1. National and non-state actors should not intentionally or substantially undermine the general availability or integrity of the public core of the Internet, namely the stability of cyberspace, or deliberately permit it ( should neither… nor…).
2. State and non-state actors must not continue, support or permit cyber activities intended to undermine the technological infrastructure essential to elections, referendums or referendums.
3 / National and non-state actors will do or permit such actions if there is a possibility that the stability of cyberspace will be significantly impaired by arbitrarily tampering with products and services in development and production. Should not… nor…).
4. National and non-state actors should not take the ICT resources of the general public for use as botnets or for similar purposes.
5. States should create a procedurally transparent framework for assessing the availability and timing of disclosure of unknown vulnerabilities and deficiencies known in information systems and technologies. Basically, disclosure should be selected.
6. Developers and producers of products and services that depend on cyberspace stability should 1) prioritize security and stability, and 2) ensure that the product or service is free of serious vulnerabilities. Measures should be taken, and 3) vulnerabilities found later should be mitigated in a timely manner, and transparent measures should be taken for those processes. All parties are obliged to share information about vulnerabilities to help prevent or mitigate malicious cyber activity.
7. States should enact appropriate legislation, including laws and regulations, to ensure basic cyber hygiene.
8. Non-state actors should not engage in aggressive cyber activities, and state actors should prevent such activities and respond if they do occur.