Das Projekt Rheinland Backbone haben wir mit der Zielsetzung begonnen alle Freifunk Communities die möchten darüber ins Internet zu bringen. Damit gemäß rechtlicher Vorgaben und gerecht für alle Communities einheitlich umgesetzt werden kann möchten wir eine Reihe von Dokumenten herausgeben. Dort wird festgehalten für wen wir das tun mit welcher technischer Umsetzung das geschieht und wie die daraus entstehenden Pflichten wahrgenommen werden.
Im wesentlichen handelt es sich hier um eine Erweiterung des Pico Peering Agreement, eine Datenschutzerklärung und eine Erklärung der Sicherheitsrichtlinien der Bundesnetzagentur. Im Folgenden findet Ihr Stichpunkte die wir uns dazu überlegt haben aus denen die genannten Dokumente entstehen werden.
Die Stichpunkte sind in Englisch fomuliert um uns mit anderen Organisationen insbesondere beim Chaos Communication Congress in zwei Wochen drabüber austauschen zu können.
Heute haben wir bei der Vorstandssitzung die Punkte soweit für ok befunden und stellen sie hier der Community für Feedback vor. Nach dem Congress werden die Dokumente veröffentlicht, die auf Basis der bis dahin entwickelten Version entstanden sind.
Policy Documentation - Rheinland Backbone
This document collects our five different policy sets, concerning administrators and operation of the Rheinland Backbone, courtesy of Freifunk Rheinland e.V.
Rheinland Backbone is a transit network. Its purpose is the connection of any access network in the Freifunk Community to the public Internet. Connectivity of the clients is established over IPv4 and IPv6.
Communities are allocated with a single IPv6 subnet and an IPv4 address (at least 2) for each of their routers (e.g. supernodes). IPv6 connectivity will be native, end-to-end. Due to global IP address exhaustion, it is necessary for the community to assign clients with private IPv4 addresses and use NAT technique for routing into other networks. The Backbone Network does not apply any encryption on traffic routed to or from the internet.
Community: Community in relation to this document is defined as group of people who operate a seperate network infrastructure. In some cases this might by a group of people who share a common network infrastructure (meta communities).
Operator: A operator is each person who operates (does have root account) communities systems which are connected the the backbone infrastrucutre.
User: A user is considered a person who connects to infrastructure which is provided by a local Freifunk community.
- A Freifunk community is considered a group of people who accept and implement the pico peering agreement
- Each Freifunk community is given Backbone transit based on Rheinland Backbone Policy acceptance
Communities must delegate operation of the backbone connection to designated operators. This should be at least two people.
- Each connected community should mention this service and advertise for donations in a way that they deem appropriate
- No charge must ever be applied for the usage of this service
- The service is not intended to place or distribute any kind of advertisement
- The provided service connects to public networks. Every user must take care of his own encryption and security matters
- Data-protection is considered as important and the infrastructure more than fully complies with local data protection laws
- No one must use the network to harm the freedom of others
- No policy rule must be violated to satisfy the need of another rule
- IPv4 is considered a legacy protocol, but will be supported as transition mechanism for an undefined period of time
- Internal and external peerings are either IPv6 only or support both IPv4 and IPv6
- Net neutrality: every type of packet is treated equally in regard to priority, bandwidth and latency
- quality of service cannot be as network feature
- The Rheinland Backbone don’t support censorship or filtering of any kind and will act against requests to implement such things. - It will announce censorship and surveillance measures applied (e.g. out of legal reasons) when possible.
Service Level Agreement
- No formally formally defined support response times are provided
- Services are provided on best effort basis
- Community’s operators should cooperate for solving issues
Operations Level Agreement
- Abuse-notifications are accepted and distributed via a ticket system
- Operators should target to handle assigned abuse requests in a timeframe of 24h
- A contracted lawyer should be reachable at any time
- Abuse must be treated according to the abuse treatment policy
- All operators must act according to the administration policy
- Don’t spy on or collect user’s traffic without a technical reason
- Collected logs must be deleted after a finished troubleshooting session
- No user information gathered during a debug session should be disclosed at any time
- User traffic must only be manipulated to make connectivity possible
- Logging volume and scope should be as minimal as possible
- Captive portals must not be used to gateway network access
- Every delegated operator must take action against threats inside the community’s network if possible
Abuse Treatment Policy
- Requests by state authority should be handled by a lawyer
- Criminal prosecution with lawful enforcement will not be hindered by Rheinland Backbone
- Each abuse-case is handled seriously
- Each abuse-case is tried to be answered faithfully within 48 hours
- If possible we are going to take action against each occurrence
- The Rheinland Backbone is not able to provied any information about the end user
List of open Issues
Should there be a obligation for communities to announce changes? If, which changes?
Should there be a requirement for reachablility of community operators?
Should there by any cirteria for a decision if a community will get connected?
What should be the process of resolving conflicts? What are possible actions for violations/conflicts?