You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Attendees: 

Members: 

Participants: Guru Acharya; Wale Bakare; Martin Boyle; Keith Davidson; Stephanie Duchesneau; Amr Elsadr; Lars-Erik Forsberg; Chuck Gomes; Alan Greenberg; Geetha Hariharan; Gary Hunt; Malcolm Hutty; Manal Ismail; Boyoung Kim; Stacey King; Wolf-Ulrich Knoben; Pitinan Kooarmornpatana; Brenden Kuerbis; Allan MacGillivray; Camino Manjon-Sierra; Antonio Medina Gómez; Desiree Miloshevic; Sivasubramanian Muthusamy; Minjung Park; Kurt Pritz; Jorg Schweiger; Claudia Selli; Matthew Shears; Maarten Simon; Mary Uduma; Peter Van Roste; Suzanne Woolf.

StaffGrace Abuhamad; Bart Boswinkel; Berry Cobb; Marika Konings; Jim Trengrove; Bernard Turcotte; Theresa Swinehart

Apologies: Chuck Gomes

**Please let Grace know if your name has been left off the list (attendees or apologies).**

Notes & Action Items

Eliminating structures

- Freestanding committee ( not legal entity)
- Body incorporated
- trust

 

In past:

 structure based on checks and balances

What are rationales for different structures

**Notes lost first minutes of the session**

 

What could incorporated do which unincorporated entity not do?

  • What are the functions:
    • What are metrics, have the service levels been met, is target met? Annual performance review  (could be done by committee).
  • Survey: external oversight body
    • For transactional oversight  not needed
    • For performance in relation to metrics
    • Community is looking at performance,

Modifying SLA 

  • What happens if IANA adheres to SLA?
  • Serious breach: -> revisit the IANA Function assignment

 

  • Separate Functions performed, they need 
  • Different functions could/need be addressed by different  bodies 
  • Strawman 1 appealing
    • no jurisdictional issue? In essence somewhere. 
  • Strawman 1 A, other functions that will be performed by oversight body. Recreation of NTIA
    • Authorization role/function. To be performed by committee?
  • Entity with legal personality could contract with ICANN, those without could not.
  • Details for legal entity could be filled in at later stage.
  • Having an outside contracting body is least change ( NTIA is contracting with ICANN). Having non incorporated entity is the major change
  • Comments major functions
    • Taking complaints on SLA, can be done without legal entity
    • Setting the SLA
    • Contracting
  • The more functions/ role are transferred to committee, the more complex ti will be. Alternative: tranfer functions to community
  • Through contracting  empower the community

 

Additional element Stewardship and Oversight 

  • Supposition: contract only way to perform some of the functions. Agreement has elements of contract but could function as MoU between ICANN and oversight body.
    • Bylaws of ICANN could be vehicle to effectuate 
    • agreement
  • Need to understand what is in current contract:
    • what needs to replaced, what can be left out, what is not relevant ( effectively work RFP 2C) (replicate, eliminate or air)
    • A new bureaucracy may lead to mission creep and...
  • Necessity of understanding of functions.
  • Summary of functions

 

  • Alternative, how would it like to include functions in ICANN
  • Separability is tool/mechanisms to ensure control (goal). 
  • Current mechanisms for control on Board is minimal (SO/AC may replace one Board member every 3 years)
  • If SO/AC would be enabled to with draw Board members.by community.  
  • Replacement by Board is accountability topic: counter argument may set constraints.
  • Making this work will take considerable time.
  • Board replacement ability is reflection of lack of trust in ICANN Board.
  • Outside entities will not be 

 

Functions 

  • Approval function of changes
  • Performance review function
  • Contracting function
  • Enforcement function
  • Replacement ( could be seen as part )

Stewardship function elusive

Approval Function

    • Approval function of automation
    • Performance review is done by community already and not so much by NTIA.
    • Which functions to retain, eliminate,or air?
    • which functions to be performed by oversight body

 

Replacement is considered part of the enforcement

Approval function of changes to the root zone

  • Ever been effected?
  • Never been effected
  • Mere ability to use, is ultimate sanction..
  • If it would be used may have 

 

  • OFAC role needs to included.
  • Are both sanctions needed ( veto on root server changes, and Replacement).
  • Mechanism to review the performance may be needed. 
  • From Kieren's conversation on NTIA's Administrator role
  • NTIA approval process is running checklist, when all is good, it is approved. 
  • regarding to OFAC, a private body will not be in position to take role of NTIA. Issue is if licence under OFAC is refused.
  • Question: what sort of body , if any, should perform this functions. It may lead to different answers per function.

 

Approval role – Risks

  • The risks are the role of the "man in the middle" 
    • - will be focus point of community
    • - Will be focus of liability

 

  • Consequence of making a wrong decision may heave severe impact -> eliminate function for new entity
  • Consequence: ICANN or Verisign last approver
  • Keep notes for the record, Approval function could be eliminated. For ccTLD ultimate authorization is in country. For gTLDs unclear. 
  • Does automation makes difference
  • Does automation include test?
  • Test such as validating, including validating again relevant RFCs

 

Does Automation apply to delegation and redelegations?

  • Delegation and redelgation needs human interaction (ccTLD approach).
  • Who should approve? 
  • Delegation redelgation gTLD other issue
  • IANA does not follow blindly but do check.
  • Full redelgation, includes full IANA report, did it go the Board etc. Role of NTIA (checklist) is to check if steps of the process are followed.
  • Post delegation is mechanism to use for gTLDs
  • Specific recourse mechanisms recorded in RFP 2A, do not go to the Board nor to NTIA

 

Performance review Function

  • Needs to be continued, if so which body?
  • Performance review is agreed on contractually.
  • Needs to be continued. Who will perform function
  • See Matrix document
  • Question who oversees oversight body?
  • Performance review is periodic review as well as checking against SLA
  • Split the two functions
    • Transactional performance review
    • Periodic performance review
  • Could be performed within in ICANN?
  • Firewalled, + structural 
  • Other bodies perform regular review (IETF)
  • What does NTIA actually do in this area
  • Characterizing the functions as 1 A and 1 B
  • See Metrics in IANA performance reports as example of performance metrics and transactional performance review
  • NOI in 2011 process for changes, example of Periodic Performance review.
  • Transactional review: NTIA role, contract requires to publish performance review.
  • Need to ensure transactional review are published.   
  • Create functional level before structural progress

Transcript

The transcript will be posted here upon receipt

 

Recording

The Adobe Connect recording is available here: 

Part 1: https://icann.adobeconnect.com/p8nmqfyy0ll/

Part 2: https://icann.adobeconnect.com/p1m6nz682az/

The audio recording is available here:

 

Documents Presented

Functions(draft for RFP3).docx

 

Chat Transcript

Grace Abuhamad:*** COFFEE BREAK *** Session will resume at 15:00 UTC (16:00 local)

  Berry Cobb:Per the discussion about NTIA's role, Kieren did reach out to them to better understand their task.  He had only sent this to the RFP3 mail list.   It may be helpful to all.  http://mm.icann.org/pipermail/cwg-rfp3/2014-November/thread.html

  Berry Cobb:Also, in the discussion pertaining to Proposal 4, Avri did sumbit more details to the RFP3 list that may inform the deliberations here.  It has not been incorporated to the strawman document loaded into the AC room. http://mm.icann.org/pipermail/cwg-rfp3/2014-November/000259.html

  Grace Abuhamad:Will be starting soon.

  Robert Guerra:we are back. thank you

  Nathalie  Peregrine:Apologies for the recent audio issues, Adobe Connect experienced a brief outage, we should be fine now.

  Glenn McKnight:Sounds  fine

  Grace Abuhamad:@Nathalie thank you

  Eduardo Diaz - (ALAC):What about the contract relationship that NTIA has with Verisign? Is that relationship going to ICANN or this oversight group?

  matthew shears (CDT):+ 1 to Paul and the role and engagement of the community

  Mary Uduma:no audio

  Allan MacGillivray 2:@Eduardo, the NTIA/Verisign Coopertive Agreement specifies that Verisign can one make chnages to the root zone on the instruction of the NTIA.  With the withdrawl of the NTIA, that Cooperative Agreement ewould need to be amended to specify that Verisgin rtake instruction from another entity.

  Sivasubramanian M:Eduardo  There is often some confusion about IANA functions and IANA oversight.  Are we going to go into the execution of IANA functions, for which there is an existing arrangement with Verisign.  Contract relationship may remain unchanged, but the contracting authority changes becaue NTIA is stepping out.

  Sivasubramanian M:It is only the oversight that is in transition. Whatever arrangements we come up with for this oversight, would also oversee Verisign and review it periodically. Is this understanding correct?

  Eduardo Diaz - (ALAC):@Allan: So my question stands - Who is the new contracting authority? ICANN? or the new community oversigth

  Mary Uduma:Audio  ok now

  Allan MacGillivray 2:The NTIA/Verisign Coopertive Agreement is not part of the discussion - it will survive the transition, but, as I noted above, will need to be amended

  Allan MacGillivray 2:@Eduardo - we have not yet got to the point of decideing whether there will a) even be a contract, as such, and b) what entity will be on the other end of the contract/agreement.  

  Eduardo Diaz - (ALAC):@allan: ok

  matthew shears (CDT):I agree with Alan G - looking at how we replace the contracting role is essential (and most likely will require term limited contracts awarded by a separate entity) and looking at the clerical cjeck-box function which may or may not  still be neccesary, and if it is necessary how should it be addressed

  Guru Acharya:+1 Malcolm

  Amr Elsadr:Also +1 @Malcolm.

  matthew shears (CDT):yep +1 Malcolm

  Brenden Kuerbis:Agree

  Camino Manjon:+1 to Malcom

  Camino Manjon:AoC is not binding and does not entail legal obligations as such for ICANN

  Camino Manjon:so far

  Guru Acharya:+1 to Malcolm again. Youre godlike right now.

  Alan Greenberg:*IF* this oversight body, or any body will be contracting  with ICANN (or some future operator of IANA), then it MUST be a legal entity. Liability to individuals involved is too large in any other scenario.

  Alan Greenberg:Question is whether we need to be contracting or not.

  Guru Acharya:And Malcolm .. thank you for pointing out that Strawman 1 changes things the most. Not the least as some people frame it.

  Olivier Crepin-Leblond:@Alan - and if it is a legal entity, can it then be captured?

  Sivasubramanian M:@ Olivier  Yes, we need to forsee various scenarious

  matthew shears (CDT):award and removal of contract is a way of ensuring accountbaility and performance

  Guru Acharya:+1 matthew

  Joerg SChweiger:+1  2 Alan

  Amr Elsadr:@Olivier: Interesting update by Avri here, and may address concerns of capture. http://mm.icann.org/pipermail/cwg-rfp3/2014-November/000259.html

  matthew shears (CDT):+1 Jonathan as way forward

  Robert Guerra:agree

  Seun Ojedeji:does enforcement of contracct mean the same thing as compliance with SLA

  Brenden Kuerbis:@Amr which supports a new legal entity, the Administrator which manages a contract with the Operator

  Amr Elsadr:ICANN by-laws requiring the board to comply with an MoU can be changed by the ICANN board. :)

  Amr Elsadr:@Brenden: Yes. Not so sure about a council that will dissolve then reconvene though.

  Amr Elsadr:It may be workable.

  Seun Ojedeji:hmm...that would have been possible @Alan if the ICANN has membership setup

  Brenden Kuerbis:Agree with Seun, there are too many accountability issues at ICANN to resolve first

  Wale Bakare:The legality aspect of the proposal is overshadowing the main task on hands

  Mary Uduma:Is MoU enforceable?

  Amr Elsadr:@Mary: No. The proposal on the table is that the MoU's enforcability be included in the ICANN bylaws.

  Camino Manjon:if MoU clauses go into the bylaws afterwards, I believe they are only enforceable under US jurisdictino

  Camino Manjon:but per se they're not enforceable via MoW

  Allan MacGillivray:@Camino - there has to be 'a' jurisdiction, US or whereever.

  Camino Manjon:sure

  Seun Ojedeji:@Amr i think MOU is enforcable to some extent.....however the problem is that names does not really have an MOU at the moment and the other puzzle will be who signs the MOU on behalf of names community ;)

  Allan MacGillivray:@Camino an MOU is admittedly indirect, but one would never see a 'contract' directly adjudicated in any event.  The overall objective is to bind ICANN/IANA to respect  the MOU..

  Camino Manjon:why an oversight body construed  as independent legal entity can't sign a MoU or AoC with ICANN? Isnt that a purist replacement of the role of NTIA?

  Camino Manjon:Thanks @Allan

  Glenn McKnight:After  listig the functions  are assessed , they need to be weighed

  Mary Uduma:If MoU is enforceable  if included in ICANN bylaws, I think  a less legal body would be best for the oversight function.

  Camino Manjon:Mary, but right now the Board enforces its own bylaws and adjudicates in conflicts pertaining to the Bylaws

  Camino Manjon:what is the added value then?

  Camino Manjon:that is why I asked before what is the relationship between an INternal commitee to do operation reviews, inside ICANN, and the role of the ICANN Board

  Donna Austin, RySG:Posting a comment from David Conrad to the list a while ago: NTIA currently has an operational role in that function: the administrator role that authorizes root zone modifications (both to the registration database and the root zone database itself).The community has three options:- remove the authorization requirement;- replace NTIA with a single authorizer; or- replace NTIA with multiple authorizers.The IANA root zone management function may also need to change depending on what the community decides with respect to the Root Zone Maintainer function currently performed by Verisign under a separate cooperative agreement with NTIA.

  Mary Uduma:To  meet the requirement of the NTIA  that the stewardship be handed over to Multistakeholder Internet Community, there is the need to have this independent oversight  body.

  Donna Austin, RySG:And this from Kieren on the NTIA admin role: NTIA about its Administrator role. Here's what I found out:* The NTIA uses a checklist for IANA requests. It goes through the checklist, if all is good, it is approved. The NTIA will provide that checklist if this group asks for it.* There are 3-4 people at the NTIA that will go through IANA requests. Typically it is whoever picks it up first, which often relates to how busy they are individually. (What this says to me is that it does not require specialist knowledge to do the job.)* There was at one point a plan to automate much of the process but for a variety of everyday reasons, it hasn't happened yet. (What this says to me is: here is a place for further improvement in the IANA process and that it may be possible to remove the NTIA role altogether if the job they do is introduced into the process transparently i.e. anyone can see that a check was done and what the results of that check were, for every request.)

  Robert Guerra:OFAC administers a number of different sanctions programs.  http://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx

  Kurt Pritz:The fact that the NTIA has approved every IANA-recommended request leads to an important req't for the successor: the successor must have the wherewithal to approve requests despite strong protests against a proposed change

  Robert Guerra:The Office of Foreign Assets Control ("OFAC") of the US Department of the Treasury administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.  http://www.treasury.gov/resource-center/sanctions/Pages/default.aspx

  Eduardo Diaz - (ALAC):Can someone explain to me why ICANN as a corporation can not be the contracted party?  If this is posiible then we do not need to create another outside legal entity.

  Sivasubramanian M:@ eduardo  Contracted or contracting?

  Eduardo Diaz - (ALAC):@SIva: contracting party

  Alan Greenberg:ICANN cannot contract with itself. And it would be hard to envision ICANN granting the contract to seomeone else.

  matthew shears (CDT):If ICANN is the party awarding the contract then why would award the contract to anyone else?

  Greg Shatan:@Eduardo: if ICANN is one contracting party, who is the other?

  Allan MacGillivray:@ Eduardo - I think that those who want a contact do see ICANN as being one of the contracting parties.  Te debate I belive is around who will be the other as IANA is current just part of ICANN.

  Eduardo Diaz - (ALAC):@ALan: I was thinking about contracting with Verisign and so on.

  Sivasubramanian M:@ Alan  This brings up your earlier question again. Should there be a contract at all?

  Eduardo Diaz - (ALAC):@Siva: +1

  Wale Bakare:@Eduardo, would that not overburden Verisign with more roles? I thought Verisgn already had an agreement/operational currently beig carried out with wrt root zone

  Sivasubramanian M:ICANN continues to perform the IANA functions, IANA functions remain a part of ICANN, perhaps structurally separated, so a contract between icann and iana would be unnecessary...

  Eduardo Diaz - (ALAC):@Walw: But I was under the impression that NTIA has some kind of contract with Verisgn as the maintener of the root zone. Maybe I am confused. Is it a MOU then?

  Wale Bakare:@Eduardo, may be you should seek what the Root Zone maintainer does?

  Amr Elsadr:@Jonathan: +1

  Allan MacGillivray:There is something called a 'Coopertive Agreement' between NTIA and Verisign.  IN effect what happens is that IANA tells NTIA what chnages are being requested to the root zone and then NTIA instucts Verisign to implement it.  It is Verisign who controls the actuall root zone,

  Seun Ojedeji:I agree with @Jonathan

  Brenden Kuerbis:Agree with current sentiment. I would really focus on David's point raised on list. Does the authorization step (currently done by NTIA) need to happen in future? If checks for technical consistency have been performed by the Ry and the IANA Operator, what is the need for further authorization? I'd say this is not a function that any new body should perform (or even want).

  Seun Ojedeji:@Brenden i presume that is also what Jonathan was referring to...no?

  Brenden Kuerbis:Yes

  Eduardo Diaz - (ALAC):@Allan: Thta is the way I understood it. However, Verisgn will not do anything to the root if it is not directed by NTIA. Therefore, NTIA is the main authority (assuming Verisign does not do things by themself)

  Seun Ojedeji:@Eduardo yeah thats correct and we are then saying that going forward, there may be a need to have the MOU re-routed between ICANN and Verisgn maybe?

  Wale Bakare:@Eduardo, that would shift the discussion to -  what grounds would NTIA not authorized/authorized?

  matthew shears (CDT):If we remove the approval role doe we lose some transparency as to what is happening to the root?

  Wale Bakare:@Eduardo, that would shift the discussion to -  what grounds would NTIA not authorize/authorize?

  Seun Ojedeji:@Mathew thats very important question

  Fatima Cambronero:why the transparency, @Matthew

  matthew shears (CDT):just asking - don't know the processes

  Amr Elsadr:@Matt: Was also wondering what Fatima asked. How does this role add transparency to the process?

  Sivasubramanian M:@ Allan   You said "it is verisign who controls the actual root zone"  Does it ?  Or Versign operates, like a contracted under instructions, the root zone changes, strictly as per instructions?

  Sivasubramanian M:like a contractor under instructions

  Seun Ojedeji:@SM i presume Alan was referring to who actually does the entry

  Sivasubramanian M:that is understood,  making the entry does not amount to conttrolling.  Verisign does not decide whether or not to make an entry

  Seun Ojedeji:So yes there is an MOU btw Verisgin and NTIA and its by the MOU that Verisgn is carrying out the role

  Seun Ojedeji:Yes thats correct SM

  Brenden Kuerbis:Dont you have the Rys contract with ICANN?

  Sivasubramanian M:Thanks Seun

  Sivasubramanian M:After NTIA, it would be ICANN or a structurally separate IANA, that would be "instructing" Verisign to make the entries. Is that right?

  Seun Ojedeji:I fear we are going into too much processes of IANA which may not really help us determine who the contractor will be OR even whether we need a contract

  matthew shears (CDT):This a usefu approaach though - identifying what roles and unctions we really need to account for

  Donna Austin, RySG:Example of an IANA report for the delegation of a new gTLD: http://www.iana.org/reports/2014/gtld-readiness-1-1946-86958.pdf

  maarten simon:thanks Jaap

  Glenn McKnight:Who will do the performance  review.  Inside or Outside  bodies,  What  standards  ie.  Transparency International etc

  matthew shears (CDT):as performance is linked to contract will probably be the same entity

  Kurt Pritz:The same group that approves changes day-to-day should also do the performance review. When one has a job, one doesn't do the day-to-day work for one boss and then gets the reveiw performed by another boss. Day-to-day knowledge is important in being able to perform a review.

  Mary Uduma:The voice breaks.

  staffa:Doesn't The Affirmation of Commitment (AoC) already presuppose preformance review? Will there not be need of an orgnaization just to manage the AoC?

  Grace Abuhamad:I will send link

  Grace Abuhamad:http://www.iana.org/

  Grace Abuhamad:http://www.iana.org//performance/metrics/20141031

  Grace Abuhamad:http://www.iana.org/performance/metrics/20141031 

  Fatima Cambronero:@Grace, can you send to us this document by email or publish in the Wiki?

  Grace Abuhamad:yes

  Fatima Cambronero:thank you

  • No labels