016) to your earlier blog: “You appear to be confusing CNRI’s Handle.Net Registry (http://www.handle.net) with X.1255.  Again, there is no dependency for those implementing X.1255 on entering into licenses or other agreements with CNRI.  Please visit the CNRI site to understand better what has been implemented.”

Patrice Lyons

Answering a word salad Anthony Rutkowski  –  Nov 7, 2016 3:14 AM

ITU is an intergovernmental organization, and positions of the Russian and MEA blocs versus the U.S. and most of the remainder of the world on the marketing of DONA’s products and services are a matter of record. 

What was effectively agreed was that the ITU-T going forward will consider requirements and potential solutions. It will not behave anti-competitively and pre-ordain specific products and services of private foundations — especially for all digital objects for which there are already many existing solutions actually used by industry.  Hopefully going forward, DONA’s Russian and MEA partners will respect this consensus view and not try to use X.1255 or other rubrics to advance their marketing and sales via ITU bodies.

As to the tight bindings among DONA, X.1255, Digital Object Architecture, the Handle System, Handle Registries, Handle.NET, and the associated software and IPR, one can simply examine the DONA Foundation’s own minutes, the USPTO registrations, CNRI’s many related websites, the operational implementations, and the Russian Federation’s many ITU body proposals over the past eight years to garner ample evidence of the inextricable entwinements.

For clarification, OID is not a trademark, but rather an acronym used in arrays of specifications of ITU-T, ISO, the IETF, and other bodies.  The Object IDentifier (OID) framework for all digital objects and their interoperability was developed in the 1980s as a joint ITU-T and ISO initiative.  It has been very extensively implemented worldwide across all manner of networks and objects.  See, e.g., the OID Repository. CYBEX is an acronym for Cybersecurity Information Exchange - which is a suite of structured expressions identified in an ITU Recommendation.  It is unfathomable that it would be mentioned in this context.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

Threat Intelligence

Sponsored byWhoisXML API

NordVPN Promotion