Transcript

Transcript CWG DT-F 13 April.doc

Transcript CWG DT-F 13 April.pdf

Recording

The Adobe Connect recording is available here:  https://icann.adobeconnect.com/p8tayzdxsfj/

The audio recording is available here:  http://audio.icann.org/gnso/gnso-dtf-13apr15-en.mp3

Agenda

1 Welcome 

2 DNSSEC

3 Basic NTIA Recommendation

4 Level of other recommendations

5 Work Plan

6 AOB

Notes

Task for DT F

Recorded in template

Suggestion to distinguish that need to be addressed before transition and could be done afterwards (see Alan's  summary email)

DNSSEC key management. NTIA operational involvement limited to changes going into root-zone

David: No particular role in day-to-basis. NTIA oversees/approves (right word not clear) plan to change plans for DNSSEC key management

Basic Recommendation DT F

DT D recommendation, no Authorization needed.

David C: No contractual relation between IFO and RZM

What should be core recommendation: RZM should accept changes from IFO 

David C: No contractual relation between IFO and RZM. Suggest to enter into contract

Milton: 2 suggestions:

- formal relationship between IFO and RZM

- NTIA needs to act

Alan Question: should NTIA step out of or change cooperative agreement as part of the Transition?

Milton: changes are needed, given language in cooperative agreement re Authorization by NTIA for changes

David C: NTIA needs to approve changes explicitly to make changes. 

Action Alan: will suggest langauge on the list

Questions Alan as listed in email

Is there an opportunitry for accidental change, once change is submitted? 

Accidental changes not likely (software bugs aside)

Potential for out-of policy changes? 

Is there a need to look at it in more detail. Need to understand what is in policy and what is not

Milton: supports need to check, put checks and balances in policy/procedures and flag

Chuck: Two kinds of policy. Standards and policy developed by ccNSO and GNSO. IANA operator or RZM do any interpretation by policy developed by ccNSO and GNSO. They do interpret technical side of policy (standard).

The flow for ccTLD and gTLD is different. 

Alan: No need to flesh out in recommendation, but may need to delve into later. 

Chuck: Be specific about the type of policy. 

David C: under latest version IANA Function contract, no longer role of ICANN Board. IANA staff needs to do interpretation

Alan: Check if there is need to change current process around Board .

What does it mean if NTIA goes away. Limit this group to absence of NTIA

Potential for accidental or malicious or omissions

Alan: potential solution (comparing changes)

David: if change  request is made public, then comparison is possible, for example by TLD operator. 

David: presumption of confidentiality. 

Alan: Go to community to check if changes should remain confidential.

Chuck : note the 

Alan: Recommend that IANA makes a change request public  

ACTION Alan: Check with IANA what is made public and what will be made public.

Need to replace NTIA in discussion regarding substantive Root Zone changes.

David C: possibly introduce trust but verify mechanism,

Suzanne: Need to make a contract change necessary,

Also needed, mechanism to be able to spend considerable amounts of money to prepare for potential changes ( for example, introduction of DNSSEC).  

Suggestion to formulate requirement.

Alan: at times involvement of NTIA may have led to delays.

Another way around, did NTIA involvement add value?

Form direct experience, care and consideration have been put into process of changes. 

Milton: NTIA had to agree, and then change the contract. Somebody needsd to be in position to be convinced. 

These questions should not be resolved by DT F, are part of broader discussion of authority to write the contract ( governance issue)

Alan: Someone needs to ask the right questions. 

David: NTIA does have access to vast array area of resources  and Expertise (example around DNSSEC deployment)

Alan: There are advantages of NTIA's involvement and these need to be replaced.

Concentration of power to change in one single entity is issue.

Chuck: current system of two entities, preforming the IFO and RZM role good practice, and should be maintained.

Alan: what should be recommendation on this point moving forward?

Accession as currently stands: NOT integrate the roles in to one single entity is accepted. The two-man rule is preferred.

Milton: Support separation of roles

Need to address of Security?

Milton: separation of structure might be good idea.

David C: Does this need to be part of robustness? 

Alan: could be

David C: Budget Numbers need to be upgraded if infrastructure would be separated. revisit recommendation DTO

Chuck: In discussion with Xavier, cost of separation were clarified. Cost shoul dno tbe primary factor, but ther cost factors come into play

Alan: Need to mentioned, but not part of architecture recomemndation

Potential change process slowing  down the speed of RZ change implementation.

 Chuck: need to express best efforts should be made not to slow down.

How to go forward?

Alan, and staff to intitiate drafting

AOB

Chuck: need for change of automation change when NTIA is removed. 

Identify changes needed? 

David C: Currently change in process may be needed, In short time as long as Verisign maintains role as RZM, no major changes needed.

Action Items

Action Alan: will suggest language on the list re need to have clarity around change of cooperative agreement

Action Alan: Check with IANA what is made public and what wil be made public.

Action: Alan, and staff (B&B)  to initiate drafting.

Chat Transcript

Brenda Brewer: (4/13/2015 07:48) Welcome to the DT-F Meeting on 13 April.

  Milton Mueller: (08:08) hello

  Bernard Turcotte - staff support: (08:09) hello

  Milton Mueller: (08:10) I have to leave at 8 am (SFO time) for an ARIN breakfat

  Milton Mueller: (08:11) good

  Gary Campbell: (08:12) Hi guys

  Cheryl Langdon-Orr: (08:12) hi

  Bernard Turcotte - staff support: (08:12) lostyour audio

  Bart Boswinkel: (08:13) Document is scrollable for all

  Milton Mueller: (08:18) That could be something for your list, Alan

  Cheryl Langdon-Orr: (08:19) Do we wish to deal with verification

  Cheryl Langdon-Orr: (08:19) and good point  @David  re a 'new' arrangement being desirabel  (which it is IMo)

  Chuck Gomes: (08:24) I think that is correct Alan.

  Chuck Gomes: (08:24) Agree with David.

  Cheryl Langdon-Orr: (08:25) Thanks @Alan  that will be good

  Milton Mueller: (08:31) Yes

  Cheryl Langdon-Orr: (08:33) vry hard t hear you MM

  Gary Campbell: (08:33) Th policy issues are important

  Cheryl Langdon-Orr: (08:33) better now

  Gary Campbell: (08:33) It guies everything else

  Suzanne Woolf: (08:36) Hi all, sorry I was late

  Gary Campbell: (08:38) Hi Suzanne

  Milton Mueller: (08:41) Could we add as an item to our list that IANA should not be interpreting?

  Alan Greenberg: (08:41) Yes

  Bernard Turcotte - staff support: (08:42) agree with Bart

  David Conrad: (08:43) might suggest getting a clarification from IANA staff

  David Conrad: (08:44) the question should probably be whether or not  NTIA plays a role

  Suzanne Woolf: (08:44) +1 on clarification, why I offered to do that

  Bernard Turcotte - staff support: (08:45) correct

  Bernard Turcotte - staff support: (08:52) +++1 Chuck

  Chuck Gomes: (09:04) I have been very impressed with the level of cooperation between the IANA team and Verisign.

  Suzanne Woolf: (09:05) +1 Chuck, what I tried to say :)

  Suzanne Woolf: (09:06) I have the highest regard for both the IANA team and Verisign's technical and operational skill

  Suzanne Woolf: (09:06) No reservation at all

  Milton Mueller: (09:11) I would agree too. But please identify the "added value" as "cntracting authority" or something like that

  Suzanne Woolf: (09:12) Hmmm....David's point is an excellent one, and "access to expertise" may be entirely unrelated to "contracting authority"

  Chuck Gomes: (09:12) We definitely should say it.

  Milton Mueller: (09:13) But David's point was that NTIA could "push things through" or put them into the contract. And the example of NIST was more access to resources than expertise alone

  Milton Mueller: (09:15) Maintain separation between IANA functions and RZ Maintainer

  Milton Mueller: (09:19) really? this is the age of cyberterrorism?

  Alan Greenberg: (09:23) I did apologise for my wording!

  Cheryl Langdon-Orr: (09:24) Agreed  @Alan

  Milton Mueller: (09:29) Yes, please do

  Milton Mueller: (09:29) (boune things off of me)

  Milton Mueller: (09:29) bounce

  Cheryl Langdon-Orr: (09:29) Good plan 

  Bernard Turcotte - staff support: (09:31) David has input on this

  Bernard Turcotte - staff support: (09:33) alan is  a bad man

  Bernard Turcotte - staff support: (09:34) too much information

  Bernard Turcotte - staff support: (09:34) bye

  Cheryl Langdon-Orr: (09:34) bye