AT-LARGE GATEWAY

At-Large Website

ALAC

RALOs

At-Large Regional Policy Engagement Program (ARPEP)

At-Large Governance

At-Large Reports

Policy Comments & Advice

Working Groups

ICANN Meetings

At-Large Summit (ATLAS III)

At-Large Review Implementation Plan Development

ALAC and RALO Elections, Selections, and Appointments

At-Large FY25 Strategic Priority Activities

Versions Compared

Old Version 12

changes.mady.by.user Andrew Chen

Saved on

compared with

New Version 13

changes.mady.by.user Andrew Chen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Joint Session: ALAC & SSAC

High-Level Notes

Action Items 

  •  Type your task here, using "@" to assign to a user and "//" to select a due date
  • There are evergreen topics that both groups are interesting in discussing. Both Advisory Committees appreciate the commitment to safety and security and the continued collaborative spirit.
  • Jonathan Zuck provided an overview of the first draft of the safer cyber campaign course
    • A lot of course focuses on phishing since that is what many end users deal with
  • How will ALAC get people to see this presentation?
    • Could be delivered as a seminar for audiences. Would take a UA day model approach to delivering this content to end users
    • Could also be added to the ICANN learn platform. Could also be added to other media platforms.
    • Current focus is on ALAC stakeholders. Once there’s more success to it, it could spread further
  • Safer Cyber is of importance to users around the world. SSAC can provide information about cyber security and packaged by ALAC

SAC074

  • Intent is to take technical material and making it more digestible for a non-technical audience
  • This is an advisory on credential management
  • SAC040 and SAC044 also provided advice on credential management and end user protections
  • There are multiple ways credentials can be compromised
  • Overall, SAC074 provides best practice guidelines to registries, registrars, and registrants on protecting personal credentials
  • OCTO Technical Engagement provided an overview of its remit
    • OCTO has a course on credential management
  • Inside SSAC, there is some level of consensus and interest that group expects to stay engaged in
    • Security, Stability and Resilience (SSR) in new gTLD’s
    • DNS protocol issues
    • DNS abuse
    • Alternative name spaces
    • SSR aspects of internet governance
  • The community can request training by OCTO by emailing OCTO

NCAP

  • Overview was provided about what Name Collisions are and it’s importance. Introduction of new TLDs increases likelihood of collisions
  • There have been evolutions in DNS protocols and other technologies, root server data is no long the only and most efficient way for assessing the risk of name collision
  • There is a lack of consistency as there’s no centralized location to assess risk with data needed
  • NCAP 2 recommends an assessment framework with 4 key features
    • Integrated risk assessment
    • Technical Review Team (TRT)
    • Enhanced Data Collection
    • Multiple Assessment Methods
  • Name Collision process is roughly 4 stages
    • Applicant identifies potential issues using publicly existing data
    • TRT reviews available data
    • ICANN temporarily delegates string into root
    • TRT submits recommendations the Board for Board to decide whether application should move forward
  • Controlled interruptions worked in 2012 round but may not be the most efficient way to assess the risk of name collisions in the next round
    • Controlled interruptions does not work with IPv6
    • Root Servers and Resolver Operators are seeing less data now compared to 2012 due to technological and regulatory changes
  • There are concerns regarding privacy in data collection
  • TRT is essential to dealing name collisions going forward. It would be a highly technical and highly skilled activity. There’s no generalized solution to name collisions 
  • Idea is to have test conducted before delegation but after the TLD has been awarded
    • Personal Identification Information is going to be an issue regardless of where the test is conducted
  • SSAC has been having discussions with Board Committees and understands that it is up to the board to decide on a way forward
  • The ALAC has been discussing auctions with GAC and Org. One recommendation is to have auction be part of application process. It would help mitigate issue of data manipulation is contention info collected at the start of application processing.
    • If list of applicant TLDs published, it could be gamed ahead of time.
    • No statement on when analysis should be done was intentional.
    • Challenge with auctions is that there are already approved recommendations about auctions of last resort. The two issues are separate and should not be conflated.  
  • There are no recommendations from the SubPro Final Report on what method is to be used. Controlled Interruption will continue to be used until Board adopts a new method.
  • There will continue to be concerns regarding privacy and timing

Action Items 

  •  No action items recorded. 


Wednesday, 12 June 2024

Joint Session: ALAC & GAC

...