OVH, Telecity, Hezner, Bahnhof, Tele2 etc;etc;etc;etc;etc; are all valid suppliers without the need to buy from hyperscalers.
I think what tends to work though is the idea that someone in redmond can't arbitrarily decide to shut you down as an individual or exert pressure. So it goes in order of importance:
A) Can we buy the software and use it in perpetuity
B) If we can't buy the software in perpetuity, do we at least control who has access to the software and our data
C) If we can't control who has access to the data then can we at least ensure we always have access to it?
D) If we can't ensure we have access to our own data then what are we even doing here?
Depending on where you fall on this line (which is a decision each government must make) you'll have to claw back something because right now we're all on D.
If you want to change pace, ask your dns sw provider to turn on local root by default.
(One of the things being defined is how to get a root zone trustably out of band using the new ZONEMD checksum)
A bigger question might be why there are no ICANN HSM outside the USA to generate root zone signings. ICANN has offices in Geneva and Singapore, it would not be hard to find secure DC locations for the signing ceremonies.
Those offerings are garbage for anyone outside the US.
Everyone banned Huawei products despite the ability to pass laws saying Huawei must respect data sovereignty. They didn't ban US firms, because unlike China the USA was championing the rule of law at the time. Data sovereignty only works if the USA respects the laws of other countries, even though, just like China, they could coerce / bribe citizens and firms to bypass them. Such activity would be largely undetectable. Who is going to know if someone peeked at a secret document stored in Azure? There was a huge amount of trust involved in the arrangement.
The USA has now denounced the rule of law, is withdrawing the the institutions set up to champion it, and has shut down the ICCC's access to some services. The trust has gone.
This is all well within the realm of what governments can and do regulate. Want to do business in a country with their laws or not is the choice.
The EU (nay, perhaps every country) should be prepared to deal with Microsoft or AWS completely cutting them off from access to all their systems - what would be the cost and impact?
We are rapidly heading to not one Internet, but country-specific internets that may or may not bridge to other ones in some cases.
Realistically a US executive could be legally required to give an EU engineer a command that they legally couldn’t follow. At that point I guess we find out if the engineers’ national or corporate identities are dominant. I suspect the former in most cases, but who knows?
Google, AWS & Microsoft all nullroute the countries of Cuba, Iran and North Korea. Google also nullroutes Crimea.
So by using a cloud provider, you are participating in the embargo of Cuba.
Can we have fully decentralized mesh networking yet?
I love how some hyper-sci-fi settings have the concept of a "datasphere" (analogous to atmosphere): an actual physical cloud of ubiquitous nanorobots that provide connectivity, storage and computation.
Wouldn't that also be ideal for AI too the way it's shaping up to be? Any device anywhere would just need to connect to a signal "neuron" of the global brain (possibly becoming a neuron itself) and it should theoretically be able to fetch anything.