GFCE Internet Infrastructure Initiative (Triple-I)

The Global Forum on Cyber Expertise (GFCE) Internet Infrastructure Initiative was established to raise awareness on open Internet standards with the aim of accelerating their adoption and implementation and, ultimately, contribute to building a robust, transparent and resilient internet infrastructure.

The GFCE Triple-I seeks to build upon and complement existing know-how, enhancing justified trust in Internet connections and email exchanges through awareness raising on a number of state-of-the-art open internet security standards and instigating take up of those by building on good practice experiences.

This GFCE initiative is geared towards facilitating awareness raising and capacity building events in different regions globally in order to enhance justified trust in the use of Internet and/or email in those regions. The specific priorities are to be determined by stakeholders in the region. Local and regional actors are stimulated and supported in setting up and running local or regional events between regional stakeholders, bringing in local expertise when useful. The initiative builds on the experience of two years of events across 2018 and 2019.

Building a Robust, Open and Resilient Internet Infrastructure

The continued operation of the Internet relies on international agreements on the exchange of data between computers around the world. These international agreements are referred to as Internet standards protocols.

As the Internet has grown to facilitate more users and services globally, the technical infrastructure which underpins the modern internet has simultaneously had to develop to be adapted to new uses and safety requirements which were not originally envisaged by its creators.

Whilst many existing internet standards have been updated or made smarter and new standards have been created to ensure the internet remains reliable and resilient, older and outdated standards are still in use. This practice is not just limited to the average end user of the internet, but also applies equally to the business sector, Internet Service Providers and governmental bodies.

A robust, open and resilient Internet infrastructure is key to counter infringements and threats to the cyber domain. An up-to-date internet infrastructure diminishes the chances and impact of cyber attacks (for example, DDoS) and cybercrime attack vectors, including hacking, malware, phishing, botnets and SPAM. Moreover, a robust Internet leads to more confidence and justified trust, supporting increases in the use of the internet and as a consequence boosts innovative and economic activities.

Hence, a state-of-the-art Internet infrastructure is a prerequisite for sustainable economic growth and reaping social benefits of the Internet. The initiators believe that an open, safe and stable Internet requires continuous investment in the development of its infrastructure by public and private stakeholders.

The initiators provide a platform for the sharing of technological solutions, best practices, knowledge and expertise amongst stakeholders that seek to increase the justified trust of internet users in their region. Through offering and supporting regional events, priorities of specific interest for that region can be identified and pathways to further cooperation developed alongside stakeholders key for impactful implementation.

Currently Supported Standards

GFCE Triple-I promotes the use of the following internet standards:

IPv6: A major extension of the internet address range and enabler of security capabilities

DNSSEC: Security extensions for the internet domain name infrastructure

TLS, HTTPS, DANE and STARTTLS: Secured connections between internet users and services

RPKI, ROA: Prevents route hijacking and other routing attacks through use of a trust anchor

DKIM, SPF and DMARC: Anti-phishing and anti-spoofing measures

This is not an exhaustive list of standards. Given the continuously developing nature of the Internet changes, new standards can be added to this list when appropriate. Suggestions are welcomed and are likely to come up through discussions in the context of GFCE Triple-I workshops. Suggestions can also be made to the GFCE Secretariat.

Internet.nl

Following the experience in the Netherlands of the Dutch Internet Standards Platform in testing and monitoring compliance with international Internet standards, the GFCE Triple-I facilitators sought to highlight this as a best practice example that could be reproduced and applied in different regions.

Proper use of the latest versions of internet standards is a crucial element for a robust internet infrastructure. Since there is generally no lack of standards, the initiators want to stimulate, encourage and ensure stronger implementation using the existing portal and test tool (https://www.internet.nl/) as a key example in its outreach. This portal tests whether your internet connection, website and e-mail uses the most up-to-date and recognised Internet standards. It is also a good example of the establishment of a national multistakeholder collaboration to promote security-related internet standards.

Previous Workshops and Meetings 

  • GFCE Triple-I @AIS 2018 in Dakar, Senegal (report) (video)
  • GFCE Triple-I Workshop @InSIG 2018 in New Delhi, India (report)
  • GFCE Triple-I Workshop @RIPE NCC 2018 in Almaty, Kazakhstan (report)
  • GFCE Triple-I Workshop @AIS 2019 in Kampala, Uganda (report)
  • GFCE Triple-I Workshop @InSIG 2019 in Kolkata, India (report) (program)
  • GFCE Triple-I Workshop @APRICOT 2019 in Daejeon, South Korea (news) (report)
  • GFCE Triple-I Day @LACIGF 2019 (report EN) (report ES) (video)

Additional Materials

Way Forward

GFCE Triple-I has conducted a number of workshops during 2018 and 2019 bringing together people from government, technical community, user community, business and service providers. Many of these events have been held in the context or margins of other relevant conferences across regions, globally. A key conclusion from these events has been that more awareness raising and commitment to action is needed.

Over 2020, as the COVID-19 pandemic resulted in drastically reduced ability to travel many international events have shifted to virtual mode. At least for the time being, GFCE Triple-I events will follow this format. This approach has both advantages and disadvantages, though the intention is to capitalize on the opportunities for reaching a wider audience and mitigating issues such as diminished social interaction by making knowledge and expertise available and accessible online. 

The GFCE Secretariat can support virtual events by providing online facilities, as well as the usual administrative and logistical support for organizing events. In addition, the GFCE will continue to make existing knowledge and expertise available that it has gained and developed through this project. Outcome documents and project materials are made available on the GFCE website and Cybil.

The GFCE will also continue to leverage its network to update this information regularly and provide stakeholders with further tools for conducting activities and organizing their own events related to raising awareness and instigating take up of open Internet standards.

The ultimate aim is to bring current local practices up to state-of-the-art practice through multistakeholder collaboration.

Participation in this initiative is open to all relevant stakeholders. If you want to take action in your region, please read the GFCE Triple-I Handbook.

You can also contact the GFCE Secretariat for more information: contact@thegfce.org

Acknowledgements

GFCE Triple-I events have been supported by the global technical community. Many of these stakeholders have expressed continued willingness to work with the Global Forum on Cyber Expertise partners to help local Internet communities with organizing local workshops towards capacity building.

The GFCE would like to express its gratitude to the following parties who have and continue to contribute to this initiative:

AfriNIC, AfricaCERT, AFNOG, APRICOT, APNIC, ICANN, Internet Society (including several ISOC local & regional Chapters), Indian School for Internet Governance (INSIG), LACIGF, LACTLD, LACNIC, LACAAWG, nic.br & cgi.br, RIPE NCC, WACREN, the Indian Ministry of Electronics and IT (MeitY), the Netherlands Ministry of Economic Affairs and Climate, as well as the Federal Foreign Office of Germany.