FinalTransitionProposal_11June.docx

PDF: FinalTransitionProposal_11June.pdf

 

Response to the IANA Stewardship Transition Coordination Group Request for Proposals on the IANA Stewardship Transition from the Cross Community Working Group on Naming Related Functions

(CWG-Stewardship)

Table of Contents

GLOSSARY                                                                                                                                                                                                              

Abstract

Proposal type

I. The Community’s Use of the IANA                                                                                                                                                   

I.A.  The service or activity

I.B.  The customer of the service or activity

I.C.  Registries involved in providing the service or activity

I.D.  Overlap or interdependencies between your IANA requirements and the functions required by other customer communities

II. Existing Pre-Transition Arrangements                                                                                                                                               

II.A Policy Sources

II.A.i. Affected IANA Service (ccTLDs)

II.A.ii. Affected IANA Service (gTLDs)

II.B. Oversight and Accountability

II.B.i Which IANA service or activity is affected (NTIA IANA Functions Contract)

III. Proposed Post-Transition Oversight and Accountability                                                                                                           

III.A The Elements of This Proposal

Post-Transition IANA (PTI)

PTI Board

IANA Contract and Statement of Work

IANA Function Review

Special IANA Function Review

Customer Standing Committee (CSC)

Service Level Expectations (SLEs)

Escalation Mechanisms

Separation Process

Framework for Transition to Successor IANA Functions Operator

Recommendations related to the elimination of NTIA Authorization of changes to the Root Zone content and the associated WHOIS database

Changes to the Root Zone Management Architecture and Operation Post Transition

ccTLD Delegation Appeals

IANA Budget

Regulatory and Legal Obligations

III.B.  Implications for the interface between the IANA Functions and existing policy arrangements

IV. Transition Implications

IV.A. Operational requirements to achieve continuity of service and possible new service integration throughout the transition

IV.B. Description of any legal framework requirements in the absence of the NTIA contract

IV.C. Workability of any new technical or operational methods

IV.D. Length the proposals in Section III are expected to take to complete, and any intermediate milestones that may occur before they are completed

V. NTIA Requirements

V.A. Support and enhance the multistakeholder model

V.B. Maintain the security, stability, and resiliency of the Internet DNS

V.C. Meet the needs and expectation of the global customers and partners of the IANA services

V.D. Maintain the openness of the Internet

V.E. The proposal must not replace the NTIA role with a government-led or an intergovernmental organization solution              

VI. Community Process

VI.A. Steps taken to develop the proposal and to determine consensus.

VI.B. Links to announcements, agendas, mailing lists, consultations, and meeting proceedings

VI.C. Assessment of the level of consensus behind your community’s proposal, including a description of areas of contention or disagreement              

Annex A – The Community’s Use of the IANA Functions – Additional Information                                                          

Annex B – Oversight Mechanisms in the NTIA IANA Functions Contract                                                                             

Annex C - Principles and Criteria that Should Underpin Decisions on the Transition of NTIA Stewardship for Names Functions              

Annex D – Diagram

Annex E – IANA Contract Provisions to be Carried Over Post-Transition (Statement of Work)                                   

Annex F – IANA Function Reviews - Statement of Work Duration and Review Periodicity                                            

Annex G – Proposed Charter of the Customer Standing Committee (CSC)                                                                             

Annex H – Service Level Expectations                                                                                                                                                         

Annex I – IANA Customer Service Complaint Resolution Process for Naming Related Functions                              

Annex J - IANA Problem Resolution Process (for IANA naming services only)                                                                      

Annex J-1 – Escalation Mechanisms Flow Charts                                                                                                                                   

Annex K - Root Zone Emergency Process                                                                                                                                                    

Annex L – Separation Process

Annex M – Framework for Transition to Successor IANA Functions Operator                                                                      

Annex O - ccTLD Appeals Mechanism Background and Supporting Findings                                                                        

Annex P – IANA Operations Cost Analysis                                                                                                                                              

Annex Q – IANA Budget

Annex R: Evaluation Method for Implications

Annex S: Draft Proposed Term Sheet (as proposed by Legal Counsel)                                                                                         

ANNEX T: ICANN RESPONSE TO CWG-STEWARDSHIP CONSULTATION                         133

 


 


GLOSSARY

Below are acronyms used throughout the document. Additional useful acronyms have been provided as they may be referenced in related CWG-Stewardship documents. 

         AC : Advisory Committee

         ALAC: At-Large Advisory Committee

         AOC : Affirmation of Commitments

         ASO : Address Supporting Organization

         ccNSO : Country Code Names Supporting Organization

         ccTLD : Country Code Top-Level Domain

         CCWG-Accountability : Cross Community Working Group on Enhancing ICANN Accountability

         CO : Contracting Officer

         COR : Contracting Officer’s Representative

         CRISP Team : Consolidated RIR IANA Stewardship Transition Proposal Team

         CSC : Customer Standing Committee

         CSCRP : Customer Service Complaint Resolution Process

         CWG-Stewardship : Cross Community Working Group to Develop an IANA Stewardship Transition Proposal on Naming Related Functions

         DNS : Domain Name System

         DNSSEC : Domain Name System Security Extensions

         DRDWG : Delegation and Re-delegation Working Group

         DT : Design Team

         FOIWG : Framework of Interpretation Working Group

         GAC : Governmental Advisory Committee

         GNSO : Generic Names Supporting Organization

         gTLD : Generic Top-Level Domain

         IANA : Internet Assigned Numbers Authority

         ICANN : Internet Corporation for Assigned Names and Numbers

         ICC : International Chamber of Commerce

         ICG : IANA Stewardship Transition Coordination Group

         ICP : Internet Coordination Policy

         IDN : Internationalized Domain Name

         IETF : Internet Engineering Task Force

         IFO : IANA Functions Operator

         IFR : IANA Function Review

         IFRT : IANA Function Review Team

         NIST : National Institute of Standards and Technologies

         NTIA : National Telecommunications and Information Administration (U.S. Department of Commerce)

         OFAC : U.S. Department of the Treasury’s Office of Foreign Assets Control

         PDP : Policy Development Process

         PTI : Post-Transition IANA

         RFC : Request for Comments

         RFP : Request for Proposals

         RrSG : Registrar Stakeholder Group

         RIR : Regional Internet Registry

         RSSAC : Root Server System Advisory Committee

         RySG : Registry Stakeholder Group

         SCWG : Separation Cross-Community Working Group

         SLA/SLEs: Service Level Agreement/Service Level Expectations

         SO : Supporting Organization

         SOW : Statement of Work

         SSAC : Security and Stability Advisory Committee

         TLD : Top-Level Domain


Response to the IANA Stewardship Transition Coordination Group Request for Proposals on the IANA Stewardship Transition from the Cross Community Working Group on Naming Related Functions (CWG-Stewardship)

01                    Abstract

02                    This document is a response from the Internet Names Community to the IANA Stewardship Transition Coordination Group (ICG) Request for Proposals (RFP) made on September 8, 2014.

03                    Please note that annexes are included at the end of this document.

04                    Proposal type

05                    Identify which category of the IANA Functions this submission proposes to address:

 

[ X ] Names     [  ] Numbers [  ] Protocol Parameters

  1. The Community’s Use of the IANA

06                    This section should list the specific, distinct IANA services or activities your community relies on. For each IANA service or activity on which your community relies, please provide the following:

         A description of the service or activity.

         A description of the customer of the service or activity.

         What registries are involved in providing the service or activity.

         A description of any overlaps or interdependencies between your IANA requirements and the functions required by other customer communities

07                    I.A. The service or activity

08                    The IANA activities, as described in the current IANA Functions Contract, relevant to the Internet Naming Community are:

1)       Root Zone Change Request Management – not including delegation and redelegation (NTIA IANA Functions Contract: C.2.9.2.a).


2)       Root Zone “WHOIS” Change Request and Database Management (NTIA IANA Functions Contract: C.2.9.2.b).

3)       Delegation and Redelegation of a Country Code Top-Level Domain (ccTLD) (NTIA IANA Functions Contract: C.2.9.2.c) .

4)       Delegation and Redelegation of a Generic Top-Level Domain (gTLD) (NTIA IANA Functions Contract: C.2.9.2.d).

5)       Redelegation and Operation of the .INT Top-Level Domain (NTIA IANA Functions Contract: C.2.9.4).

6)       Root Domain Name System Security Extensions (DNSSEC) Key Management (NTIA IANA Functions Contract: C.2.9.2.f).

7)       Root Zone Automation (NTIA IANA Functions Contract: C.2.9.2.e).

8)       Customer Service Complaint Resolution Process (CSCRP) (NTIA IANA Functions Contract: C.2.9.2.g).

09                    Services provided by ICANN’s IANA department that are not part of the contractually defined IANA Functions, but which are relevant to the Internet Naming Community are:

9)       Management of the Repository of IDN Practices (IANA service or activity beyond the scope of the IANA Functions Contract).

10)    Retirement of the Delegation of TLDs (IANA service or activity beyond the scope of the IANA functions contract).

11)    For further details concerning each of these IANA activities, please see Annex A.

10                    I.B. The customer of the service or activity

11                    The primary customers of these IANA activities are TLD registry managers, .INT registrants, Domain Name System (DNS) validating resolver operators. For further details on the customer(s) for each activity, please see Annex A.

12                    I.C. Registries involved in providing the service or activity

13                    TLD registries (including ccTLD and gTLD) are involved in providing the service. For further details on which TLD registry (ccTLD or gTLD) is involved in each activity, please see Annex A.

14                    I.D. Overlap or interdependencies between your IANA requirements and the functions required by other customer communities

15                    The IETF, through its responsibilities for developing the underlying DNS protocol and its extensions, could designate parts of the domain name space for particular protocol-related purposes that may overlap with usages assigned through ICANN policies. It may also designate portions of the namespace as invalid, illegal, or reserved based on the evolution of the underlying DNS protocol and its extensions. It may also expand the scope of namespace to be managed through such changes. Additional overlap and/or interdependencies have been identified for each activity in Annex A. 


  1. Existing Pre-Transition Arrangements

16                    This section should describe how existing IANA-related arrangements work, prior to the transition.

17                    II.A Policy Sources

18                    This section should identify the specific source(s) of policy that must be followed by the IANA functions operator in its conduct of the services or activities described above. If there are distinct sources of policy or policy development for different IANA activities, then please describe these separately. For each source of policy or policy development, please provide the following:

         Which IANA service or activity (identified in Section I) is affected.

         A description of how policy is developed and established and who is involved in policy development and establishment.

         A description of how disputes about policy are resolved.

         References to documentation of policy development and dispute resolution processes.

19                    II.A.i. Affected IANA Service (ccTLDs [1] )

20                    All functions that apply to Country Code Top-Level Domains (ccTLDs) and modify the Root Zone database or its WHOIS database are affected.

21                    How policy is developed and established by whom (ccTLDs)

22                    RFC1591 was written in 1994 as a Request For Comments (RFC) by the original IANA Functions Operator, Jon Postel. It is a short document intended to outline how the Domain Name System (DNS) was structured at that time and what rules were in place to decide on its expansion. The longest part of it outlines selection criteria for the manager of a new Top Level Domain (TLD) and what was expected of such a manager.

23                    Like all RFCs, this is a static document (RFCs are updated by the issuance of a new RFC).There have been two significant attempts to revise it so it can be more easily applied to the current context:

         Internet Coordination Policy 1 (ICP-1) .

24                    This document from the Internet Coordination Policy group of ICANN was one of three such documents created by ICANN staff shortly after its creation. It attempted to update operational details over how the DNS was structured and should be run.

25                    The ICP-1 document was a source of significant friction between ICANN and the ccTLD community and the Country Code Names Supporting Organization (ccNSO) formally rejected the ICP-1 document (final report of the ccNSO’s Delegation and Redelegation Working Group or DRDWG) arguing that it modified policy but did not meet the requirements for doing so at the time of its introduction in 1999.
 

         Framework of Interpretation Working Group (FOIWG) Recommendations .

26                    A follow-on to the ccNSO’s DRDWG, the FOIWG was a joint effort between the ccNSO and the Governmental Advisory Committee (GAC) that also involved representatives from a number of ICANN communities to interpret RFC1591 in light of the Internet of today. In its final report it made a number of recommendations that clarify the application of RFC1591 within the current context.

27                    The ccNSO formally endorsed the FOIWG’s Final Report in February 2015 and transmitted it to the ICANN Board of Directors. It is currently pending review and adoption by the ICANN Board.

 

         GAC Principles and Guidelines for the Delegation and Administration of Country Code Top Level Domains 2005 .

28                    This document, also known as the 2005 GAC Principles, which the GAC regards as formal “Advice” to the ICANN Board, and as such is subject to the Bylaws provisions regarding such Advice at the time of submission [2] . This Advice was developed by the GAC and the first version of these principles was published in 2000 and later revised to produce the 2005 version.

29                    Section 1.2 of this document highlights one of the key principles for governments with respect to the management of the ccTLDs associated with their country or territory code:

1.2. The main principle is the principle of subsidiarity. ccTLD policy should be set locally, unless it can be shown that the issue has global impact and needs to be resolved in an international framework. Most of the ccTLD policy issues are local in nature and should therefore be addressed by the local Internet Community, according to national law.
 

30                    Also section 7.1 of this document can be directly relevant to delegation and redelegation of a ccTLD:

7.1. Principle
Delegation and redelegation is a national issue and should be resolved nationally and in accordance with national laws, taking into account the views of all local stakeholders and the rights of the existing ccTLD Registry. Once a final formal decision has been reached, ICANN should act promptly to initiate the process of delegation or redelegation in line with authoritative instructions showing the basis for the decision.
 

         Local laws applicable to ccTLDs, or Internationalized Domain Names (IDNs) ccTLDs, associated with a specific country or territory are developed by the governments of those countries or territories .

31                    How disputes about policy are resolved (ccTLDs)

32                    Section 3.4 of RFC1591 provided for a dispute resolution mechanism. However, the body listed in the document does not currently exist. Most ccTLDs do not have any contracts that specify a dispute resolution mechanism with ICANN.

33                    For those ccTLDs that do not have a contract with ICANN that specifies dispute resolution mechanisms, the ICANN-provided escalation paths available to them are the ICANN Ombudsman and the ICANN Bylaws relating to the Independent Review of ICANN Board Actions (which would only apply to the relevant Board action (i.e., delegations and redelegations in this case). Given that these mechanisms are non-binding on the Board or ICANN, they are perceived by many ccTLDs as being of limited value.

34                    There are additional sources of accountability for the limited number of ccTLDs that have formal Sponsorship Agreements or Frameworks of Accountability with ICANN. These types of agreements have dispute resolution clauses to settle disagreements between the parties that are relevant to all actions and activities by the Operator for ccTLDs. These typically use the International Chamber of Commerce (ICC).

35                    It is also important to note that local laws applicable to ccTLDs, or IDN ccTLDs, associated with a specific country or territory are developed by the governments of those countries or territories and that disputes with respect to such laws can be handled in courts of competent jurisdiction.

36                    References to documentation of policy development and dispute resolution processes (ccTLDs)

         RFC1591: https://www.ietf.org/rfc/rfc1591.txt .

         ICP 1: https://www.icann.org/icp/icp-1.htm .

         FOIWG Final Report: http://ccnso.icann.org/workinggroups/foi-final-resolutions-11feb15-en.pdf .

         Independent Review Panel (IRP): https://www.icann.org/resources/pages/irp-2012-02-25-en .

         ICANN Ombudsman: https://www.icann.org/resources/pages/governance/bylaws-en#AnnexB .

         GAC Principles 2005: https://gacweb.icann.org/download/attachments/28278844/ccTLD_Principles_0.pdf?version=1&modificationDate=1312385141000&api=v2 .

37                    II.A.ii. Affected IANA Service (gTLDs)

38                    Delegation and redelegation of Generic Top-Level Domains (gTLDs).

39                    How policy is developed and established by whom (gTLDs)

40                    The Generic Names Supporting Organization GNSO) is responsible for developing and recommending to the ICANN Board substantive policies relating to gTLDs. The GNSO policy development process is a complex and well-described process that would dwarf this document and as such will not be included. Details can be found at: https://www.icann.org/resources/pages/governance/bylaws-en#AnnexA . ‬‬‬‬ ‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬

41                    How disputes about policy are resolved (gTLDs)

42                    This is a complex and well-described process that would dwarf this document and as such will not be included. Further details can be found at: http://newgtlds.icann.org/EN/APPLICANTS/AGB , which outlines the procedures that were designed with an eye toward timely and efficient dispute resolution. As part of the New gTLD Program, these Procedures apply to all proceedings administered by each of the Dispute Resolution Service Providers (DRSP). Each of the DRSPs has a specific set of rules that will also apply to such proceedings. Furthermore, other ICANN-provided escalation paths such as the ICANN Ombudsman and the ICANN Bylaws relating to the Independent Review of ICANN Board Actions (which would only apply to the relevant Board action) are available.

43                    References to documentation of policy development and dispute resolution processes (gTLDs)

         GNSO PDP: https://www.icann.org/resources/pages/governance/bylaws-en#AnnexA .

         New gTLD Applicant Guidebook: http://newgtlds.icann.org/EN/APPLICANTS/AGB .

         Independent Review Panel (IRP): https://www.icann.org/resources/pages/irp-2012-02-25-en .

         ICANN Ombudsman: https://www.icann.org/resources/pages/governance/bylaws-en#AnnexB .


44                    II.B. Oversight and Accountability

45                    This section should describe all the ways in which oversight is conducted over IANA’s provision of the services and activities listed in Section I and all the ways in which IANA is currently held accountable for the provision of those services. For each oversight or accountability mechanism, please provide as many of the following as are applicable:

         Which IANA service or activity (identified in Section I) is affected.

         If the policy sources identified in Section II.A are affected, identify which ones are affected and explain in what way.

         A description of the entity or entities that provide oversight or perform accountability functions, including how individuals are selected or removed from participation in those entities.

         A description of the mechanism (e.g., contract, reporting scheme, auditing scheme, etc.). This should include a description of the consequences of the IANA functions operator not meeting the standards established by the mechanism, the extent to which the output of the mechanism is transparent and the terms under which the mechanism may change.

         Jurisdiction(s) in which the mechanism applies and the legal basis on which the mechanism rests.

46                    II.B.i Which IANA service or activity is affected (NTIA IANA Functions Contract)

47                    For the purposes of this section, oversight and accountability of the IANA Functions Operator (IFO) refers to independent oversight and accountability. Specifically, oversight and accountability are defined as:

         Oversight (of the IFO performing Root Zone-related actions and activities): Oversight is performed by an entity that is independent of the Operator (as defined in the NTIA IANA Functions Contract) and has access to all relevant information to monitor or approve the actions and activities that are being overseen .

         Accountability: Accountability provides the ability for an independent entity to impose binding consequences to ensure the IFO meets its formally documented and accepted agreements, standards, and expectations.

48                    All IANA Functions described in Section I of this document are affected. Annex B provides an overview of oversight mechanisms that are found in the NTIA IANA Functions Contract.

49                    If the policy sources identified in Section II.A are affected, identify which ones are affected and explain in what way (NTIA IANA Functions Contract)

50                    These oversight and accountability mechanisms in the NTIA IANA Functions Contract do not affect the policies listed in Section II.A.

 

51                    The entity or entities that provide oversight or perform accountability functions (NTIA IANA Functions Contract)

52                    The NTIA is currently responsible for providing this oversight. There is no description regarding how the individuals who perform these functions are selected, removed, or replaced.

53                    A description of the mechanism (NTIA IANA Functions Contract)

54                    One of the official accountability mechanisms included in the NTIA IANA Functions Contract is the ability to cancel or not renew the contract. In addition, there is also a customer complaint mechanism built into the contract.

55                    Jurisdiction and legal basis of the mechanism NTIA IANA Functions Contract

56                    The jurisdiction of the mechanism is the United States of America.

57                    Which IANA service or activity is affected (NTIA acting as Root Zone Management Process Administrator)

58                    NTIA exercises oversight by reviewing all requests and documentation provided by the IANA Contractor for changes to the Root Zone or its WHOIS database to validate that IANA has met its obligations in recommending a change. NTIA can refuse to authorize the request. It affects all IANA Functions that modify the Root Zone and database or its WHOIS database.

59                    If the policy sources identified in Section II.A are affected, identify which ones are affected and explain in what way (NTIA acting as Root Zone Management Process Administrator)

60                    This does not affect the policies listed in Section II.A .

61                    The entity or entities that provide oversight or perform accountability functions (NTIA acting as Root Zone Management Process Administrator)

62                    The NTIA is currently responsible for providing this oversight. There is no description regarding how the individuals who perform these functions are selected, removed, or replaced.

63                    A description of the mechanism (NTIA acting as Root Zone Management Process Administrator)

64                    The accountability is exercised by the NTIA by not approving a change request by IANA for the Root Zone or its WHOIS database.

 

65                    Jurisdiction and legal basis of the mechanism (NTIA acting as Root Zone Management Process Administrator)

66                    The jurisdiction of the mechanism is the United States of America.

67                    Which IANA service or activity is affected (binding arbitration included in TLD contracts)

68                    Most gTLD registries as well as a few ccTLD registries have contracts (for ccTLDs also called Sponsorship Agreements or Frameworks of Accountability) with ICANN. All of these contracts provide for binding arbitration of disputes. (The standard gTLD contract language begins with: “ Disputes arising under or in connection with this Agreement that are not resolved pursuant to Section 5.1, including requests for specific performance, will be resolved through binding arbitration conducted pursuant to the rules of the International Court of Arbitration of the International Chamber of Commerce .”) All IANA Functions which modify the Root Zone file or database are affected.

69                    If the policy sources identified in Section II.A are affected, identify which ones are affected and explain in what way (binding arbitration included in TLD contracts)

70                    This does not affect the policies listed in Section II.A .

71                    The entity or entities that provide oversight or perform accountability functions (binding arbitration included in TLD contracts)

72                    For most gTLDs the language is:

73                    Disputes arising under or in connection with this Agreement that are not resolved pursuant to Section 5.1, including requests for specific performance, will be resolved through binding arbitration conducted pursuant to the rules of the International Court of Arbitration of the International Chamber of Commerce. Any arbitration will be in front of a single arbitrator, unless (i) ICANN is seeking punitive or exemplary damages, or operational sanctions, (ii) the parties agree in writing to a greater number of arbitrators, or (iii) the dispute arises under Section 7.6 or 7.7.  In the case of clauses (i), (ii) or (iii) in the preceding sentence, the arbitration will be in front of three arbitrators with each party selecting one arbitrator and the two selected arbitrators selecting the third arbitrator.

74                    For the few ccTLDs with a contract, the language relating to this is usually a version of the following:

75                    Each party shall nominate one arbitrator, and the two arbitrators so nominated shall, within 30 days of the confirmation of their appointment, nominate the third arbitrator, who will act as Chairman of the Arbitral Tribunal.

76                    A description of the mechanism (binding arbitration included in TLD contracts)

77                    The results of the arbitration are binding on both parties.

78                    Jurisdiction and legal basis of the mechanism (binding arbitration included in TLD contracts)

79                    For gTLDs the arbitration will be conducted in the English language and will occur in Los Angeles County, California, USA.

80                    For ccTLDs that have dispute resolution clauses with ICANN, the place of arbitration needs to be agreed to by both parties. Typically there is language inserted that identifies the law that will be relevant in evaluating each party’s actions, such as the law of the country in which the ccTLD is operated for ccTLDs, and the laws of California for ICANN’s actions.

81                    Which IANA service or activity is affected (applicability of local law for the administration by the IANA Functions Operator of ccTLDs associated with a specific country or territory (ccTLDs) )

82                    The NTIA IANA Functions Contract clearly establishes the importance of the GAC Principles 2005 in the delegation and redelegation of ccTLDs.

83                    As such, Section 1.7 of the GAC Principles 2005 clearly sets the stage for such oversight by governments:

1.7. It is recalled that the WSIS Plan of action of December 2003 invites “Governments to manage or supervise, as appropriate, their respective country code top-level domain name.” Any such involvement should be based on appropriate national laws and policies. It is recommended that governments should work with their local Internet community in deciding on how to work with the ccTLD Registry.

84                    Within the context provided by Section 1.2 of the same document:

1.2. The main principle is the principle of subsidiarity. ccTLD policy should be set locally, unless it can be shown that the issue has global impact and needs to be resolved in an international framework. Most of the ccTLD policy issues are local in nature and should therefore be addressed by the local Internet Community, according to national law.

85                    The IFO currently seeks government approval for all ccTLD delegations and redelegations .

86                    ccTLD delegations and redelegations are affected.

87                    If the policy sources identified in Section II.A are affected, identify which ones are affected and explain in what way (applicability of local law for the administration by the IANA Functions Operator of ccTLDs associated with a specific country or territory (ccTLDs)

88                    This does not affect the policies listed in Section II.A .

89                    The entity or entities that provide oversight or perform accountability functions (applicability of local law for the administration by the IANA Functions Operator of ccTLDs associated with a specific country or territory (ccTLDs) )

90                    Local law should prevail unless the decision has a global impact.

91                    A description of the mechanism (applicability of local law for the administration by the IANA Functions Operator of ccTLDs associated with a specific country or territory (ccTLDs)

92                    Variable depending on the specific government.

93                    Jurisdiction and legal basis of the mechanism (applicability of local law for the administration by the IANA Functions Operator of ccTLDs associated with a specific country or territory (ccTLDs)

94                    Jurisdiction lies in that of the country or territory concerned.


  1. Proposed Post-Transition Oversight and Accountability

95                    This section should describe what changes your community is proposing to the arrangements listed in Section II.B in light of the transition. If your community is proposing to replace one or more existing arrangements with new arrangements that replacement should be explained and all of the elements listed in Section II.B should be described for the new arrangements. Your community should provide its rationale and justification for the new arrangements. If your community's proposal carries any implications for existing policy arrangements described in Section II.A, those implications should be described here. If your community is not proposing changes to arrangements listed in Section II.B, the rationale and justification for that choice should be provided here.

96                    III.A The Elements of This Proposal

97                    The sections below describe how the transition will affect each of the naming functions identified and what changes, if any, the CWG-Stewardship recommends addressing these effects. In summary, the CWG-Stewardship recommends:

         A new, separate legal entity, Post-Transition IANA (PTI), will be formed as an affiliate of ICANN.   The existing IANA functions, administrative staff, and related resources, processes, data, and know-how will be legally transferred to PTI.  

         ICANN will enter into a contract with PTI, granting PTI the rights and obligations to serve as the IANA Functions Operator (IFO) for the naming functions, and setting forth the rights and obligations of ICANN and PTI.   This contract will also include service level agreements for the naming functions.

         Changes proposed to Root Zone environment and relationship with Root Zone Maintainer.

 

98                    In developing this response, the CWG-Stewardship has been mindful of the “Principles and Criteria that Should Underpin Decisions on the Transition of NTIA Stewardship for Naming Related Functions” as developed and agreed to by the CWG-Stewardship and included in Annex C.

99                    Note: this Section III provides the high-level recommendations that should be read in conjunction with the relevant annexes, which provide additional details.

100                 III.A.i. Proposed Post-Transition Structure

101                 The objective of Section III is to present the changes required to replace the oversight and accountability performed by the NTIA via the NTIA IANA Functions Contract and NTIA’s role as Root Zone Management Process Administrator for the naming functions.

102                 Specifically, the oversight and accountability roles of the NTIA include the following:

         In relation to the IANA Functions Contract:

         Contract process including selection of operator and cancellation of the contract (accountability).

         Formal definition of the requirements and expectations of IANA by the NTIA – statement of work (oversight).

         Establishment and external monitoring of quality control and performance evaluation mechanisms (oversight and transparency).

         Issue resolution (accountability).

         In relation to NTIA’s role as Root Zone Management Process Administrator:

         Approval of all changes to the content of the Root Zone (oversight and accountability).

         Approval of all changes to the Root Zone environment, such as the implementation of DNSSEC (oversight and accountability).

         Approval of all external communications and reporting by IANA to external parties (oversight and accountability).

 

103                 The public consultation on the CWG-Stewardship’s initial transition proposal of 1 December 2014 confirmed that the respondents were satisfied with the current performance of ICANN as the IFO. Therefore, any new arrangements should maintain ICANN as the IFO at the time of transition and seek to implement mechanisms designed to provide similarly effective oversight and accountability (as those currently in place), minimize complexity and costs and maintain the security, stability, and resiliency of the DNS and the Internet. The public consultation on the CWG-Stewardship’s second draft proposal in April-May 2015 confirmed broad support for PTI and related structures, such as the IANA Function Review (IFR) and Customer Standing Committee (CSC). The CWG-Stewardship reviewed all input received and has updated the proposal accordingly. [3]

104                 In order to meet community expectations for the stewardship of the IANA Functions related to naming, the CWG-Stewardship, working on the premise that there is current satisfaction with ICANN’s IANA department performance and that ICANN should remain the IANA Functions Operator, agreed that a satisfactory transition proposal for the names community  requires the following elements:

         A contract similar to the current NTIA IANA Functions Contract to perform the IANA names functions post-transition;

         The ability for the multistakeholder community to ensure that ICANN acts according to community requests with respect to IANA names operations;

         Additional insulation, as needed, between operational and policymaking responsibilities and protections for the IFO;

         A mechanism to approve changes to the Root Zone environment (with NTIA no longer providing an approval process);

         The ability to ensure that the IANA Functions are adequately funded by ICANN;

         The ability for the multistakeholder community to require, and if necessary after substantial opportunities for remediation, the selection of a new operator for the IANA Functions as they relate to names.

 

105                 While this proposal originates from within the names community, it anticipates that, for reasons of coherence of the IANA function and overall operational logistics, all of the IANA functions will be transferred to PTI. However, it is not clear at the time of writing whether the other operational communities will undertake to contract directly with PTI (similar to the manner in which this response envisages ICANN will do), or whether those communities will have a contract with ICANN. If the other operational communities contract directly with PTI, then those communities will need to determine the terms of their contract with PTI for the support of their respective functions. On the other hand, if the other operational communities enter into a contract with ICANN, then ICANN will need to subcontract the performance of the functions to PTI. Which of these approaches is followed by the other operational communities is not relevant for the purposes of the present proposal, so long as those details are not inconsistent with this proposal. In any case, the arrangements for the non-names IANA functions are out of scope for this document except to the extent they impinge directly on the names functions. The CWG-Stewardship has also agreed that approval of all changes to the content of the Root Zone will no longer need authorization (as is currently the case) and that external communications and reporting will no longer need external approval post-transition. This final proposal attempts to meet all of the above requirements by:

         Creating PTI, a separate legal entity that will be an affiliate [4] controlled by ICANN [5] . The creation of PTI ensures both functional and legal separation within the ICANN organization.

         Establishing a contract between PTI and ICANN that will grant PTI the rights to act as the IFO, and set out the rights and obligations of PTI and ICANN.

         Establishing the CSC that is responsible for monitoring IFO performance according to contractual requirements and service level expectations, resolving issues directly with the IFO or escalating them if they cannot be resolved. [6]

         Establishing a series of issue resolution mechanisms to ensure that problems are resolved effectively.

         Ensuring ICANN accepts input from the multistakeholder community with respect to the annual IANA operations budget.

         Establishing a framework to approve changes to the Root Zone environment (with NTIA no longer providing oversight).

         Establishing a multistakeholder IANA Function Review (IFR) to conduct periodic and special reviews of PTI. [7] The results of the IFR will not be prescribed or restricted and could include recommendations to initiate a separation process (as described below), which could result in termination or non-renewal of the ICANN-PTI IANA functions contract among other actions.
 

106                 The CWG-Stewardship proposal is significantly dependent and expressly conditioned on the implementation of ICANN-level accountability mechanisms by the Cross Community Working Group on Enhancing ICANN Accountability (CCWG-Accountability) as described below. The co-chairs of the CWG-Stewardship and the CCWG-Accountability have coordinated their efforts and the CWG-Stewardship is confident that the CCWG-Accountability recommendations, if implemented as envisaged, will meet the requirements that the CWG-Stewardship has previously communicated to the CCWG. If any element of these ICANN level accountability mechanisms is not implemented as contemplated by the CWG-Stewardship proposal, this CWG-Stewardship proposal will require revision. Specifically, the proposed legal structure and overall CWG-Stewardship proposal requires ICANN accountability in the following respects:

  1. ICANN Budget and IANA Budget.   The ability for the community to approve or veto the ICANN budget after it has been approved by the ICANN Board but before it comes into effect. The community may reject the ICANN Budget based on perceived inconsistency with the purpose, mission and role set forth in ICANN’s Articles and Bylaws, the global public interest, the needs of ICANN stakeholders, financial stability or other matters of concern to the community. The CWG-Stewardship recommends that the IFO’s comprehensive costs should be transparent and ICANN’s operating plans and budget should include itemization of all IANA operations costs to the project level and below as needed. An itemization of IANA costs would include “Direct Costs for the IANA department”, “Direct Costs for Shared resources” and “Support functions allocation”.   Furthermore, these costs should be itemized into more specific costs related to each specific function to the project level and below as needed. PTI should also have a yearly budget that is reviewed and approved by the ICANN community on an annual basis. PTI should submit a budget to ICANN at least nine months in advance of the fiscal year to ensure the stability of the IANA services. It is the view of the CWG-Stewardship that the IANA budget should be approved by the ICANN Board in a much earlier timeframe than the overall ICANN budget. The CWG (or a successor implementation group) will need to develop a proposed process for the IANA-specific budget review, which may become a component of the overall budget review.
  2. Community Empowerment Mechanisms.   The empowerment of the multistakeholder community to have the following rights with respect to the ICANN Board, the exercise of which should be ensured by the related creation of a stakeholder community / member group:

(a)                               The ability to appoint and remove members of the ICANN Board and to recall the entire ICANN Board;

(b)                              The ability to exercise oversight with respect to key ICANN Board decisions (including with respect to the ICANN Board’s oversight of the IANA functions) by reviewing and approving (i) ICANN Board decisions with respect to recommendations resulting from an IFR or Special IFR and (ii) the ICANN budget; and

(c)                               The ability to approve amendments to ICANN’s “fundamental bylaws,” as described below.

  1. IFR .   The creation of an IFR which is empowered to conduct periodic and special reviews of the IANA functions (see Annex F). IFRs and Special IFRs will be incorporated into the Affirmation of Commitments mandated reviews set forth in the ICANN Bylaws.
  2. CSC . The creation of a CSC which is empowered to monitor the performance of the IANA functions and escalate non-remediated issues to the ccNSO and GNSO.   The ccNSO and GNSO should be empowered to address matters escalated by the CSC.
  3. Separation Process . The empowerment of the Special IFR to determine that a separation process is necessary and, if so, to recommend that a Separation Cross-Community Working Group (SCWG) be established to review the identified issues and make recommendations. See Annex L for more detailed information as to approval requirements with respect to the formation of a SCWG and approval of SCWG recommendations.
  4. Appeal mechanism .   An appeal mechanism, for example in the form of an Independent Review Panel, for issues relating to the IANA functions.   For example, direct customers with non-remediated issues or matters referred by ccNSO or GNSO after escalation by the CSC will have access to an Independent Review Panel.   The appeal mechanism will not cover issues relating to ccTLD delegation and re-delegation, which mechanism is to be developed by the ccTLD community post-transition.
  5. Fundamental bylaws .   All of the foregoing mechanisms are to be provided for in the ICANN bylaws as “fundamental bylaws.” A “fundamental bylaw” may only be amended with the prior approval of the community and may require a higher approval threshold than typical bylaw amendments (for example, a supermajority vote).

107                 Post-Transition IANA (PTI)

108                 In order to identify and isolate the IANA naming functions, both functionally and legally, from the ICANN entity, the CWG-Stewardship recommends the creation of a Post-Transition IANA (PTI). PTI will be a new legal entity in the form of a non-profit corporation (i.e., a California public benefit corporation). The existing IANA functions department, administrative staff, and related resources, processes, data, and know-how will be legally transferred to PTI. [8] No further transfer of assets from PTI to another entity will be allowed unless specifically approved by ICANN.

109                 At the outset, PTI will have ICANN as its sole member and PTI will therefore be a controlled affiliate of ICANN. ICANN will provide funding and administrative resources to PTI through an agreed-upon budget.

110                 A contract will be entered into between PTI and ICANN, which will grant PTI the rights to act as the IFO and set out rights and obligations of PTI and ICANN. The contract will provide for automatic renewal, subject to potential non-renewal by ICANN if recommended by the IANA Function Review (see further details below).

111                 PTI Board

112                 As a separate legal entity, PTI will have a board of directors and have the minimum statutorily required responsibilities and powers. The construct of the PTI Board will be a range of 3-5 people to be appointed by ICANN as the sole member of PTI. The PTI Board could be comprised of three directors who are employed by ICANN or PTI (for example, the ICANN Executive responsible for PTI, the ICANN CTO and the IANA Managing Director), and two additional independent directors. The two additional directors must be nominated using an appropriately rigorous nomination mechanism (e.g. through the use of the ICANN Nominating Committee). The CWG-Stewardship expects that this will avoid the need to replicate the complexity of the multistakeholder ICANN Board at the PTI level and maintain primary accountability at the ICANN level. Any issues that arise concerning the PTI and the PTI Board will therefore be able to be ultimately addressed through the overarching ICANN accountability mechanisms. [9]

113                 The function of the PTI Board is to provide oversight of the operations of PTI in order to to ensure that PTI meets , at a minimum, applicable statutory requirements under California public benefit corporation laws and, importantly, fulfills its responsibilities under the IANA functions contract with ICANN .

114                 The CWG-Stewardship recommends that the PTI Board skill set be evaluated as a whole and not on a per member basis, while also ensuring that each individual member is suitable and appropriately qualified to serve as a director of PTI in his or her own right. Accordingly, the PTI Board’s complete skill set should be balanced and cover an appropriate and complete composite of executive management, operational, technical, financial and corporate governance experience.

115                 IANA Contract and Statement of Work

116                 The issues currently addressed in the NTIA ICANN Functions Contract and related documents will be addressed in the ICANN-PTI IANA functions contract. Furthermore, the CWG-Stewardship expects that a number of existing provisions of the NTIA IANA Functions Contract will be carried over to the PTI Contract in the form of a Statement of Work (SOW), taking into account updates that will need to be made as a result of the changing relationship between IANA and ICANN as well as other recommendations outlined in Section III. In order for the community to have confidence in the robust and complete nature of the ICANN-PTI IANA Functions Contract, it is recommended that PTI have independent legal counsel to advise on the contract. The ICANN bylaws will reference the need for periodic and special review of the IANA Statement of Work through the IFR. An overview of provisions expected to be carried over into the ICANN-PTI IANA functions contract can be found in Annex E as well as Annex S which includes a draft proposed term sheet.

117                 IANA Function Review

118                 The CWG-Stewardship recommends an IANA Function Review (IFR), which will review PTI’s performance against the ICANN-PTI Contract and the SOW. The IFR will be obliged to take into account multiple input sources including community comments, CSC evaluations, reports submitted by PTI, and recommendations for technical or process improvements (see Customer Standing Committee section below). The outcomes of reports submitted to the CSC, and reviews and comments received on these reports during the relevant time period will be included as input to the IFR. The IFR will also review the SOW to determine if any amendments should be recommended. The IFR mandate is strictly limited to evaluation of PTI performance against the SOW and does not include any evaluation relating to policy or contracting issues that are not part of the ICANN-PTI IANA functions contract or the SOW.   In particular it does not include issues related to policy development and adoption processes, or contract enforcement measures between contracted registries and ICANN.

119                 The first IFR is recommended to take place no more than two years after the transition is complete. After the initial review, the periodic IFR should occur at intervals of no more than five years. The IFR should be set out in the ICANN Bylaws and included as a “fundamental bylaw” resulting from the work of the CCWG-Accountability and will operate in a manner analogous to an Affirmation of Commitments (AoC) review. The “fundamental bylaws” will be ICANN bylaws that will require the prior approval of the multistakeholder community to adopt or amend. The approval of an ICANN fundamental bylaw could also require a higher threshold than typical bylaw amendments, for example, a supermajority . The members of the IANA Function Review Team (IFRT) will be selected by the Supporting Organizations and Advisory Committees and will include several liaisons from other communities. While the IFRT is intended to be a smaller group, it will be open to non-member “participants” in much the same way as the CWG-Stewardship is.

120                 While the IFR will normally be scheduled based on a regular cycle of no more than five years [10] in line with other ICANN reviews, a Special IANA Function Review (Special IFR) may also be initiated under certain circumstances, as discussed in the following section.

121                 For further details, please see Annex F.

122                 Special IANA Function Review

123                 As mentioned above, IFRs will occur periodically or, in special circumstances, may be initiated outside of the normal periodic schedule. A non-periodic or “Special” IANA Function Review (Special IFR) could only be initiated when the following escalation mechanisms and methods have been exhausted:

         CSC Remedial Action Procedures are followed and fail to correct the identified deficiency (see Annex G); and

         The IANA Problem Resolution Process is followed and fails to correct the identified deficiency (see Annex J).

 

124                 For further details, please see Annex F.

125                 Following the exhaustion of the above escalation mechanisms, the ccNSO and GNSO will be responsible for checking and reviewing the   outcome of the CSC process (as defined in Annex G), and the IANA Problem Resolution Process (as defined in Annex J) and for determining whether or not a Special IFR is necessary. After consideration, which may include a public comment period and must include meaningful consultation with other SO/ACs, the Special IFR could be triggered. In order to trigger a Special IFR, it would require a vote of both of the ccNSO and GNSO Councils (each by a supermajority vote according to their normal procedures for determining supermajority). The Special IFR will follow the same multistakeholder cross community composition and process structure as the periodic IANA Function Review. The scope of the Special IFR will be narrower than a periodic IFR, focused primarily on the identified deficiency or problem, its implications for overall IANA performance, and how that issue is best resolved. As with the periodic IFR, the Special IFR is limited to a review of the performance of the IANA Functions operation, including the CSC, but should not consider policy development and adoption processes or the relationship between ICANN and its contracted TLDs.

126                 There is no prescribed outcome for an IFR, whether special or periodic. Recommendations could span from “no action required” to the introduction of operational remediation requirements, to the initiation of a separation process, described below. In the case of a Special IFR, it is expected that the recommendations of the IFRT will describe how the proposed remedial procedures are expected to address the identified deficiency.

127                 As described in Annex L, an IFR may determine that a separation process is necessary. In making this determination, the IFR is not responsible for recommending a type of separation. If the IFR determines that a separation process is necessary, it will recommend the creation of the Separation Cross-Community Working Group (SCWG). This recommendation will need to be approved by both of the ccNSO and GNSO Councils (each by a supermajority vote,according to their normal procedures for determining supermajority), and will need to be approved by the ICANN Board after a public comment period, as well as a community mechanism derived from the CCWG-Accountability process. [11] A determination by the ICANN Board to not approve an SCWG that had been supported by a supermajority of the ccNSO and GNSO Councils will need to follow the same supermajority thresholds and consultation procedures as ICANN Board rejection (by a supermajority vote) of a PDP recommendation that is supported by a GNSO supermajority.

 

128                 III.A.ii. Proposed Oversight & Accountability Replacement

129                 Customer Standing Committee (CSC) - Overseeing performance of IANA Functions as they relate to naming services

130                 The CWG-Stewardship recommends the creation of a CSC to monitor the performance of PTI with the following mission:

The Customer Standing Committee (CSC) has been established to perform the operational oversight previously performed by the U.S. Department of Commerce’s National Telecommunications and Information Administration as it relates to the monitoring of performance of the IANA naming function. This transfer of responsibilities took effect on [date].

The mission of the CSC is to ensure continued satisfactory performance of the IANA function for the direct customers of the naming services. The primary customers of the naming services are TLD registry operators, but also include root server operators and other non-root zone functions.

The mission will be achieved through regular monitoring by the CSC of the performance of the IANA naming function against agreed service level targets and through mechanisms to engage with the IANA Functions Operator to remedy identified areas of concern.”

131                 The CSC is not mandated to initiate a change in the IANA Functions Operator via a Special IANA Function Review, but could escalate to the ccNSO and GNSO Councils or either body in the specific case where the issue in question applies only to ccTLDs or gTLDs respectively, which might then decide to take further action using agreed consultation and escalation processes (see Annex J).

132                 The complete proposed charter of the CSC can be found in Annex G.

133                 Service Level Expectations (SLEs)

134                 The CWG-Stewardship reviewed the performance standards established under the IANA contract between NTIA and ICANN and considered these inadequate for a registry service of such global importance. In light of the cessation of NTIA’s independent stewardship and authorization role, it is an appropriate time for customers to re-evaluate the current minimum acceptable service levels, reporting requirements and breach levels.

135                 The CWG-Stewardship is not proposing any changes to the current work flow process.

136                 The CWG-Stewardship is suggesting that there is a requirement placed on IANA staff, (as part of the implementation phase) to measure, record and report additional details of transaction times for each Root Zone Management process. Such transparency will provide factual information to assist the CSC, IFRT and the Community to determine and confirm that IANA Functions Operator is continuing to provide non-discriminatory service to the naming community.

137                 The CWG-Stewardship also proposes a set of guiding principles that will help define the expectation for the monitoring and reporting environment, and guide the definition of the individual criteria used for reporting and assessment of the naming-related portions of the IANA Functions. Work to define the final SLEs will be on-going in order to be included with the proposal submitted to the NTIA and will be run in parallel with the ICG process to review the CWG-Stewardship proposal. The objective is to ensure that the naming proposal is not delayed by work to define the SLEs and so to optimize use of the time prior to the final submission of a proposal to the NTIA.

138                 For furt her details, please see Annex H.

 

139                 Escalation Mechanisms

140                 The CWG-Stewardship recommends requiring the continuation, with minor modifications, of a progressive set of escalation steps that can be performed for emergency situations as well as customer service complaints and a new problem resolution process, as applicable, for individual TLD registry operators, or others with relevant IANA Functions operational issues. Three processes are recommended: [12]

1)       Customer Service Complaint Resolution Process
This process is for anyone who has a complaint about IANA services. [13] The CWG-Stewardship has modified the current process used by ICANN by adding some steps at the end. For further details, please see Annex I.

2)       IANA Problem Resolution Process (for IANA naming services only)
This is a new process created for persistent performance issues or systemic problems associated with the provision of IANA naming services. [14] For further details, please see Annex J.

3)       Root Zone Emergency Process
This process is for TLD managers in cases where expedited handling is required and is the same as the process currently used by ICANN, but reflects the post-transition environment.

141                 The details of these processes, including proposed modifications to the existing processes to reflect the transition, can be found in Annexes I (IANA Customer Service Complaint Resolution Process), J (Problem Resolution Process (for IANA naming services only)) and K (Root Zone Emergency Process). Furthermore a flow chart outlining the different steps and relationship between the Customer Service Complaint Resolution Process and the IANA Problem Resolution Process can be found in Annex J-1.

142                 Separation Process

The CWG-Stewardship recommends that an ICANN fundamental bylaw be created to define a separation process that can be triggered by a Special IFR if needed. The Special IFR will only occur if other escalation mechanisms and methods have been exhausted. If the Special IFR recommends a separation process, a Separation Cross Community Working Group (SCWG) which will be formed to review the issues and make recommendations. The recommendations of a Special IFR will need to be approved by a supermajority vote of each of the ccNSO and GNSO Councils, the ICANN Board, and a community mechanism derived from the CCWG-Accountability process before they can be moved to implementation. [15] Any new IFO (or other separation process) will be subject to the approval of the ICANN Board , and a community mechanism derived from the CCWG-Accountability process. [16]

 

There will be no prescribed result arising from the separation process. The SCWG will be empowered to make a recommendation ranging from “no action required” to the initiation of an RFP and the recommendation for a new IFO, or the divestiture or reorganization of PTI. In the case of a recommendation for any action, ICANN is expected to cover all costs i.e. costs related to the then transition, costs related to the possible selection of a new IFO and the ongoing operating costs of the successor operator. Moreover, in bearing such costs, it is to be required of ICANN that it does not raise fees from TLD operators (registries, registrars and, indirectly, for registrants) in order to do so.

143                 For further details please see Annex L.

144                 Framework for Transition to Successor IANA Functions Operator

145                 The CWG-Stewardship recommends the continuation of the current transition framework for the IANA Functions, with relevant modifications, should it be, for whatever reason, necessary for the IANA Functions to be transitioned from the incumbent IFO to a successor IFO. This framework will be set forth in the ICANN-PTI Contract and will be based upon the current NTIA-ICANN contract clause C.7.3, “Plan for Transition to Successor Contractor.” The transition framework should be part of the operations and management of the IANA Functions going forward and be considered part of the operator’s business contingency and continuity of operations planning. [17] This is a framework only and it is expected – as per the following recommendations – that a full plan will be developed post-IANA Stewardship Transition. The principles and recommendations for the future evolution of the Framework for Transition to Successor IANA Functions Operator include:

1)       The integrity, stability, and availability of the IANA Functions must be the core concern during any transition of the IANA Functions.

2)       The transition framework must be further developed and maintained by PTI, with ICANN input, into a detailed, fully functional, transition plan within 18 months from the completion of the IANA Stewardship Transition.

3)       The budget for IANA operations should be augmented with specific funding for the detailed transition plan development referred to in 2 (above).

4)       The process established for the potential transitioning of the IANA Functions to an operator other than the incumbent should specifically recognize that the detailed transition plan referred to in 2 (above) must be in place before the commencement of the transitioning process.

5)       Both the incumbent and the successor IANA Functions Operators will be required to fully engage in the transition plan and to provide appropriate transition staff and expertise to facilitate a stable transition of the IANA Functions.

6)       Once developed, the full Transition to Successor IANA Functions Operator Plan should be reviewed every year by IANA staff, in conjunction with the CSC/Community as necessary, to ensure that it remains up to date, and reviewed every five years to ensure that it remains fit for purpose.
 

146                 For further information, see Annex M.

147                 III.A.iii Proposed changes to Root Zone environment and relationship with Root Zone Maintainer

148                 In relation to the Root Zone Management Process Administrator role that is currently performed by NTIA, the CWG-Stewardship recommends that this role be discontinued post-transition. As a result of this discontinuation the CWG-Stewardship recommends:

149                 Recommendations related to the elimination of NTIA Authorization of changes to the Root Zone content and the associated WHOIS database

 

150                 Currently, changes to the Root Zone File, as well as changes to the Root Zone WHOIS Database, are transmitted to the NTIA for authorization. Such changes cannot be enacted without explicit positive authorization from the NTIA. Post-transition, no authorization for Root Zone change requests will be needed.

1)       Changes will be required to the IFO and Root Zone Maintainer software to remove this requirement. In the very short term, if making the software changes cannot be completed before the transition and/or to avoid multiple coincident changes, the existing software could be used and IANA staff could authorize the changes (effectively fulfilling the current role of the NTIA at this point in the process).

2)       Currently there is a Cooperative Agreement between the NTIA and the Root Zone Maintainer. The NTIA has said that there will be a parallel but separate transition to disengage the NTIA from the Root Zone Maintainer. The exact form of this transition is not currently known, nor what, if anything, will replace the current Cooperative Agreement and the parties involved in providing the services currently covered under the Cooperative Agreement.

a)        If that transition is not completed prior to the IANA Stewardship Transition, the Cooperative Agreement will likely have to be amended by the NTIA to allow Verisign, acting as the Root Zone Maintainer, to implement changes to the Root Zone requested by the IFO without requiring approval from NTIA.

b)        If the Root Zone Maintainer transition is completed prior to, or in conjunction with, the IANA Stewardship Transition, the new arrangements must provide a clear and effective mechanism to ensure that PTI can have its change requests for the Root Zone implemented in a timely manner by the Root Zone Maintainer (possibly via an agreement between the Root Zone Maintainer and the IFO).

3)       It should be determined whether or not additional checks/balances/verifications are required post transition. The CWG-Stewardship recommends that a formal study be undertaken post transition to investigate whether there is a need to increase (and if so, how) the robustness of the operational arrangements for making changes to the Root Zone content to reduce or eliminate single points of failure. [18] This study should include a risk analysis and cost/benefit analysis factoring in the history and possibility of such problems. Any new procedures/processes should be designed to minimize:

a)        The potential for accidental or malicious changes or omissions by the IFO or Root Zone Maintainer.

b)        The potential for out-of-policy changes by the IFO. The term “policy” is used in its most general sense, representing formal Policy adopted by ICANN as well as established standards, practices, and processes.

c)        The potential for accidental or malicious errors in the communications path from the IFO to the Root Zone Maintainer.

d)       The potential for accidental outages or malicious actions related to the telecommunications infrastructure serving the IFO and the Root Zone Maintainer. Such outages or actions could be related to the infrastructure shared with ICANN.

151                 Any changes to procedures or processes should be based on a cost/benefit and risk analysis factoring in the history and possibility of such problems. The review should involve all parties that may be affected or impacted by any changes to be implemented.

152                 Changes to the Root Zone Management Architecture and Operation

153                 Per the NTIA IANA Functions Contract, NTIA approval was required for the implementation of all changes to the Root Zone environment such as DNSSEC as well as many classes of changes to IANA Functions Operator processes (including what may be published). The NTIA has contributed and opened avenues to resources (such as those from NIST – the National Institute of Standards and Technologies, a part of the U.S. Department of Commerce in efforts surrounding DNSSEC). Moreover as the Root Zone Administrator, they have been the entity to ultimately approve the changes going forward.

154                 Post-Transition

155                 The CWG-Stewardship recommends that a replacement of this approval function be put in place for significant architectural and operational changes. Although it is clear that the DNS-related technical and operational communities have both the technology skills and appropriate incentives to make prudent and cautious changes, the critical nature of the Root Zone makes it necessary to formalize approval of major architectural and operational changes.

1)       Formal approval to proceed with a change shall be granted by the ICANN Board.

2)       The Board shall grant approval on the recommendation of a standing committee with a proposed membership of: an ICANN Board member (possibly as Chair), a senior IANA Functions Operator administrator or delegate, and Chairs or delegates of the SSAC, RSSAC, ASO and IETF, [19] a representative of the GNSO RySG, a representative of the ccNSO and a representative of the Root Zone Maintainer. The standing committee will select its chair. The RySG and ccNSO representatives will ensure appropriate communications with the CSC.

3)       The standing committee will not necessarily be the group that considers the details of the issue under consideration, but it will be responsible for ensuring that those involved in the decision include all relevant bodies and have access to necessary expertise.

4)       Issues may be brought to the standing committee’s attention by any of its members, by PTI staff, or by the CSC.

5)       For architectural changes that impose potential risk to the security, stability, or resiliency of the Root system (as identified by at least one standing committee member and agreed by a simple majority of members), there should be public consultation through the standard ICANN public comment process.

6)       To the extent allowed based on the need for security and contractually required confidentiality, the proceedings of the standing committee should be open and transparent.

7)       Since it is not possible to formally define “significant”, all parties should err on the side of prudence and raise issues for the consideration of the standing committee when there is any question of it being required. The standing committee may decide that it does not need to consider the issue.

8)       The standing committee should coordinate with the NTIA at the time of transition to transfer relevant information about any ongoing major architectural and operational changes so that any such ongoing activities are not delayed or lost due to the transition.

156                 The CWG-Stewardship further recommends that for changes internal to the IANA Functions Operator and for those related to reports and communications, no external approval shall be needed. Such decision should be made, where appropriate, in consultation with the community, or the standing committee.

157                 The CWG-Stewardship recommends that post-transition IFO budgets must support the operator’s capability to investigate, develop and deploy Root Zone enhancements required to keep the Root Zone and its management evolving.

158                 Principles

 

1)       Transparency: To the extent allowed by external agreements and as necessitated by security and privacy issues, the IFO should operate in a transparent manner. Reports on the IFO operations should not be withheld unless there are explicit and defendable needs for confidentiality.

2)       Control of Root Zone Management : Currently, updating the Root Zone requires the active participation of three parties: the IFO, the Root Zone Maintainer and the NTIA. The IFO receives change requests from various sources, validates them, and sends them to the Root Zone Maintainer who, once they are authorized by the NTIA, updates the Root Zone File, DNSSEC signs it and distributes it to the Root operators.

Post transition there will only be the IFO and the Root Zone Maintainer. The CWG- Stewardship is not recommending any change in the functions performed by these two               roles at this time. The CWG-Stewardship is recommending that should there be               proposals to make changes in the roles associated with Root Zone modification, that               such proposals should be subject to wide community consultation.

3)       Future changes to the Root Zone Management process must be made with due consideration to the IANA Functions Operator’s and Root Zone Maintainer’s abilities to process change requests expeditiously.

 

 

 

 

 

 

 

159                 III.A.iv. Other

 

160                 ccTLD Delegation Appeals

The CWG-Stewardship recommends not including any appeal mechanism that would apply to ccTLD delegations and redelegations in the IANA Stewardship Transition proposal. For further information, see Annex O.

161                 IANA Budget [20]

162                 In order for the multistakeholder community to steward the IANA Functions, the CWG-Stewardship recommends that: [21]

1)       The IFO’s comprehensive costs should be transparent for any future state of the IANA Function.

2)       Future Fiscal Year (FY) ICANN Operating Plans & Budgets, and if possible even the FY16 ICANN Operating Plan & Budget, include at a minimum itemization of all IANA operations costs in the FY ICANN Operating Plan & Budget to the project level and below as needed.

163                 Further details on the expected detail, based on the information provided in relation to the FY15 budget, can be found in Annex P. Furthermore, the CWG-Stewardship has identified a number of items for future work that can be found in Annex Q. In relation to PTI, the CWG-Stewardship recommends that PTI should develop and annually update a four-year strategic plan, which should outline strategic priorities, while PTI should also have a yearly budget that is reviewed by the ICANN community. A fully approved budget should be developed on an annual basis. PTI should submit a budget [22] to ICANN at least nine months in advance of the fiscal year to ensure the stability of the IANA services. It is the view of the CWG-Stewardship that the IANA budget should be approved by the ICANN Board in a much earlier timeframe than the overall ICANN Budget. PTI’s actual financial performance should be measured monthly against the PTI budget, and should be reported to the PTI Board. In addition to any statutory requirements, it is the view of the CWG that an independent financial audit of PTI’s financial statements must also be required.

164                 Regulatory and Legal Obligations

165                 The handling of requests for statutory waivers or licenses relating to its IFO’s legal obligations in its legal domicile (e.g., from the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC)) is a generally-applicable legal obligation regardless of who is serving as the IANA Functions Operator.   ICANN already has a process in place for seeking any necessary licenses, and will continue to work with contacts at relevant authorities to identify ways to streamline those requests. A statutory waiver of OFAC requirements may be possible if a new statute authorizes the transition.   Such a statutory waiver could provide that the President of the United States may not use trade sanctions with respect to the IANA Functions Operator. For licenses or waivers that relate to the IANA Function, ICANN must commit that any licenses or waivers it seeks will also be sought for the IANA Functions Operator and for the Root Zone Maintainer as well, so that a single request for any applicable entity is required.

166                              III.B.  Implications for the interface between the IANA Functions and existing policy arrangements

167                 For the IANA naming services, the proposal seeks to retain the functional separation between the policy development processes and the IANA Functions.

 


  1. Transition Implications

168                 This section should describe what your community views as the implications of the changes it proposed in Section III. These implications may include some or all of the following, or other implications specific to your community:

         Description of operational requirements to achieve continuity of service and possible new service integration throughout the transition.

         Risks to operational continuity and how they will be addressed.

         Description of any legal framework requirements in the absence of the NTIA contract.

         Description of how you have tested or evaluated the workability of any new technical or operational methods proposed in this document and how they compare to established arrangements.

         Description of how long the proposals in Section III are expected to take to complete, and any intermediate milestones that may occur before they are completed.

169                 IV.A. Operational requirements to achieve continuity of service and possible new service integration throughout the transition

170                 This section should describe what your community views as the implications of the changes it proposed in Section III.

         Description of operational requirements to achieve continuity of service and possible new service integration throughout the transition.

         Risks to operational continuity and how they will be addressed.

 

171     Continuity of service issues associated with the transition should be minimized given that the CWG Stewardship transition proposal recommends the continuation of using ICANN as the IFO.

172     Although the CWG-Stewardship proposes a structural change with the legal separation of the IFO from ICANN (with the IANA functions to be transferred to PTI, an ICANN affiliate), for practical and administrative reasons it is expected that this change will have little or no impact on any of the IFO customer operations throughout the transition, given that the IFO systems, processes, procedures and personnel for these activities will remain exactly the same.

173                 For the naming community the services it requires from the IFO are:

         Operating the public interface to the top level WHOIS database.

         Operating the .INT TLD. [23]

         Implementing, or participating in, the implementation of changes to the Root Zone environment.

         Validation processes for adding, modifying or removing TLDs to the Root Zone and the associated WHOIS database (and associated systems for supporting this).

         Requesting changes to the Root Zone upon validation of a request by the IFO (and associated systems for supporting this).

174                 Operating the TLD WHOIS and the .INT TLD - The CWG-Stewardship does not propose any material changes with respect to the IFO operating the top level WHOIS database.

175                 Implementing changes to the Root Zone environment - The implementation of changes to the process to approve changes to the Root Zone environment are required with the NTIA removing itself from the final approval of all such changes. The CWG-Stewardship transition proposal recommends that the ICANN Board take over the responsibility of approving all substantive (architectural) changes to the Root Zone environment (such changes being rare events). In line with the NTIA process, the ICANN Board would only approve any such changes if these maintained the security, stability, and resiliency of the Internet (ICANN’s first core value as per its Bylaws) and would be supported by a majority of the concerned and affected parties. ICANN will coordinate with the NTIA for any ongoing approval processes for significant changes to the Root Zone environment to ensure continuity of these. As such it is expected that the transition should not generate any issues with continuity of service associated with this for the IFO naming customers.

176                 Validation processes of customer requests for changes to the Root Zone – The CWG-Stewardship recommends removing the authorization requirement currently performed by the NTIA for all change requests to the Root Zone or its associated WHOIS database because it does not contribute in a significant fashion to the security, stability, and resiliency of the Internet DNS. This approval function is currently underpinned by a secure computer based system between IFO, NTIA, and Verisign acting as the Root Zone Maintainer. Until such time as this system can be modified IANA has confirmed it could simply act as NTIA in this system allowing it to approve its own requests for changes to the Root Zone, thus removing the requirement for NTIA authorization. As such it is expected that this element of the transition should not generate any issues with continuity of service for the IFO naming customers.

177                 Requesting changes to the Root Zone - Requesting changes to the Root Zone and its associated WHOIS database upon validation of a request. The Root Zone maintainer is responsible for implementing change requests from the IFO. Given the NTIA has stated that the transition of the Root Zone Maintainer function will be a separate process (which is not the responsibility of the CWG-Stewardship and has yet to be initiated), [24] this element is beyond the scope of the CWG-Stewardship. The CWG-Stewardship assumes that the NTIA will ensure that there is a suitable Root Zone Maintainer service available to the IFO that can function using current systems.

178                 As described above, continuity of service is assured: there are no material changes to the operation of the WHOIS database or the .INT TLD; and changes have been accounted for in the Root Zone environment, to the extent of the CWG-Stewardship’s scope of work. The CWG-Stewardship further ensures continuity of oversight of service by establishing the CSC. The CSC would oversee operations for IANA naming services, re placing NTIA oversight. The CSC is envisioned as customer-based, and inclusive of other operational communities – should these communities wish to liaise expertise regarding naming services operations. In the CSC, the CWG-Stewardship strengthens a customer-based stewardship of the IANA functions.

179                 IV.B. Description of any legal framework requirements in the absence of the NTIA contract

180                 This section should describe what your community views as the implications of the changes it proposed in Section III.

         Description of any legal framework requirements in the absence of the NTIA contract.

 

181                 To provide IANA services to the naming community, the CWG-Stewardship recommends that a new separate legal entity, PTI, be formed as an affiliate of ICANN. In this structure, the existing IANA functions, administrative staff, and related resources, processes, data, and know-how will be legally transferred into PTI. There will be a new ICANN-PTI contract established as a replacement to the current NTIA IANA Functions Contract. The terms of the ICANN-PTI contract will reflect the CWG-Stewardship proposed structure, including escalation and review mechanisms. [25] The CWG-Stewardship views the ICANN-PTI contract as a legal framework requirement in the absence of the NTIA IANA Functions Contract: however, given the implications of the proposed PTI structure are more importantly anchored in its associated accountability mechanisms, this section will focus on PTI rather than the contract to which it will be party. 

182                 As stated above, the CWG-Stewardship proposal foresees moving all IANA functions to PTI. If they decide to do so, the number and protocol communities can continue their agreements with ICANN, which the CWG envisages will then subcontract all the IANA Functions related work to PTI.

183                 The CWG-Stewardship proposal surrounds PTI with an accountability framework that strengthens the fulfillment of the NTIA requirements (see Section V). This framework includes the CSC, the IFR, the Special IFR, and the enhanced customer complaint and escalation mechanisms.

184                 The establishment of the CSC and the IFR (periodic and special) should be ensured by ICANN Bylaw changes. Since the CSC and IFRs are not separate legal entities, they can be created within the ICANN community structure, similar to working groups, and formalized through the related enhancements proposed in the CCWG-Accountability Work Stream 1 Proposal.

185                 The escalation mechanisms and customer service complaint procedures are described in Annexes I and J; a flowchart of the escalation processes is provided in Annex J-1. These mechanisms are not by default legal recourse and therefore do not imply changes to be further developed in this section. These mechanisms and procedures, however, are part of the accountability framework that will replace NTIA’s oversight and contract.

186                 In the proposed accountability structure, the CWG-Stewardship has focused exclusively on the needs of the naming community. However, the CWG-Stewardship acknowledges that there are elements of the proposed accountability structure that may be of interest to the other operational communities, including, but not limited to, options for existing or new arrangements in contracting services to IFO.

187                 IV.C. Workability of any new technical or operational methods

188                 This section should describe what your community views as the implications of the changes it proposed in Section III.

         Description of how you have tested or evaluated the workability of any new technical or operational methods proposed in this document and how they compare to established arrangements.

189                 No new technical or operational methods are being proposed beyond those necessary for replacing the NTIA acting as the IANA Functions Contract Administrator and the Root Zone Management Process Administrator. The necessary changes include the accountability mechanisms associated with the creation of PTI as an affiliate of ICANN and the Root Zone environment. Implications of the changes to the Root Zone environment are described in Section IV. A, and implications of the proposed accountability framework, including the PTI, the ICANN-PTI Contract, the IFR, the CSC, and the customer complaint and escalation procedures are described in Section IV. B.

190                 The CWG-Stewardship has evaluated these elements and determined that all are workable. A summary of the evaluations is provided below. The scores reflect a qualitative assessment by the CWG-Stewardship of whether the specific element was workable on a scale of 0-3, with 0 indicating a significant requirement or negative impact and 3 indicating no requirement or impact. For details of the methodology, please refer to Annex R.

Element Being Analyzed

Score

Evaluation

PTI as an affiliate of ICANN

score = 8/15 = 53%

workable

Contract between ICANN and PTI

score = 12/15 = 80%

workable

IFR

score = 9/15 = 60%

workable

CSC

score = 11/15 = 73%

workable

Customer complaint and escalation procedures

score = 11/15 = 73%

workable

Approving changes to the Root Zone environment

score = 8/15 = 53%

workable

Replacing NTIA as the Root Zone Management Process administrator

score = 13/15 = 87%

workable

 

191                 In addition to the CWG-Stewardship evaluation, the CCWG-Accountability Work Stream 1 Proposal further addresses “Stress Tests” that test the proposed structure against various scenarios. Since the CCWG-Accountability document is currently in draft form, this section only refers to the relevant Stress Tests, and directs the reader directly to the CCWG-Accountability document for further detail. Relevant CCWG-Accountability Stress Tests: [26]

         Failure to Meet Operational Expectations

         Stress Test #1: Change authority for the Root Zone ceases to function, in part or in whole. [27]  

         Stress Test #2: Authority for delegations from the Root Zone ceases to function, in part or in whole. [28]

         Stress Test #11: Compromise of credentials. [29]

         Stress Test #17: ICANN attempts to add a new TLD in spite of security and stability concerns expressed by technical community or other stakeholder groups. [30]

         Stress Test #21: A government official demands ICANN rescind responsibility for management of a ccTLD from an incumbent ccTLD Manager. [31]

         Legal/Legislative Action

         Stress Test #19: ICANN attempts to redelegate a gTLD because the registry operator is determined to be in breach of its contract, but the registry operator challenges the action and obtains an injunction from a national court. [32]

         Stress Test #20: A court order is issued to block ICANN’s delegation of a new TLD because of a complaint by an existing TLD operator or other aggrieved parties. [33]

         Failure of Accountability to External Stakeholders

         Stress Test #25: ICANN delegates or subcontracts its obligations under a future IFO agreement to a third party.  Would also include ICANN merging with or allowing itself to be acquired by another organization. [34]

 

192                 IV.D. Length the proposals in Section III are expected to take to complete, and any intermediate milestones that may occur before they are completed

193                 This section should describe what your community views as the implications of the changes it proposed in Section III.

         Description of how long the proposals in Section III are expected to take to complete, and any intermediate milestones that may occur before they are completed.

 

194                 The CWG-Stewardship’s proposed changes are to be implemented after NTIA approval of the IANA Stewardship Transition plan. Some changes are ready to be implemented, and others may require further assessment by the ICG as they may affect and be of interest to other communities involved in the IANA Stewardship Transition. For all changes, including changes that do not require further assessment by the ICG, the community will work with ICANN in implementation. The CWG-Stewardship expects that the following implementation items could be completed in approximately three to four months, in accordance with the advice of independent legal counsel: (1) identifying the ICANN assets that relate to the IANA functions to be assigned to PTI and assigning those assets to PTI pursuant to an assignment agreement to be entered into between ICANN and PTI, (2) incorporating PTI and drafting the PTI governance documents (i.e., articles of incorporation and bylaws) and (3) drafting, negotiating and finalizing the ICANN-PTI Contract. [35] The CWG-Stewardship has attempted an initial list of elements for implementation as follows:

         Service Levels : A set of guiding principles for the review of the current SLEs used by the IFO have been produced and accepted by the IFO. The sub-group of the CWG-Stewardship responsible for this work (DT-A) will continue its work, using these principles, after the CWG has transmitted its proposal to the ICG, and prior to the ICG submitting its proposal to the NTIA. The objective of this work is to produce a complete and detailed set of recommendations in conjunction with the IFO for the updating of SLEs used by the IFO (this pre-transition work requires approval by the NTIA before the IFO can proceed). These recommendations would be provided to the CSC, post-transition, for its consideration, approval and implementation according to a schedule developed jointly with the IFO.

         IANA Budget : The CWG-Stewardship worked closely with ICANN Finance in developing recommendations for transparent budget processes and itemizations regarding IANA operations costs. Recommendations on ICANN’s budgeting process can be implemented as further details of the CWG Accountability proposal are defined and approved. [36] Developing a PTI budget is part of, and dependent on, the establishment of PTI. There are other recommendations (in particular, the ability of the community to approve/veto the ICANN budget) that have been requested of the CCWG-Accountability as part of a key dependency with the CCWG-Accountability as soon as their work is finalized.

         PTI : The CWG-Stewardship worked closely with legal counsel in the reasoning and development of the PTI concept. Much research and many memoranda were provided to the CWG-Stewardship that may be useful for consideration in implementation. [37] At this stage, considering possible interest and modifications pending from the other operational communities, the ICG may propose modifications to PTI.

         ICANN-PTI Contract : The CWG-Stewardship, with assistance from its legal counsel, developed a draft proposed term sheet, which can be used as a basis to develop the ICANN-PTI term sheet and ultimately the future contract with ICANN. PTI will need to be established, and have the benefit of advice from independent legal counsel,  before it can enter into this contract.

         CSC : The CWG-Stewardship has developed a charter for the CSC, which is usually the first step in chartering a working group with ICANN. In this sense, the CSC is ready for implementation. However, the CSC construct will need to be incorporated into the ICANN Bylaws as a fundamental bylaw as part of a key dependency with the CCWG-Accountability as soon as their work is finalized. A few elements to consider upon implementation of the CSC, once established:

         What form of consultation is envisioned to take place between ccNSO and GNSO Councils in relation to approving the membership of the CSC?

         Are candidates who have been proposed to act as temporary replacements to the CSC required to provide an Expression of Interest?

         Determine how CSC will decide on who will be liaison to the SCWG. 

         What process should the CSC follow in the event it identifies a persistent performance issue or systemic problem that is not serious? Is it still required to follow a Remedial Action?

         The CWG-Stewardship recommends that a series of best practice governance guidelines be established as part of the implementation process for the purpose of ensuring that the CSC manages issues such as potential or perceived conflicts of interest.

         IFR (Periodic and Special) : Although the first periodic IFR will not commence until two years after the IANA Stewardship Transition, it is possible that a Special IFR could be triggered prior to that time. As with the CSC, the IFR will need to be incorporated into the ICANN Bylaws as a fundamental bylaw as part of a key dependency with the CCWG-Accountability as soon as their work is finalized.

         Changes to customer complaints and escalation mechanisms : The CWG-Stewardship consulted ICANN’s IANA department in developing these mechanisms, and believes that these modifications are ready for implementation.

         Implementing changes to the Root Zone environment: The CWG-Stewardship transition proposal recommends that the ICANN Board take over the responsibility of approving all substantive (architectural) changes to the Root Zone environment (such changes being rare events). ICANN will coordinate with the NTIA for any ongoing approval processes for significant changes to the Root Zone environment to ensure continuity of these. Note that changes to the Root Zone environment may be contingent on what happens with the parallel Root Zone Maintainer Cooperative Agreement, which is not in the scope of the CWG-Stewardship’s work.

         Community empowerment mechanisms : These have been requested of the CCWG-Accountability as part of a key dependency with the CCWG-Accountability as soon as their work is finalized. [38]

         Appeal mechanism : This have been requested of the CCWG-Accountability as part of a key dependency with the CCWG-Accountability as soon as their work is finalized.

 


  1. NTIA Requirements

195                 Additionally, NTIA has established that the transition proposal must meet the following five requirements:

         Support and enhance the multistakeholder model;

         Maintain the security, stability, and resiliency of the Internet DNS;

         Meet the needs and expectation of the global customers and partners of the IANA services;

         Maintain the openness of the Internet.

         The proposal must not replace the NTIA role with a government-led or an inter-governmental organization solution.

 

196                 This section should explain how your community’s proposal meets these requirements and how it responds to the global interest in the IANA functions.

 

197                 This proposal addresses each of the NTIA’s requirements as follows:

198                 V.A. Support and enhance the multistakeholder model

199                 The naming community depends upon ICANN’s multistakeholder policymaking structure to develop its processes and policies. While the direct policymaking groups are the GNSO and the ccNSO, the Advisory Committees – ALAC, GAC, RSSAC, and SSAC – are essential parts of the multistakeholder model. Processes in the ICANN multistakeholder model are bottom-up, transparent, and inclusive of all stakeholders. The CWG-Stewardship reinforces and enhances the multistakeholder model by keeping policy development separate from the IANA operations and focusing on the needs of the operational community by establishing transparent and direct control over PTI, specifically by:

         Replacing NTIA oversight of IANA with ICANN oversight of PTI ensured by the CSC and IFR Team, the latter being a multistakeholder entity. Both include non-ICANN participants, thus maintaining and enhancing the multistakeholder model.

         CSC and IFR Team escalation mechanisms (developed in CWG-Stewardship and CCWG-Accountability proposals) are based on open and transparent processes, and multistakeholder decisions (which include non-ICANN naming related participants), thus enhancing multistakeholder implication.

 

200                 V.B. Maintain the security, stability, and resiliency of the Internet DNS

201                 The security, stability and resiliency of the Internet DNS are core values for ICANN as attested by the first item of Section 2 of the ICANN Bylaws which states:

202                 In performing its mission, the following core values should guide the decisions and actions of ICANN:

1. Preserving and enhancing the operational stability, reliability, security, and global interoperability of the Internet.

203                 This core value has been part of the ICANN Bylaws for well over a decade and there are no plans to modify it.

204                 Additionally, the security, stability, and resiliency of the Internet DNS was also assured by the NTIA’s oversight of the IANA function which was carried out by the mechanisms documented in Section II of this proposal. The CWG-Stewardship transition seeks to maintain or improve on all of these as follows:

         Root Zone Management Process Administrator for changes to the Root Zone: The CWG-Stewardship has recommended that the approval function of the NTIA for changes to the Root Zone and its WHOIS database should not be replaced post-transition because it does not contribute in a significant fashion to the security, stability, and resiliency of the Internet DNS.

         Root Zone Management Process Administrator for changes to the Root Zone environment (such as the introduction of DNSSEC): This CWG-Stewardship recommends that this approval function be maintained via a standing committee (see Section III.A.iii) because it is critical to maintaining the security, stability and resiliency of the Internet DNS.

         IANA Functions Contract Administrator: The IANA Functions Contract and its oversight by the NTIA are considered key elements for the security, stability, and resiliency of the Internet DNS. As such, the CWG-Stewardship recommends the creation of the PTI as an affiliate of ICANN and as the counterparty to a contract with ICANN, thus benefiting from the existing and strengthened accountability mechanisms and protections against capture.

         Contract Oversight: As to the oversight of the contract, the NTIA’s role will be replaced and augmented by the CSC and the IFR oversight mechanisms thus improving the security, stability, and resiliency of the Internet DNS.

 

205                 V.C. Meet the needs and expectation of the global customers and partners of the IANA services

206                 The CWG-Stewardship’s 1 December public comment on its first transition proposal confirmed the overwhelming satisfaction of the global customers and partners of ICANN’s IANA department.

207                 As such, the CWG-Stewardship’s proposal ensures that PTI will continue to provide the IANA Function to its global customers and partners post-transition in essentially the same manner as ICANN’s IANA department does today.

208                 The CWG-Stewardship proposal is the result of extensive community dialogue and input. Additionally, the CWG-Stewardship’s transition proposal has been approved by the multi-stakeholder community, which participated in its development as well as by the CWG-Stewardship’s designated chartering organizations.

209                 V.D. Maintain the openness of the Internet

210                 The CWG-Stewardship’s transition proposal does not contemplate any changes which would in any way affect the openness of the Internet. This includes continued support for IANA customers on the Office of Foreign Assets Control (OFAC) list of the U.S. Government.

211                 V.E. The proposal must not replace the NTIA role with a government-led or an intergovernmental organization solution

NTIA’s oversight of the IANA function is documented in Section II of this proposal and includes the following roles:

         Establishment of PTI : Post-transition establishment of PTI as an affiliate of ICANN, thus benefiting from the existing accountability mechanisms and prevention of capture, including by governments.

         Root Zone Management Process Administrator for changes to the Root Zone : The CWG-Stewardship recommends that the approval function of the NTIA for changes to the Root Zone and its WHOIS database should not be replaced post-transition.

         Root Zone Management Process Administrator for changes to the Root Zone environment (such as the introduction of DNSSEC) : The CWG-Stewardship recommends that this approval function be maintained via a multi-stakeholder process, which will not be government-led or an inter-governmental organization solution.

         IANA Functions Contract Administrator : This was the NTIA’s oversight of the IANA Functions Contract, which will be replaced and augmented by the CSC and the IFR, which will not be government-led or an inter-governmental organization solution.

 


  1.                Community Process

212                 This section should describe the process your community used for developing this proposal, including:

         The steps that were taken to develop the proposal and to determine consensus.

         Links to announcements, agendas, mailing lists, consultations and meeting proceedings.

         An assessment of the level of consensus behind your community’s proposal, including a description of areas of contention or disagreement.

213                 VI.A. Steps taken to develop the proposal and to determine consensus.
 

214                 Establishing the CWG -Stewardship

215                 In March 2014 the National Telecommunications and Information Administration (NTIA) has requested that ICANN “convene a multi-stakeholder process to develop a plan to transition the U.S. government stewardship role” with regard to the IANA Functions and related root zone management.  In making its announcement [39] , the NTIA specified that the transition proposal must have broad community support and meet the following principles:

         Support and enhance the multi-stakeholder model

         Maintain the security, stability, and resiliency of the Internet DNS

         Meet the needs and expectation of the global customers and partners of the IANA services

         Maintain the openness of the Internet.

216                 NTIA also specified that it would not accept a proposal that replaces the NTIA role with a government-led or an intergovernmental organization solution.

217                 On June 6, 2014 ICANN proposed the creation of an IANA Stewardship Transition Coordination Group (ICG) “responsible for preparing a transition proposal reflecting the differing needs of the various affected parties of the IANA functions.” In July 2014 the ICG was established, comprising of 30 members representing 13 communities.

218                 According to this charter, [40] the ICG has one deliverable: a proposal to the NTIA regarding the transition of NTIA’s stewardship of the IANA functions to the global multi-stakeholder community. For that matter the ICG’s mission is to coordinate the development of a proposal among the communities affected by the IANA Functions, which are divided into three main categories: domain names, number resources, and other protocol parameters. The ICG noted that the domain name category divides further into the country code and generic domain sub-categories. In the ICG charter, it also noted that “while there is some overlap among all categories, each poses distinct organizational, operational and technical issues, and each tends to have distinct communities of interest and expertise.” 

219                 To achieve its deliverable the ICG identified four main tasks, which include among others, the task to solicit proposals from the three operational communities, and solicit the input of the broad group of communities affected by the IANA functions. In order to address this task, the ICG seeks complete formal responses to its Request For Proposal (RFP) [41] , through processes that are convened by each of the “operational communities” of IANA (i.e. those with direct operational or service relationships with the IANA functions operator, in connection with names, numbers or protocol parameters).

220                 In anticipation of the charter of the ICG, the operational community in connection with the IANA names function, the ccNSO and GNSO, took the initiative to create a cross-community working group to develop a proposal for the transition of NTIA’s stewardship in relation to the naming related functions. At the ICANN 50 meeting in London, June 2014, the GNSO, ccNSO, ALAC and the SSAC established a drafting team to prepare a charter for such a Cross Community Working Group, which was finalized by mid August 2014. The charter was approved by the GNSO, ccNSO, ALAC and SSAC, each according to their own rules and procedures. The charter of the CWG-Stewardship as approved is available at https://community.icann.org/display/gnsocwgdtstwrdshp/Charter .

221                 Members and participants

222                 Page referenced: https://community.icann.org/pages/viewpage.action?pageId=49351381

223                 Following the approval of the CWG-Stewardship charter, the chartering organizations, selected members for the CWG-Stewardship, again in accordance with their own rules of procedure. Besides actively participating in the work of the CWG-Stewardship, members of the CWG-Stewardship are expected to solicit, and communicate the views and concerns of individuals in the organization that appoints them. The list of the 19 members, their affiliation, originating organizations and geographic regions is included on the page referenced above.

224                 Separately, and in accordance with the charter of the CWG-Stewardship, a call for participants was sent out to invite all those who are interested in the work of the CWG-Stewardship. The list of names of participants from the community, their affiliation, if any, and originating Geographic Region can also be found on the relevant Wiki page. Further, and in accordance with the charter, the CWG-Stewardship members and participants have submitted Statements of Interest(s). [42]

225                 Working methods of the CWG -Stewardship

226                 Initial working method: developing the first CWG-Stewardship proposal (October 2014 through February 2015): Sub-teams addressing ICG Request for Proposal

227                 At its start the CWG-Stewardship agreed to divide its work into the following items, which are derived from and in accordance with the RFP from the ICG:

3)       Description of Community’s Use of IANA Functions (RFP 1)

4)       Existing, Pre-Transition Arrangements

a)        Policy Sources

b)        Oversight and Accountability

5)       Proposed Post-Transition Oversight and Accountability Arrangements

6)       Transition Implications

7)       NTIA Requirements (RFP 5)

8)       Community Process (RFP 6)

 

228                 In addition the CWG-Stewardship agreed to work on two additional items:

         Existing, Pre-Transition Arrangements, NTIA IANA Functions Contract Triage: The goal is to inform the CWG-Stewardship itself in its work and create a better understanding of the elements in the IANA Functions Contract for the work of the CWG-Stewardship.

         Principles: For internal purposes the CWG-Stewardship agreed to develop a set of principles and criteria on which the CWG-Stewardship itself could base its (draft) proposals and against which these could be tested.

229                 For each of the work items identified above sub-groups were formed, with volunteer rapporteurs and internal coordinators, with the exception for Section VI. These sub-groups were created to focus the work of the group on the requirements of the ICG and develop initial drafts. The sub-groups reported back to the full CWG-Stewardship, both online and during the CWG-Stewardship meetings, and their output was discussed, edited and ultimately accepted by the CWG-Stewardship as a whole, in accordance with the decision-making rules defined in the charter of the CWG-Stewardship. [43]

230                 The progress and intermediate results from the sub-teams can be viewed at: https://community.icann.org/display/gnsocwgdtstwrdshp/%5BArchive%5D+Work+Item+Sub+Groups

231                 On 1 December 2014, the CWG-Stewardship published its first draft proposal for public comment. This first draft had been designed around the idea of an independent and separate contracting entity, known as “Contract Co.”, to replace NTIA’s stewardship role and contract with the IANA Functions Operator. The comments at the conclusion of the first public comment outlined three key takeaways:

         Customers are currently satisfied with ICANN’s IANA department.

         There was concern over what was viewed as an overly complex structure that lacked details and assurances on accountability.

         Professional and independent legal advice was required to make a determination on post-transition structure

 

232                 The CWG-Stewardship further discussed the different aspects, taking into the community input. In part, this involved considering many more structural models (in addition to “Contract Co.”). By February 2015, prior to the ICANN 52 meeting in Singapore this resulted in an additional set of questions for the community, to inform the discussions of the CWG-Stewardship.

233                 Going into ICANN 52, the CWG-Stewardship presented the community with an overview of four structural models: two were “internal” and two were “external” (including “Contract Co.”). This discussion document is available here: [44] https://www.icann.org/news/announcement-2015-02-06-en. [45] . During ICANN52, three additional models were presented; each was a variation of a “hybrid” model. The discussion document for these three models is available here: https://community.icann.org/download/attachments/49351404/IntegratedIANA1.2.pdf?version=1&modificationDate=1427102306000&api=v2 . With the addition of these three models, the CWG-Stewardship effectively left the ICANN 52 meeting with seven potential models to evaluate and consider.

234                 Method used to develop second and final proposal (February 2015 through June 2015): Design Teams

235                 In February 2015, after the Singapore face-to-face meetings, the CWG-Stewardship discussed and agreed in March 2015 on an alternative, focused, and agile method which was to work on the remaining open issues through a so called Design Team method. Each Design Team was established to focus on a specific, pre-defined work item and delivers its output in a short timeframe.

236                 The list of work items was approved by the CWG-Stewardship and maintained by the CWG-Stewardship. Results of each Design Team were discussed and approved by the full CWG-Stewardship prior to integration into the evolving CWG-Stewardship Proposal. The results of the prioritized Design Teams were discussed by the CWG-Stewardship at its face-to-face meetings that occurred in March 2015 in Istanbul, Turkey. At those meetings the initial list of work items was reviewed and work items were re-prioritized.

237                 The Co-Chairs managed creation of the Design Teams, prioritization of work items, and progress of the teams, with input from the CWG-Stewardship. Members and participants from the CWG-Stewardship composed the Design Teams, and in some cases external observers with specific expertise were included.

238                 The register/list of work items, their priority, membership of Design Teams, meetings, agendas, and mail archives are publicly available at: https://community.icann.org/display/gnsocwgdtstwrdshp/Design+Teams+List

239                 The CWG-Stewardship entered its Istanbul meetings with seven potential models for the IANA Stewardship transition. These models had been studied and researched by newly engaged independent legal counsel, Sidley Austin LLP. After a thorough discussion of these potential models with legal counsel and in a spirit of compromise, the CWG-Stewardship narrowed down its list of structural models to two variants of an internal accountability/hybrid model: the legal separation mode and the functional separation model.

240                 The move from seven potential models to two variants of an internal accountability/hybrid model was iterative over a series of sessions. In one session, after explanation of legal counsel’s findings, two models:  the internal trust and the external trust, were deemed unsuitable to meet the CWG-Stewardship’s requirements because the structures were not necessarily recognized legally outside of the U.S. Upon conclusion of these sessions, the CWG-Stewardship also agreed to defer further consideration of the “Contract Co.” model (in part, because it did not receive sufficient support after the first public comment period), until the viability of the remaining models could be further considered.   In addition, the CWG-Stewardship agreed to defer further consideration of the fully internal model or the standalone IANA hybrid model. The CWG-Stewardship agreed that the remaining models:   two variants of an internal accountability/hybrid model (the legal separation model and the functional separate model) required further research on the part of legal counsel before the CWG-Stewardship could make a determination.

241                 Following the meetings in Istanbul, the CWG-Stewardship, in consultation with its independent legal counsel, held various meetings and reviewed various memos from its legal counsel to determine which of the two variants of an internal accountability/hybrid model – the legal separation model and the functional separation model – would be recommended. The CWG-Stewardship determined that the legal separation model was preferred because it would establish PTI as a separate legal entity at the outset, allowing for possible separation from ICANN in the future, if necessary. In addition, the legal separation model allowed for a contract between ICANN and PTI. With that decision reached, the CWG-Stewardship turned its focus to developing an accountability framework to support this model, while legal counsel assisted in addressing governance issues related to the model.  

The consideration for the CWG-Stewardship, with consultation from its independent legal counsel, became whether to support a functionally separate model or a legally separate model. The group eventually chose the legally separate model because it would establish the separate PTI entity at the outset, allowing for possible separation from ICANN in the future, if necessary. With that compromise in place, the CWG-Stewardship turned its focus to developing an accountability framework to support this model, while legal counsel assisted in addressing governance issues .

242                 Client committee/independent, external legal services

243                 In March 2015, after an extensive request for proposal process, the CWG-Stewardship obtained the services of an external law firm, Sidley Austin LLP, to provide relevant and independent legal advice. The CWG-Stewardship agreed to channel their communication with the law firm through a Client Committee, [46] with the understanding that all communication (emails and conference calls, between the Client Committee and the law firm) would be publicly available as well as all deliverables prepared by the law firm.

244                 At the invitation of the Client Committee, Sidley Austin LLP attended full CWG-Stewardship meetings to respond to questions and provide additional clarifications.

245                 Membership of the Client Committee, a list of the Sidley Austin team, meeting recordings, agendas, research and memoranda, etc. are publicly available at: https://community.icann.org/display/gnsocwgdtstwrdshp/Client+Committee

246                 Through the Design Team method and taking into account external, independent legal advice, the CWG-Stewardship developed its second draft proposal, which was published for public comment from 22 April 2015 until 20 May 2015. During this public consultation period the aspects of the second proposal were further refined and discussed, using the same method for developing the second proposal.

247                 After closure of the public comment period (20 May 2015), the CWG-Stewardship reviewed all comments received, and, where appropriate, the Design Teams prepared responses to the comments received and refined their output.

248                 Based on the second proposal and further discussion by the full CWG-Stewardship and Design Teams, taking into account the public comment analysis, the Final Proposal was developed.

249                 Determining consensus

250                 The proposal was developed in a bottom-up, multistakeholder manner, which included multiple readings of the drafts. The drafts were posted publicly and open to comment by CWG-Stewardship members and participants with respect to each of the draft proposal iterations. The first draft of the Final Proposal was circulated for review and comment by the CWG-Stewardship, on 1 June 2015, with a dedicated first reading during the 2 June 2015 plenary meeting. The second draft was delivered on 3 June 2015, with a dedicated second reading during the 4 June 2015 call. A third and final reading took place on 9 June.

251                 Following the Final reading, the Final Proposal was sent to the CWG-Stewardship for a 24-hour period during which any errors, comments, or statements could be noted for the record. At the end of this 24-hour period (ending at 23:59 UTC on 10 June), the CWG-Stewardship co-Chairs added a note to Section VI.C., below, and sent the Final Proposal to the SO/AC Chartering Organizations for their approval. Chartering Organizations’ approval is requested by 25 June so as to deliver to the ICG.

252                 VI.B. Links to announcements, agendas, mailing lists, consultations, and meeting proceedings
 

253                 Meetings

         Full CWG–Stewardship (meeting dates, agendas, participants and meeting notes): https://community.icann.org/display/gnsocwgdtstwrdshp/Meetings

         CWG-Stewardship Sub-Teams: https://community.icann.org/display/gnsocwgdtstwrdshp/%5BArchive%5D+Work+Item+Sub+Groups

         Design Teams: https://community.icann.org/display/gnsocwgdtstwrdshp/Design+Teams

         Client Committee: https://community.icann.org/display/gnsocwgdtstwrdshp/Client+Committee

254                 Public consultations

         1 December public consultation on first CWG-Stewardship draft transition proposal: https://www.icann.org/public-comments/cwg-naming-transition-2014-12-01-en

         Responses to the December 2014 public comment: https://www.icann.org/public-comments/cwg-naming-transition-2014-12-01-en#summary

         February 2015 Discussion document for ICANN52 meeting: https://community.icann.org/pages/viewpage.action?pageId=52889457

         May 2015 public comment on second CWG-Stewardship draft transition proposal: https://www.icann.org/public-comments/cwg-stewardship-draft-proposal-2015-04-22-en

255                 Webinars and other public presentations

         Webinar 3-4 December 2014: https://community.icann.org/pages/viewpage.action?pageId=50823496

         Webinar 3 February 2015: https://community.icann.org/pages/viewpage.action?pageId=52232656

         Presentations at ICANN 52 Singapore: http://singapore52.icann.org/en/schedule/thu-cwg-stewardship

         Webinars 24 April 2015: https://community.icann.org/pages/viewpage.action?pageId=52897455

         Webinars 6-7 May 2015: https://community.icann.org/pages/viewpage.action?pageId=53772631 .

         Webinars 11 June: https://community.icann.org/pages/viewpage.action?pageId=53778352 .

256                 Mailing list archives

         https://community.icann.org/display/gnsocwgdtstwrdshp/Mailing+List+Archives

257                 Correspondence

         https://community.icann.org/pages/viewpage.action?pageId=49355992

258                 Outreach

         https://community.icann.org/display/gnsocwgdtstwrdshp/Outreach+Tracking+CWG-Stewardship

259                 VI.C. Assessment of the level of consensus behind your community’s proposal, including a description of areas of contention or disagreement

 

260                 The Cross Community Working Group on Naming Related Functions (CWG-Stewardship) is pleased to provide its Chartering Organizations with its proposed response to the IANA Stewardship Transition Coordination Group (ICG) Request for Proposals on the IANA Stewardship Transition for your consideration and approval as per its Charter.

261                 The response is the result of extensive work by the CWG’s 19 members, 133 participants and a team of highly qualified legal advisors over the past year, which included over 100 calls or meetings, 2 public consultations and more than 4,000 email messages. It represents a carefully crafted balance between key requirements, specific legal advice, and significant compromises by all who participated and includes diligent attention to the input received through the Public Comment proceedings. The final proposal has received the consensus support of the CWG-Stewardship with no objections or minority statements recorded for Chartering Organization consideration.

262                 As noted in the CWG-Stewardship proposal itself, the proposal is significantly dependent and expressly conditioned on the implementation of ICANN-level accountability mechanisms proposed by the Cross Community Working Group on Enhancing ICANN Accountability (CCWG-Accountability). The co-chairs of the CWG-Stewardship and the CCWG-Accountability have coordinated their efforts and the CWG-Stewardship is confident that the CCWG-Accountability recommendations, if implemented as expected, will meet the requirements that the CWG-Stewardship has previously communicated to the CCWG. If any element of these ICANN level accountability mechanisms is not implemented as contemplated by the CWG-Stewardship proposal, this proposal will require revision.


Annex A – The Community’s Use of the IANA Functions – Additional Information

1)       Root Zone Change Request Management (NTIA IANA Functions Contract: C.2.9.2.a)

a)        Description of the function: Receive and process Root Zone change requests for TLDs. These change requests include addition of new or updates to existing TLD name servers (NS) and delegation signer (DS) resource record (RR) information, along with associated “glue'” (A and AAAA RRs). A change request may also include new TLD entries to the Root Zone.

b)        Customers of the function: TLD registries.

c)        What registries are involved in providing the function: Root Zone database.

d)       Overlaps or interdependencies: Policy for entries in the Root Zone are determined by the ICANN policy-setting mechanisms (e.g., for ccTLDs and gTLDs). The IETF standardization process can create reservations from the global namespace so that certain names that otherwise would be valid in the DNS root are disallowed.

2)       Root Zone WHOIS Change Request and Database Management (NTIA IANA Functions Contract: C.2.9.2.b)

a)        Description of the function: The IFO maintains, updates, and makes publicly accessible a Root Zone WHOIS database with current and verified contact information for all TLD registry operators. The Root Zone WHOIS database, at a minimum, shall consist of the TLD name; the IP address of the TLD’s nameservers; the corresponding names of such nameservers; the creation date of the TLD; the name, postal address, email address, and telephone and fax numbers of the TLD registry operator; the name, postal address, email address, and telephone and fax numbers of the technical contact for the TLD registry operator; the name, postal address, email address, and telephone and fax numbers of the administrative contact for the TLD registry operator; reports; date the WHOIS record was last updated; and any other information relevant to the TLD requested by the TLD registry operator. IANA shall receive and process Root Zone WHOIS change requests for TLDs.

b)        Customers of the function: TLD registries.

c)        What registries are involved in providing the function: Root Zone WHOIS database.

d)       Overlaps or interdependencies: None.

3)       Delegation and Redelegation of a ccTLD (NTIA IANA Functions Contract: C.2.9.2.c)

a)        Description of the function: Assigning or re-assigning a manager (sponsoring organization) for a ccTLD registry (including IDN ccTLDs). The IFO applies existing policy frameworks in processing requests related to the delegation and redelegation of a ccTLD, such as RFC 1591 Domain Name System Structure and Delegation, the GAC Principles And Guidelines For The Delegation And Administration Of Country Code Top Level Domains, and any further clarification of these policies by interested and affected parties. If a policy framework does not exist to cover a specific instance, ICANN will consult with the interested and affected parties, relevant public authorities, and governments on any recommendation that is not within or consistent with an existing policy framework. In making its recommendations, ICANN shall also take into account the relevant national frameworks and applicable laws of the jurisdiction that the TLD registry serves.

b)        Customers of the function: ccTLD registries.

c)        What registries are involved in providing the function: Root Zone, Root Zone WHOIS database.

d)       Overlaps or interdependencies: Policy for entries in the Root Zone are determined both by the ICANN policy setting mechanisms (e.g. for ccTLDs and gTLDs), and by the IETF standardization process (e.g. for specially reserved names)

4)       Delegation and Redelegation of a gTLD (NTIA IANA Functions Contract: C.2.9.2.d)

a)        Description of the function: Assigning or re-assigning a Sponsoring Organization for a gTLD registry. ICANN verifies that all requests related to the delegation and redelegation of gTLDs are consistent with the procedures developed by ICANN. In making a delegation or redelegation recommendation ICANN must provide documentation in the form of a Delegation and Redelegation Report verifying that ICANN followed its own policy framework including specific documentation demonstrating how the process provided the opportunity for input from relevant stakeholders and was supportive of the global public interest.

b)        Customers of the function: gTLD registries.

c)        What registries are involved in providing the function: Root Zone, Root Zone WHOIS database.

d)       Overlaps or interdependencies: Policy for entries in the Root Zone are determined both by the ICANN policy-setting mechanisms (e.g. for ccTLDs and gTLDs), and by the IETF standardization process (e.g. for specially reserved names).

5)       Redelegation and Operation of the .INT TLD (NTIA IANA Functions Contract: C.2.9.4) [47]

a)        Description of the function: Historically, the policy for .INT is described in IETF RFC 1591. The policy allowed registration for both international organizations and for use for international databases for infrastructure use. The policy for .INT related to international databases for infrastructure use was determined by the IETF. RFC 3172 recommended that such uses move under.ARPA, and the only then-extant use of .INT for such infrastructure (the IPv6 reverse mapping tree) was in fact moved under .ARPA; all subsequent infrastructure uses have been under .ARPA. Since this change, it is only possible for an international treaty organizations to register domain names under .INT for use for the organization itself.

b)        Customers of the function : Eligible registrants for registration in .INT ( http://www.iana.org/domains/int/policy ).

c)        What registries are involved in providing the function: Root Zone database, Root Zone WHOIS, .INT Zone database, .INT WHOIS database.

d)       Overlaps or interdependencies : Historically policy has partially been determined by IETF, however per RFC 3172, .INT is no longer used for international databases for infrastructure use; .ARPA TLD is used instead.

6)       Root DNSSEC Key Management (NTIA IANA Functions Contract: C.2.9.2.f)

a)        Description of the function: The IANA Functions Operator is responsible for generating the Key Signing Key (KSK) and publishing its public portion. The KSK used to digitally sign the Root Zone Signing Key (ZSK) that is used by the Root Zone Maintainer to DNSSEC-sign the Root Zone.

b)        Customers of the function: Root Zone Maintainer, DNS validating resolver operators.

c)        What registries are involved in providing the function: The Root Zone Trust Anchor.

d)       Overlaps or interdependencies: IETF’s creation of algorithm numbers for key types.

7)       Root Zone Automation (NTIA IANA Functions Contract: C.2.9.2.e)

a)        Description of the function: A fully automated system that includes a secure (encrypted) system for customer communications; an automated provisioning protocol allowing customers to manage their interactions with the Root Zone management system; an online database of change requests and subsequent actions whereby each customer can see a record of their historic requests and maintain visibility into the progress of their current requests; a test system, which customers can use to test the technical requirements for a change request; and an internal interface for secure communications between the IFO; the Administrator, and the Root Zone Maintainer.

b)        Customers of the function: TLD registries.

c)        What registries are involved in providing the function: Root Zone database, Root Zone WHOIS.

d)       Overlaps or interdependencies: N/A.

8)       Customer Service Complaint Resolution Process (CSCRP) (NTIA IANA Functions Contract: C.2.9.2.g)

a)        Description of the function: A process for IANA Functions customers to submit complaints for timely resolution that follows industry best practice and includes a reasonable timeframe for resolution.

b)        Customers of the function: TLD registries.

c)        What registries are involved in providing the function: N/A.

d)       Overlaps or interdependencies: All IANA Functions that are customer facing for the names registries.

9)       Management of the Repository of IDN Practices (IANA service or activity beyond the scope of the IANA functions contract)

a)        Description of the function: The IANA Repository of TLD IDN Practices, also known as the “IDN Language Table Registry,” was created to support the development of the IDN technology as described in the “Guidelines for the Implementation of Internationalized Domain Names (IDNs)”. In addition to making the IDN Tables publicly available on TLD registry websites, the TLD registries may register IDN Tables with the IANA Functions Operator, which in turn will display them online for public access.

b)        Customers of the function: TLD registries.

c)        What registries are involved in providing the function: IDN Language Table Registry.

d)       Overlaps or interdependencies: IDNs are based on standards developed and maintained by the IETF.

10)    Retirement of the Delegation of TLDs (IANA service or activity beyond the scope of the IANA functions contract)

a)        Description of the function: Retire TLDs from active use.

b)        Customers of the function: TLD registries

c)        What registries are involved in providing the function: Root Zone database, Root Zone WHOIS database.

d)       Overlaps or interdependencies: N/A.


Annex B – Oversight Mechanisms in the NTIA IANA Functions Contract

263                 The following is a list of oversight mechanisms found in the NTIA IANA Functions Contract:

Ongoing Obligations

         C.2.12.a Program Manager --The contractor shall provide trained, knowledgeable technical personnel according to the requirements of this contract. All contractor personnel who interface with the CO and COR must have excellent oral and written communication skills. "Excellent oral and written communication skills" is defined as the capability to converse fluently, communicate effectively, and write intelligibly in the English language. The IANA Functions Program Manager organizes, plans, directs, staffs, and coordinates the overall program effort; manages contract and subcontract activities as the authorized interface with the CO and COR and ensures compliance with Federal rules and regulations and responsible for the following:

         C.4.1 Meetings -- Program reviews and site visits shall occur annually.

         C.4.2 Monthly Performance Progress Report -- The Contractor shall prepare and submit to the COR a performance progress report every month (no later than 15 calendar days following the end of each month) that contains statistical and narrative information on the performance of the IANA functions (i.e., assignment of technical protocol parameters; administrative functions associated with root zone management; and allocation of Internet numbering resources) during the previous calendar month. The report shall include a narrative summary of the work performed for each of the functions with appropriate details and particularity. The report shall also describe major events, problems encountered, and any projected significant changes, if any, related to the performance of requirements set forth in C.2.9 to C.2.9.4.

         C.4.3 Root Zone Management Dashboard -- The Contractor shall work collaboratively with NTIA and the Root Zone Maintainer, and all interested and affected parties as enumerated in Section C.1.3, to develop and make publicly available via a website, a dashboard to track the process flow for root zone management within nine (9) months after date of contract award.

         C.4.4 Performance Standards Reports -- The Contractor shall develop and publish reports for each discrete IANA function consistent with Section C.2.8. The Performance Standards Metric Reports will be published via a website every month (no later than 15 calendar days following the end of each month) starting no later than six (6) months after date of contract award.

         C.4.5 Customer Service Survey (CSS) --The Contractor shall collaborate with NTIA to develop and conduct an annual customer service survey consistent with the performance standards for each of the discrete IANA functions. The survey shall include a feedback section for each discrete IANA function. No later than 30 days after conducting the survey, the Contractor shall submit the CSS Report to the COR.

         C.5.1 Audit Data -- The Contractor shall generate and retain security process audit record data for one year and provide an annual audit report to the CO and the COR. All root zone management operations shall be included in the audit, and records on change requests to the root zone file. The Contractor shall retain these records in accordance with the clause at 52.215-2. The Contractor shall provide specific audit record data to the CO and COR upon request.

         C.5.2 Root Zone Management Audit Data -- The Contractor shall generate and publish via a website a monthly audit report based on information in the performance of Provision C.9.2 (a-g) Perform Administrative Functions Associated With Root Zone Management. The audit report shall identify each root zone file and root zone “WHOIS” database change request and the relevant policy under which the change was made as well as identify change rejections and the relevant policy under which the change request was rejected. The Report shall start no later than nine (9) months after date of contract award and thereafter is due to the COR no later than 15 calendar days following the end of each month.

         C.5.3 External Auditor -- The Contractor shall have an external, independent, specialized compliance audit which shall be conducted annually and it shall be an audit of all the IANA functions security provisions against existing best practices and Section C.3 of this contract.

 

 


Annex C - Principles and Criteria that Should Underpin Decisions on the Transition of NTIA Stewardship for Names Functions

Final

264                 These principles and criteria are meant to be the basis upon which the decisions on the transition of NTIA stewardship are formed.  This means that the proposals can be tested against the principles and criteria before they are sent to the ICG.   

1)       Security, stability and resiliency : Changes must not undermine the operation of the IANA Functions and should assure accountability and objectivity in the stewardship of the service.

2)       Transition should be subject to adequate stress testing.

3)       Any new IANA governance mechanisms should not be excessively burdensome and should be fit for purpose.

4)       Support the open Internet : The transition proposal should contribute to an open and interoperable Internet.

5)       Accountability and transparency : The service should be accountable and transparent. 

i)         Transparency : Transparency is a prerequisite of accountability. While there might be confidentiality concerns or concerns over operational continuity during the process of delegation or redelegation of a TLD, the final decision and the rationale for that decision should be made public or at least be subject to an independent scrutiny as part of an ex-post assessment of service performance.
Unless prevented or precluded by confidentiality, any and all audit reports and other review materials should be published for inspection by the larger community.

ii)       Independence of accountability : Accountability processes should be independent of the IANA Functions Operator [48] and should assure the accountability of the IANA Functions Operator to the inclusive global multistakeholder community.

iii)      Independence of policy from IANA : The policy processes should be independent of the IANA Functions Operator.  The IANA Functions Operator’s role is to implement changes in accordance with policy agreed through the relevant bottom-up policy process.

iv)      Protection against Capture [49] : Safeguards need to be in place to prevent capture of the service or of any IANA oversight or stewardship function.

v)        Performance standards : The IANA Functions Operator needs to meet agreed service levels and its decisions should be in line with agreed policy. Processes need to be in place to monitor performance and mechanisms should be in place to remedy failures. A fallback provision also needs to be in place in case of service failure.

vi)      Appeals and redress : Any appeals process should be independent, robust, affordable, timely, provide binding redress open to affected parties and be open to public scrutiny. Appeals should be limited to challenging the implementation of policy or process followed, not the policy itself.

6)       Service levels : The performance of the IANA Functions must be carried out in a reliable, timely and efficient manner.  It is a vital service and any proposal should ensure continuity of service over the transition and beyond, meeting a recognized and agreed quality of service that is in line with service-level commitments.

i)         Service level commitments should be adaptable to the developing needs of the customers of the IANA Functions and subject to continued improvement.

ii)       Service quality should be independently audited ( ex-post review) against agreed commitments.

7)       Policy based : The decisions and actions of the IANA Functions Operator should be made objectively based on policy agreed to through the recognized bottom-up multistakeholder processes. As such, decisions and actions of the IANA Functions Operator should:

i)         Be predictable (i.e, decisions are clearly rooted in agreed and applicable policy as set by the relevant policy body).

ii)       Adhere to laws/processes (i.e., for ccTLDs: Respect national laws and processes, as well as any applicable consensus ICANN policies and IETF technical standards). Post-transition of the IANA Functions, the IANA Functions Operator will continue to provide service to existing registries in conformance with prevailing technical norms, conforming with the policy decisions of registries and the security and stability of the Root Zone itself.

iii)      Be non-discriminatory.

iv)      Be auditable ( ex-post review).

v)        Be appealable by significantly interested parties.

8)       Diversity of the customers of the IANA Functions :

i)         The IANA Functions operator needs to take account of the variety of forms of relationship with TLD operators. The proposal will need to reflect the diversity of arrangements in accountability to the direct users of the IANA Functions .

ii)       For ccTLDs , the IANA Functions Operator should provide a service without requiring a contract and should respect the diversity of agreements and arrangements in place for ccTLDs. In particular, the IANA Functions Operator should not impose any additional requirements on the registry unless they are directly and demonstrably linked to the global security, stability, and resilience of the DNS.

iii)      For gTLDs, the IANA Functions Operator should continue to provide service notwithstanding any on-going or anticipated contractual disputes between ICANN and the gTLD operator. No additional requirements for prompt delivery of IANA services should be imposed unless they are directly and demonstrably linked to the global security, stability and resilience of the DNS.

9)       Separability : Any proposal must ensure the ability to:

i)         Separate the IANA Functions from the current operator (i.e. ICANN) if warranted and in line with agreed processes.

ii)       Convene a process for selecting a new IANA Functions Operator.

iii)      Consider separability in any future transfer of the IANA Functions.

10)    Multistakeholderism : Any proposal must foster multistakeholder participation in the future oversight of the IANA Functions.


 



Annex E – IANA Contract Provisions to be Carried Over Post-Transition (Statement of Work)

265                 The following provisions of the IANA Functions Contract are expected to be carried over to the IANA Statement of Work (and included in the ICANN-PTI Contract) noting that updates will need to be made to reflect the changing relationship with NTIA post-transition, and ensure consistency in terminology as well as updates as the result of other recommendations in the transition proposal:

         C.1.3. – Working relationship with all affected parties

         C.2.6 - Transparency and Accountability

         C.2.7. Responsibility and respect for stakeholders

         C.2.8 - Performance Standards

         C.2.9.2.a - Root Zone File Change Request Management

         C.2.9.2.b  - Root Zone WHOIS Change Request and Database Management

         C.2.9.2.c - Delegation and Redelegation of a Country Code Top Level Domain (a similar provision should be created concerning retirement of a Country Code Top Level Domain)

         C.2.9.2.d - Delegation And Redelegation of a Generic Top Level Domain (gTLD)

         C.2.9.2.e – Root zone Automation

         C.2.9.2.f - Root Domain Name System Security Extensions (DNSSEC) Key Management

         C.2.12.a – Qualified Program Manager

         C.3.1 – Secure Systems

         C.3.2. – Secure System Notification

         C.3.3. – Secure Data

         C.3.4. – Security Plan

         C.3.5. – Director of Security

         C.4.2. – Monthly Performance Progress Report

         C.4.3 – Root Zone Management Dashboard

         C.4.4 – Performance Standards Reports

         C.4.5. – Customer Service Survey

         C.5.1. – Audit Data

         C.5.2 – Root Zone Management Audit Data

         C.5.3 – External Auditor

         C.6.1. – Conflict of interest

         C.6.2. – Conflict of Interest Officer

         Sub-sections of C.6.2 (C.6.2.1-5) - additional conflict of interest requirements.

         C.7.1. – Redundancy

         C.7.2. – Contingency plan

         C.7.3. – Transition to a Successor Contractor

         C.12.b – Key personnel

         Baseline requirements for DNSSEC in the authoritative root zone

 


Annex F – IANA Function Reviews - Statement of Work Duration and Review Periodicity

266                 What period (duration) should be covered by the first statement of work post-transition?

267                 It is critical that any proposal provide opportunities to improve the performance of the IANA Functions Operator as it relates to naming as well as to review the proposed oversight structure against the needs of its customers and the ICANN community. This is especially important in the initial period following the transition of the NTIA’s stewardship over the IANA Functions, in order to account for lessons learned as a result of the IANA Stewardship Transition, to review the effectiveness of new structures created pursuant to the IANA Stewardship Transition, and to address any implications for the IANA Functions Operator’s performance. As a result, the CWG-Stewardship recommends that the review of PTI’s performance against the ICANN-PTI Contract and the IANA Statement of Work (IANA SOW) for the naming functions occur no more than two years from the date of the IANA Stewardship Transition. This review will be led by a multistakeholder body drawn from the ICANN community.

268                 Following the initial review period of two years from the date of the IANA Stewardship Transition, a longer period in between reviews will be advisable to avoid the constant flow of reviews, while still accounting for the emerging or evolving needs of IANA customers and the ICANN community. We recommend that subsequent reviews be initiated on a calendar basis with a recommended standard period of no more than five-year intervals .

269                 While the IANA Function Review will normally be scheduled based on a regular rotation of no more than five years in line with other ICANN reviews, a Special IANA Function Review may also be initiated by community action.

270                 Periodic IANA Function Reviews will be focused on the performance of PTI against the IANA SOW, as well as reviewing the IANA SOW to determine if any amendments should be recommended. The outcomes of an IANA Function Review are not limited and could include a variety of recommendations.

271                 What should be the process for reviewing or amending IANA SOWs (including approval by the community and acceptance by ICANN)?

272                 The review could identify recommended amendments to the IANA SOW to address any performance deficiencies, or to the CSC charter to address any issues or deficiencies. The process of developing and approving amendments will take place through a defined process that includes, at minimum, the following steps, in advance of an amendment to either document being proposed:

         Consultation with the IANA Functions Operator;

         Consultation with the CSC;

         Public input session for ccTLD and gTLD operators; and

         Public comment period.

 

273                 Drafted amendments will be subject to at least the following processes before they came into effect:

         Public comment period;

         Ratification by the ccNSO and the GNSO Councils by a supermajority threshold; and

         Approval by the ICANN Board.
 

274                 The timeline for implementing any amendments to the IANA SOW will be agreed to between the IANA Function Review Team and the IANA Functions Operator.

275                 Scope of IANA Function Reviews

276                 At minimum, the IANA Function Review will consider the following:

         The performance of the IANA Functions Operator against the requirements set forth in the IANA SOW;

         Any necessary additions to the IANA SOW to account for the needs of consumers of the IANA naming functions or the ICANN community at large; [50]

         Openness/transparency procedures for the IANA Functions Operator and any oversight structures, including reporting requirements and budget transparency;

         The effectiveness of new structures created to carry out IANA oversight in monitoring performance and handling issues with the IANA Functions Operator;

         The relative performance of the IANA Functions pre- and post-transition according to established service levels; and

         Discussion of process or other improvements (where relevant to the mandate of the IANA Function Review) suggested by the CSC or community.

 

277                 At minimum, the following inputs will be considered as a part of the review:

         The current IANA SOW.

         Regular reports provided by the IANA Functions Operator during the defined review period, including:

         Monthly performance reports;

         Delegation/redelegation reports;

         Annual IANA audits;

         Security Process Reports;

         RZM Data Audits;

         Response to IANA Customer Satisfaction Surveys; and [51]

         Conflict of Interest Enforcement and Compliance Report.

         Inputs by the CSC, including:

         Issues flagged in reviewing above reports;

         Public transcripts and meeting minutes;

         Inputs related to the effectiveness of any remediation efforts with the IANA Functions Operator, and

         Annual evaluation of IANA Functions Operator performance.

         Community inputs through Public Consultation Procedures defined by the IANA Function Review Team, potentially including:

         Public comment periods.

         Input at in-person sessions during ICANN meetings.

         Responses to public surveys related to IANA Functions Operator performance; and

         Public inputs during meetings of the IANA Function Review Team.

 

278                 What are the goals of the reviews?

279                 In reviewing the above data points the goal of the IANA Function Review Team will be to:

         Evaluate the performance of the IANA Functions Operator and any related oversight bodies vis-à-vis the needs of its direct customers and the expectations of the broader ICANN community;

         Evaluate the performance of any IANA oversight bodies with respect to the responsibilities set forth in their charters;

         Consider and assess any changes put in place since the last IANA Function Review and their implications for the performance of the IANA Naming Functions;

         Determine if any amendments to the SOW should be recommended; and

         Identify areas for improvement in the performance of the IANA Functions and associated oversight mechanisms.

 

280                 Any recommendations will be expected to identify improvements in these areas that were supported by data and associated analysis about existing deficiencies and how they could be addressed.

281                 Composition of IANA Function Review Teams
 

282                 Who are the relevant stakeholders?  

283                 All stakeholder groups represented at ICANN will be relevant for the reviews done by the IANA Function Review Team. Additionally, the Number and Protocol operational communities will each be offered the opportunity to name a liaison to the review group. The IANA Function Review Team will be composed as follows:

Group

IFRT Members

ccNSO

2

ccTLDs (non-ccNSO)

1

Registry Stakeholder Group (RySG)

2

Registrar Stakeholder Group (RsSG)

1

Commercial Stakeholder Group (CSG)

1

Non-Commercial Stakeholder Group (NCSG)

1

Government Advisory Committee (GAC)

1

Security and Stability Advisory Committee (SSAC)

1

Root Server Operators Advisory Committee (RSSAC)

1

At-Large Advisory Committee (ALAC)

1

CSC Liaison

1

 

284                 In any case where a recommendation focuses on a service specific to gTLDs or to ccTLDs, or where the processes are different between the two, the final recommendation should not be decided in the face of opposition from that community’s members. Solely gTLD issues must not be decided in opposition to GNSO members and solely ccTLD issues (or issues which are handled differently for ccTLDs) must not be decided in opposition to ccTLD members of the IANA Function Review Team.

285                 Additionally, an IANA Functions Operator staff member will be appointed as a point of contact for the IANA Function Review Team.

286                 What body should coordinate reviews?

287                 The ICANN Board, or an appropriate sub-committee of the Board, must ensure that an IANA Function Review Team is convened at no more than five-year intervals (or convened to enable the first periodic IANA Function Review to be completed) for the purpose of leading a review of the IANA SOW and the additional performance parameters defined above. The IANA Function Review Team will not be a standing body and will be reconstituted for every IANA Function Review.

288                 Individuals interested in participating in the IANA Function Review Team would submit an Expression of Interest that includes a response addressing the following matters:

         Why they are interested in becoming involved in the IANA Function Review Team;

         What particular skills they would bring to the IANA Function Review Team;

         Their knowledge of the IANA Functions;

         Their understanding of the purpose of the IANA Function Review Team; and

         That they understand the time necessary required to participate in the review process and can commit to this role.

 

289                 Supporting Organizations or Advisory Committees, in accordance with their respective internally defined processes, will appoint individuals who have submitted Expressions of Interest. In the case of the non-ccNSO ccTLD representative, the ccNSO will be the appointing body; in appointing the non-ccNSO representative it is strongly recommended that the ccNSO also consult with the Regional ccTLD Organizations, namely AfTLD, APTLD, LACTLD, and CENTR.

290                 What is the scope of its responsibility for leading the review?

291                 The IANA Function Review Team defined above will have the primary responsibility for carrying out the IANA performance review, including:

         Review and evaluation of the review inputs defined above;

         Initiation of public comment periods and other processes for wider community input;

         Considering inputs received during public comment periods and other procedures for community input; and

         Development of recommendations on changes to the IANA SOW, and to IANA Functions Operator performance.

292                 The IANA Function Review will be a high-intensity project and all members selected are expected to participate actively in the work of the IANA Function Review Team.

293                 The IANA Function Review Team will be an internal-to-ICANN body defined within the ICANN bylaws as a fundamental bylaw. ICANN will provide secretariat and other support for the IANA Function Review Team.

294                 What sort of process structure is warranted?

295                 The CWG-Stewardship recommends that the IANA Function Review be organized along the same ICANN Cross Community Working Group guidelines that have developed over the past years and which have been used successfully in the process of developing the IANA Stewardship Transition recommendations. As with the CWG-Stewardship, this review group will be co-chaired by someone designated by the GNSO and someone designated by the ccNSO. The groups will work on a consensus basis. In the event that consensus could not be reached, the IANA Function Review Team could decide by a majority vote of the group members.

296                 The CWG-Stewardship expects that each IANA Function Review should take nine months from the appointment of members to the IANA Function Review Team to the publication of a final report, including conducting two 40-day public comment periods.

297                 How is the wider community involved in such a review?

298                 As with other Cross Community Working Groups, the CWG-Stewardship recommends that all mailing lists and meetings will be open to interested participants and transparent, with recordings and transcripts made available to the public. At several stages in the process, community comment will be requested:

         Near the beginning of the process, the community will be asked to consider issues relevant to the review; and

         Midway through the process, a draft report will be provided for community review.
 

299                 Once the final report is prepared, it will be provided to the community.

300                 What should trigger reviews?

301                 Similar to the Affirmation of Commitment (AoC) Reviews, the IANA Function Review will be triggered on a calendar basis, with the first call for Expressions of Interest being scheduled to kick off one year from the date of the IANA Stewardship Transition to allow sufficient time to convene the IANA Function Review Team and complete the IANA Function Review within two years of the date of the IANA Stewardship Transition. Subsequent reviews will be scheduled to occur at no more than five-year intervals from the date of the initial IANA Function Review.

302                 A non-periodic or “Special” IANA Function Review (Special IFR) can only be initiated when the following escalation mechanisms have been exhausted:

         CSC remedial action procedures are followed and fail to address the identified deficiency (see Annex G); and

         The IANA Problem Resolution Process is followed and fails to correct the deficiency (See Annex J).

 

303                 Following exhaustion of the foregoing escalation mechanisms, the ccNSO and GNSO will be responsible for checking and reviewing the   outcome of the CSC process (as defined in Annex G), and the IANA Problem Resolution Process (as defined in Annex J) and for determining whether or not a Special IFR is necessary. After consideration, which may include a Public Comment period and must include meaningful consulatation with other SO/ACs. In order to trigger a Special IFR, it would require a vote of both of the ccNSO and GNSO Councils (each by a supermajority vote according to their normal procedures for determining supermajority). The Special IFR will follow the same multistakeholder cross community composition and process structure as the periodic IANA Function Review. The scope of the Special IFR will be narrower than a periodic IFR, focused primarily on the identified deficiency or problem, its implications for overall IANA performance, and how that issue is best resolved. As with the periodic IFR, the Special IFR is limited to a review of the performance of the IANA Functions operation and should not consider policy development and adoption processes or the relationship between ICANN and its contracted TLDs.

304                 The requirement to conduct and facilitate the periodic and special IANA Function Reviews would be articulated in the ICANN Bylaws and included as an ICANN fundamental bylaw under consideration by CCWG-Accountability. In addition, the IFR and Special IFR mechanisms could be set forth in the contract between ICANN and Post-Transition IANA or PTI.

305                 CCWG Accountability Dependencies

306                 Enumeration of the relevant accountability mechanisms relating to the IFR and Special IFR:

         Creation of an ICANN fundamental bylaw to describe the IFR and Special IFR mechanisms, including the above voting thresholds for triggering a Special IFR (i.e., after specified escalation methods have been exhausted and then upon a supermajority vote of each of the ccNSO and GNSO Councils) and approval of the outcomes of an IFR and Special IFR (which may include a separation process, as described in Annex L).

 

307                 Table of Reviews

 

Review Type

Frequency

Responsible

IANA Function Review (IFR) including:

Statement Of Work (SOW)

Initially, two years, then moving to no more than five years

 

 

Special IFR can also be triggered by the ICANN community

IANA Function Review Team

 

Review monthly performance report

Monthly

CSC

Site visit

On-demand

IANA Function Review Team

Review CSC report on IANA Functions Operator performance SOW report

Annual

AC/SO/ICANN

Comment period

ICANN Board

Review performance metrics

Quarterly

CSC

Review customer survey report

Yearly

CSC

Review security audit process report

Annual

CSC

Review RZM audit report

Quarterly

CSC

Root Zone Operators

Review annual audit report

Annually

CSC with community input (i.e., open ICANN comments)

 

Review Conflict of Interest Enforcement Compliance audit report

Annually

Community review (AC/SO/Board) with comments to IFO


Annex G – Proposed Charter of the Customer Standing Committee (CSC)

308                 Mission

309                 The Customer Standing Committee (CSC) has been established to perform the operational oversight previously performed by the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA) as it relates to the monitoring of performance of the IANA naming function. This transfer of responsibilities took effect on [date].

310                 The mission of the CSC is to ensure continued satisfactory performance of the IANA function for the direct customers of the naming services. The primary customers of the naming services are top-level domain registry operators, but also include root server operators and other non-root zone functions.

311                 The mission will be achieved through regular monitoring by the CSC of the performance of the IANA naming function against agreed service level targets and through mechanisms to engage with the IANA Functions Operator to remedy identified areas of concern.

312                 The CSC is not mandated to initiate a change in the IANA Functions Operator via a Special IANA Function Review, but could escalate a failure to correct an identified deficiency to the ccNSO and GNSO, which might then decide to take further action using agreed consultation and escalation processes, which may include a Special IANA Function Review.

313                 Scope of Responsibilities

314                 The CSC is authorized to monitor the performance of the IANA naming function against agreed service level targets on a regular basis.

315                 The CSC will analyse reports provided by the IANA Functions Operator on a monthly basis and publish their findings.

316                 The CSC is authorized to undertake remedial action to address poor performance in accordance with the Remedial Action Procedures (see illustrative procedures at the end of this Annex). The Remedial Action Procedures are to be developed and agreed to by the CSC and the IANA Functions Operator post-transition, once the CSC is formed.

317                 In the event performance issues are not remedied to the satisfaction of the CSC, despite good-faith attempts to do so, the CSC is authorized to escalate the performance issues to the ccNSO and GNSO for consideration.

318                 The CSC may receive complaints from individual registry operators regarding the performance of the IANA Naming Function; however, th e CSC will not become involved in a direct dispute between any registry operator and IANA.

319                 The CSC will review individual complaints with a view to identifying any patterns of poor performance by the IANA Functions Operator in responding to complaints of a similar nature. In relation to problem resolution, if CSC determines that remedial action has been exhausted and has not led to necessary improvements, the CSC is authorized to escalate to the PTI Board and further if necessary.

320                 The CSC will, on an annual basis or as needs demand, conduct a consultation with the IANA Functions Operator, the primary customers of the naming services, and the ICANN community about the performance of the IANA Functions Operator.

321                 The CSC, in consultation with registry operators, is authorized to discuss with the IANA Functions Operator ways to enhance the provision of IANA’s operational services to meet changing technological environments; as a means to address performance issues; or other unforeseen circumstances. In the event it is agreed that a material change in IANA naming services or operations would be beneficial, the CSC reserves the right to call for a community consultation and independent validation, to be convened by the IANA Functions Operator, on the proposed change. Any recommended change must be approved by the ccNSO and RySG.

322                 The IANA Functions Operator would be responsible for implementing any recommended changes and must ensure that sufficient testing is undertaken to ensure smooth transition and no disruption to service levels.

323                 The CSC will provide a liaison to the IANA Function Review Team and a liaison to any Separation Cross Community Working Group.

 

324                 Conflict of Interest

325                 The ICANN Bylaws make clear that it must apply policies consistently, neutrally, objectively and fairly, without singling any party out for discriminatory treatment; which would require transparent fairness in its dispute resolution processes. Members of the CSC should accordingly disclose any conflicts of interest with a specific complaint or issue under review. The CSC may exclude from the discussion of a specific complaint or issue any member deemed by the majority of CSC members and liaisons to have a conflict of interest.

326                 Membership Composition

327                 The CSC should be kept small and comprise representatives with direct experience and knowledge of IANA naming functions. At a minimum the CSC will comprise:

         Two gTLD Registry Operators.

         Two ccTLD Registry Operators.

         One additional TLD representative not considered a ccTLD or gTLD registry operator such as the IAB for .ARPA could also be included in the minimum requirements but is not mandatory.

         One liaison from the IANA Functions Operator (PTI).
 

328                 Liaisons can also be appointed from the following organisations; however, providing a Liaison is not mandatory for any group:

         One liaison each from other ICANN SOs and ACs:

         GNSO (non-registry)

         ALAC

         NRO (or ASO)

         GAC

         RSSAC

         SSAC

 

329                 Liaisons shall not be members of or entitled to vote on the CSC, but otherwise liaisons shall be entitled to participate on equal footing with members of the CSC.

330                 The Chair of the CSC will be elected on an annual basis by the CSC. Ideally the Chair will be a direct customer of the IANA naming function, and cannot be the IANA Functions Operator Liaison.

331                 The CSC and the IANA Functions Operator will nominate primary and secondary points of contact to facilitate formal lines of communication.

332                 The CSC as a whole will decide who will serve as the Liaison to the IANA Function Review Team. Preference should be given to the Liaison being a registry representative given that technical expertise is anticipated to be valuable in the role.

333                 Membership Selection Process

334                 Members and Liaisons to the CSC will be appointed by their respective communities in accordance with internal processes. However, all candidates will be required to submit an Expression of Interest that includes a response addressing the following matters:

         Why they are interested in becoming involved in the CSC.

         What particular skills they would bring to the CSC.

         Their knowledge of the IANA Functions.

         Their understanding of the purpose of the CSC.

         That they understand the time necessary required to participate in the CSC and can commit to this role.
 

335                 Interested candidates should also include a resume or curriculum vitae or biography in support of their Expression of Interest.

336                 While the ccTLD and gTLD members will be appointed by the ccNSO and RySG respectively and liaisons by their applicable groups, ccTLD or gTLD registry operators that are not members of these groups will be eligible to participate in the CSC as members or liaisons. The ccNSO and RySG should consult prior to finalizing their selections with a view to providing a slate of members and liaisons that has, to the extent possible, diversity in terms of geography and skill set.

A representative for a TLD registry operator not associated with a ccTLD or gTLD registry, will be required to submit an Expression of Interest to either the ccNSO and GNSO Council. The Expression of Interest must include a letter of support from the registry operator. This provision is intended to ensure orderly formal arrangements, and is not intended to imply those other registries are subordinate to either the ccNSO or the GNSO.

337                 The full membership of the CSC must be approved by the ccNSO and the GNSO. While it will not be the role of the ccNSO and GNSO to question the validity of any recommended appointments to the CSC they will take into account the overall composition of the proposed CSC in terms of geographic diversity and skill sets.

338                 Terms

339                 CSC appointments, regardless of whether members or liaisons, will be for a two-year period with the option to renew for up to two additional two-year terms. The intention is to stagger appointments to provide for continuity and knowledge retention.

340                 To facilitate this, at least half of the inaugural CSC appointees will be appointed for an initial term of three years.  Subsequent terms will be for two years.

341                 CSC appointees must attend a minimum of nine meetings in a one-year period, and must not be absent for more than two consecutive meetings. Failure to meet this requirement may result in the Chair of the CSC requesting a replacement from the respective organisation.

342                 Recall of members

343                 Any CSC appointee can be recalled at the discretion of their appointing community.

344                 In the event that a ccTLD or gTLD registry representative is recalled, a temporary replacement may be appointed by the designating group while attempts are made to fill the vacancy. As the CSC meets on a monthly basis best efforts should be made to fill a vacancy within one month of the recall date.

345                 The CSC may also request the recall of a member of the CSC in the event they have not met the minimum attendance requirements. The appointing community will be responsible for finding a suitable replacement.

346                 Meetings

347                 The CSC shall meet at least once every month via teleconference at a time and date agreed upon members of the CSC.

348                 The CSC will provide regular updates, no less than three per year, to the direct customers of the IANA naming function. These updates may be provided to the RySG and the ccNSO during ICANN meetings.

349                 The CSC will also consider requests from other groups to provide updates regarding the IANA Functions Operator’s performance.

350                 Record of Proceedings

351                 Minutes of all CSC teleconferences will be made public within five business days of the meeting.

352                 Any remedial action will also be reported by the CSC.

353                 Information sessions conducted during ICANN meetings will be open and posting of transcripts and presentations will be done in accordance with ICANN’s meeting requirements.

354                 Secretariat

355                 The IANA Functions Operator will provide secretariat support for the CSC. The IANA Functions Operator will also be expected to provide and facilitate remote participation in all meetings of the CSC.

356                 Review

357                 The Charter will initially be reviewed by a committee of representatives from the ccNSO and the RySG one year after the first meeting of the CSC.  The review is to include the opportunity for input from other ICANN stakeholders, via a Public Comment process. Any recommended changes are to be ratified by the ccNSO and the GNSO.

358                 Thereafter, the Charter will be reviewed at the request of the CSC, ccNSO or GNSO and may also be reviewed in connection with the IANA Function Review.

359                 The effectiveness of the CSC will initially be reviewed two years after the first meeting of the CSC; and then every three years thereafter. The method of review will be determined by the ccNSO and GNSO.

360                 The CSC or the IANA Functions Operator can request a review or change to service level targets. Any proposed changes to service level targets as a result of the review must be agreed to by the ccNSO and GNSO .

================================

361                 Proposed Remedial Action Procedures

362                 This proposal is illustrative of what could be included in the Remedial Action Procedures. It is anticipated that the procedures would be agreed between the CSC and the IANA Functions Operator prior to implementation.

 

Notification

1st Escalation

2nd Escalation

3rd Escalation

Occurs

  • Process control limit exceeded
  • IANA customer presents evidence that IANA did not meet SLE
  • IANA periodic report indicates SLE not met
  • Corrective action plan late
  • Corrective action plan milestones missed
  • Two or more additional “notification” violations occur while corrective action plan is open
  • Corrective action plan late
  • Corrective action plan milestones missed
  • Two or more additional “notification” violations occur while corrective action plan is supposed to be in place
  • Corrective action plan from 2nd escalation not delivered or executed timely.
  • Additional similar violations occur when corrective action from 2nd escalation is supposed to be in place

Addressee

IANA Manager

PTI Board

Global Domains Division President

ICANN Board, CEO

Message Content

  • Identify SLE breach and evidence
  • Conference call request to discuss issues raised by CSC message.
  • Corrective action requirement
  • Time frame
  • Identify party requiring response
  • Identify SLE breach and evidence
  • Conference call request to discuss issues raised by CSC message.
  • Corrective action requirement
  • Time frame
  • Same as previous

 

  • Same as previous

 

Response Requested

  • Agreement that SLE violation occurred (or evidence to contrary)
  • Cause
  • Correction made on individual case
  • Corrective action plan to:
  • remedy current situation
  • prevent future occurrence
  • Corrective action plan required in 14-days
  • Reissue corrective action plan to:
  • Remediate earlier failed plan
  • Include new violations
  • Corrective action plan milestones missed
  • Two or more additional “notification” violations occur while corrective action plan is open
  • Same as previous plus
  • Organizational, operational changes to correct lack of corrective action
  • Same as previous plus
  • Remediation through the ICANN-PTI Contract and/or Special IFR

 


Annex H – Service Level Expectations

The CWG-Stewardship is not proposing any changes to the current work flow process. The CWG-Stewardship is suggesting that there is a requirement placed on IANA staff, (as part of the implementation phase) to measure, record and report additional details of transaction times for each Root Zone Management process. 

Such transparency will provide factual information to assist the CSC, IFRT and the Community to determine and confirm that the IANA Functions Operator is continuing to provide non-discriminatory service to the naming community. Further by having clarity as to process, it can be confirmed that IANA staff may not be the cause of the delay in the execution of the change request. On other occasions due to the wide time window for current SLEs, there is an opportunity for — or the perception for — certain TLD Managers to have preferential treatment and change requests completed in a matter of days, whilst other requests take much longer and yet still be in the approved time.

 

Principles

These are a set of guiding principles that will help define the expectation for the monitoring and reporting environment, and guide the definition of the individual criteria used for reporting and assessment of the naming-related portions of the IANA Functions:

  1. Attributable measures. Unless clearly impractical, individual metrics should be reported attributing time taken to the party responsible. For example, time spent by IANA staff processing a change request should be accounted for distinctly from time spent waiting for customer action during a change request.
  2. Overall metrics. In addition to the previous principle, overall metrics should be reported to identify general trends associated with end-to-end processing times and processing volumes.
  3. Relevance. All metrics to be collected should be relevant to the validation of customer service.  In addition some are the critical metrics that are considered important to set specific thresholds for judging breaches in the IANA Functions Operator’s ability to provide an appropriate level of service.
  4. Clear definition. Each metric should be sufficiently defined such that there is a commonly held understanding on what is being measured, and how an automated approach would be implemented to measure against the standard.
  5. Definition of thresholds. The definition of specific thresholds for performance criteria should be set based on analysis of actual data. This may require first the definition of a metric, a period of data collection, and later analysis by IANA customers before defining the threshold.
  6. Review process. The service level expectations should be reviewed periodically, and adapted based on the revised expectations of IANA’s customers and relevant updates to the environment. They should be mutually agreed between the community and the IANA Functions Operator.
  7. Regular reporting. To the extent practical, metrics should be regularly reported in a near real-time fashion.

Capturing the current status-quo for IANA Root Zone Management

Introduction

Service Level Expectations (SLEs) for a domain name registry are typically based on measuring specific transactions sent by a client to the registry. The metric for a transaction is generally of the form of “Transaction A must complete within X period Y percent of the time measured over Z”, for example, “a root zone update must complete within 72 hours 95% of the time measured on a monthly basis”. The Root Zone Management process currently presents unique challenges in that IANA is not responsible for all phases of processing, therefore the SLEs must be written to accommodate the phases of the process, and to be mindful of the different attribution for these phases.

These SLE metrics are based on the following current assumptions:

  1. For the purposes of the SLE discussion, the current process is simplified to five key stages for all change requests (notification is implicit in each stage):
  1. Confirm the details of the change.
  2. Verify the change complies with documented technical standards and policies and all applicable checks pass.
  3. Obtain authorization/consent to proceed with the change.
  4. Implement the change.
  5. Notify the change requester of completion of the change.
  1. Root Zone Management processes for routine change requests are largely automated. This automation includes:
  1. A web-based interface for submitting change requests to the IANA Functions Operator. The web-based interface authenticates the credentials presented by the change requester and facilitates the creation of root zone file and root zone database change requests.
  2. Near-real time confirmation email to the initiator of the change request of its safe receipt by the IANA system. Note, in certain circumstances, the request is initiated by other means such as fax or written letter. In these situations, email may not necessarily be used in communications.
  3. Automated technical checks conducted by the IANA system on the change request. These checks ensure conformance of the technical data with agreed minimum standards, and check for errors in the material submitted.
  4. Seeking consent from the relevant contacts for the domain, through an automated email verification process where approval requests are sent to both, at a minimum, the admin and technical contacts at the Registry for both parties to consent to the update.  (Note: Some contacts are slow to respond which creates inefficiency in the validation process. In certain circumstances, third party verification is also required, e.g. governmental approvals).
  5. The verified change request is transmitted to NTIA for authorization. For changes that impact the root zone file, the change request is also transmitted to the Root Zone Maintainer This is performed via an online interface.
  6. Once confirmed, notification is sent by NTIA to the IANA Functions Operator , and for changes that impact the root zone file, to the Root Zone Maintainer authorizing the change request for implementation.
  7. Prior to implementation, the Root Zone Maintainer repeats automated technical compliance checks on the request and once verified, implements the change within the root zone file. This file is typically published twice daily.
  8. On publication of updates to the Root Zone file, Root Zone Maintainer notifies the IANA Functions Operator , who verifies the changes match the requested changes, and notifies the Registry.

 

  1. The processing role currently undertaken by the NTIA will no longer exist in a post-transition environment and those steps will no longer be undertaken.   This means that IANA will have responsibility for triggering implementation at the conclusion of processing and communicating directly with the maintainer of the Root Zone.

 

  1. IANA’s online systems operate 24 hours a day, 365 days a year, except for maintenance periods, as befits a service that has customers around the globe.

 

Monitoring Past Performance:

(We accept past performance is no indication of future performance but is does capture the status-quo ).

 

The CWG-Stewardship conducted a historical analysis of IANA performance based on two sources: data published in IANA performance reports, and transaction logs provided by ccTLD registries interacting with the IANA root management function.  The data sources were for the period September 2013 to January 2015, which provided approximately 565 total data points – only 27 transactions took longer than 9 days and 13 took longer than 12 days. It should also be highlighted that some/much of the delay is as a result of the Registry not responding to the IANA Functions Operator to authorize the change request – so the delay is not necessarily within the IANA Functions Operator’s control. Four transactions took longer than one year (which is not necessarily a problem if the stability of the DNS is assured). A summary of this research is presented here .

 

Work to define the final SLE to be included with the proposal submitted to the NTIA will be run in parallel with the ICG process to review the CWG-Stewardship proposal. The objective is to ensure that the CWG-Stewardship proposal is not delayed by work to define the SLEs and so to optimize use of the time prior to the final submission of a proposal to the NTIA.  Review of the ongoing work can be viewed here: https://community.icann.org/x/CA4nAw .

 

Annex I – IANA Customer Service Complaint Resolution Process for Naming Related Functions

363                 (Modified Procedure)

364                 Refer to the existing ICANN-IANA process at http://www.iana.org/help/escalation-procedure .

365                 If anyone experiences an issue with the IANA Functions Operator’s delivery of the IANA services, then it should be reported to the IANA Functions Operator as follows. This process should be used in cases where response has been too slow, where a possible mistake has been made, or when there appears to have been inequitable service delivery.

366                 Phase 1 – Initial remedial process for IANA naming functions

367                 The complainant could send an e-mail to escalation@iana.org and provide the ticket numbers of the requests where the problem arose. If the problem is not resolved, IANA staff will escalate the problem to the following team members in this order as applicable:

         IANA Function Liaison for Root Zone Management;

         IANA Functions Program Manager; and

         Ombudsman (voluntary step).

368                 Efforts are made to resolve complaints as soon as possible but the structured process above allows escalation of complaints to the IANA management team. If, at any point, the complainant is not satisfied with the resolution process, the complainant can use the Ombudsman (or similar process) instead.

 

369                 Who can use the process?

370                 This process is open to anyone. [52] The functions include:

  • Protocol Parameters management, including the management of the .ARPA TLD.
  • Root Zone Management;
  • Root DNS KSK Management;
  • Internet Number Resources Allocation; and
  • Management of the .INT TLD.

371                  

372                 What information must be provided?

373                 In addition to providing the ticket numbers for the requests where the problem arose, the customer should provide any other information that may be needed to understand and resolve the complaint.

 

374                 What is the expected time line?

375                 Receipt of a complaint will be acknowledged within one business day and a substantive response will be sent within two business days. Efforts will be made to resolve complaints as soon as possible.

 

376                 Is there another resolution process?

377                 The Ombudsman or similar service can help resolve problems using Alternative Dispute Resolution techniques. (In the case of the current IANA Functions Operator, the ICANN Ombudsman web pages have more details.)

378                 Escalation contact information for the current IANA Functions Operator (ICANN)

Role

Name

Email Address

IANA

IANA Staff

iana@iana.org

IANA Function Liaison for Technical Protocol Parameters Assignment

Michelle Cotton

michelle.cotton@icann.org

IANA Function Liaison for Root Zone Management

Kim Davies

kim.davies@icann.org

IANA Function Liaison for Internet Number Resource Allocation

Naela Sarras

Naela.sarras@icann.org

IANA Functions Program Manager

Elise Gerich

elise.gerich@icann.org

Ombudsman

Chris LaHatte

ombudsman@icann.org

 

379                 If an issue is escalated to members of the IANA team and/or to the Ombudsman or equivalent, the CSC is notified of the issue for informational purposes only.

380                 Phase 2 (for IANA naming services only)

381                 Should the issue not be resolved after Phase 1, the following escalation mechanisms will be made available to direct customers, the IFO and the ICANN Ombudsman: [53]

a)        If issue is not addressed, the complainant (direct customer), IFO or the ICANN Ombudsman may request mediation. [54]

b)        CSC is notified of the issue by complainant and/or the IANA Functions Operator. CSC reviews to determine whether the issue is part of a persistent performance issue and/or is an indication of a possible systemic problem. If so, the CSC may seek remediation through the IANA Problem Resolution Process (see Annex J).

c)        The complainant (direct customer) may initiate an Independent Review Process or pursue other applicable legal recourses that may be available, if the issue is not addressed.


Annex J - IANA Problem Resolution Process (for IANA naming services only)

382                 (New procedure)

383                 Problem resolution (including responding to persistent performance issues or systemic problems)

384                 The Customer Standing Committee (CSC) is authorized to monitor the performance of the IANA Functions against agreed service level targets on a regular basis. In the event that persistent performance issues are identified by the CSC, the CSC will seek resolution in accordance with a Remedial Action Plan, which includes:

1)       CSC reports persistent performance issues to the IANA Functions Operator staff and requests remedial action in a predetermined number of days.

2)       CSC confirms completion of remedial action.

3)       If CSC determines that the remedial action has been exhausted and has not led to necessary improvements, the CSC is authorized to escalate to the PTI Board and further if necessary.

4)       If the performance issues are still not resolved after escalation to the PTI Board, the CSC is authorized to escalate to the ccNSO and/or the GNSO, [55] which might then decide to take further action including the initiation of a Special IFR.

385                 Systemic problems

386                 The IANA Function Review will include provisions to consider and address whether there are any systemic issues that are impacting IANA naming services.



Annex K - Root Zone Emergency Process

387                 In addition to general staff availability during standard business hours, the IANA Functions Operator will continue to provide TLD managers with a 24×7 emergency contact number that allows TLD managers to quickly reach the IANA Functions Operator to declare an emergency and seek to expedite a Root Zone change request. The IANA Functions Operator will execute such changes in accordance with the obligations of the standard Root Zone management workflow as expeditiously as possible. This prioritization will include performing emergency reviews of the request as the first priority, out of ordinary business hours if necessary, and informing its contacts at the Root Zone Maintainer [56] of any pending changes that will require priority authorization and implementation.

388                 Please note that both figures below are consistent with existing processes but terminology has been updated to ensure consistency and general applicability.

Figure 1.2-41. 24x7 Emergency Process

 


Figure 1.2-42. 24x7 Emergency Process Step-by-Step Description

 

1

TLD Contacts Call Center

Description

All TLD managers are provided with an emergency contact telephone number that will reach a 24x7 call center.

2

DOES CALLER DECLARE AN EMERGENCY?

Description

The caller is asked if the issue is an emergency that requires an urgent root zone change, and can not wait until regular business hours.

3

CALL IANA Functions Operator DURING BUSINESS HOURS

Description

In the event the caller decides it is not an emergency, their contact details are logged and they are advised to speak to IANA Function staff during regular business hours.

4

FOLLOW INSTRUCTIONS AND ASK QUESTIONS

Description

Call center staff follow a set of instructions to solicit relevant information relating to the nature of the emergency, and the contact details of the TLD manager.

5

SEND EMAIL TO ROOT-MGMT@IANA.ORG

Description

The particulars of the emergency call are sent by the call center staff to the ticketing system. This opens a ticket and starts an audit log of the specific request.

6 CALL CENTER REACHES THE IANA Functions Operator EMERGENCY RESPONSE TEAM

 

Description

The call center has the emergency roster of IANA Functions staff, as well as escalation points for IANA Functions Operator senior management. The call center will call through the roster until they contact a person to hand the issue to. The IANA Function staff member that receives the issue will be the primary person responsible for resolution of the issue.

7

HAS SOMEONE FROM THE ROOT ZONE MANAGEMENT (RZM) TEAM BEEN INFORMED?

Description

The primary person responsible checks if the Root Zone Management team within the IANA Functions staff is aware of the issue.

8

PASS INFO ON TO RZM TEAM

Description

If necessary, information relating to the emergency request is communicated to the Root Zone Management team.

9

RZM TEAM CONTACTS TLD MANAGER

 

Description

The IANA Functions staff performing the root zone management functions contacts the TLD manager using the contact details provided to the call center. The nature of the issue is discussed in more detail, and a plan is devised to resolve the issue.

10

RZM TEAM CONFIRMS EMERGENCY

Description

Following dialog with the TLD manager, the RZM team confirms the particulars of the issue and the need to perform an emergency root zone change to resolve the issue.

11

INFORM TLD ABOUT APPROPRIATE OPTIONS

 

Description

In the event the TLD manager and RZM team deem that an emergency root zone change can not resolve the issue, IANA Functions Operator will inform the TLD manager about what other options they have to resolve the issue.

12

VALIDATE REQUESTED CHANGES

 

Description

IANA Functions Operator validates the request in accordance with the standard procedures described in the Root Zone Change process, including performing technical checks and performing contact confirmations. IANA Functions Operator takes steps to conduct these as quickly as possible.

13

GIVE HEADS UP TO Root Zone Maintainer

 

Description

IANA Functions Operator takes all available steps to inform personnel at the Root Zone Maintainer that there is an active emergency change request being conducted, and encourages the Root Zone Maintainer to process the request as quickly as possible.

14

ACT ACCORDING TO ROOT ZONE CHANGE REQUEST PROCESS EXPEDITIOUSLY

 

Description

IANA Functions Operator executes the root zone change request as quickly as possible according to all standard policies and procedures. IANA Functions Operator prioritizes the rapid implementation of the request above other requests at normal priority.

 


Annex L – Separation Process

389                 In the event that an IANA Function Review results in a decision to initiate a separation process, the following processes must be followed.

390                 If the IFR determines that a separation process is necessary, it will recommend the creation of a Separation Cross Community Working Group (SCWG). This recommendation will need to be approved by a supermajority of each of the GNSO and the ccNSO Councils, according to their normal procedures for determining supermajority, and will need to be approved by the ICANN Board after a public comment period, as well as a community mechanism derived from the CCWG-Accountability process. [57]   A determination by the ICANN Board to not approve a SCWG that had been supported by a supermajority of the ccNSO and GNSO Councils will need to follow the same supermajority thresholds and consultation procedures as ICANN Board rejection (by a supermajority vote) of a PDP recommendation that is supported by a GNSO supermajority.

391                 There will be no prescribed result arising from the separation process. It will be empowered to make a recommendation ranging from “no action required” to the initiation of an RFP and the recommendation for a new IFO, or the divestiture or reorganization of PTI. The SCWG will follow the overall guidelines and procedures for ICANN Cross Community Working Groups. The SCWG working procedures should ensure transparency to the fullest extent possible by creating open discussion listservs and holding open calls, with read- or listen-only modes for non-participants. [58]

392                 Composition

393                 The SCWG will be composed as follows: [59]

         ccNSO - 2

         ccTLDs (non-ccNSO) - 1  

         Registry Stakeholder Group (RySG) - 3

         Registrar Stakeholder Group (RrSG) - 1

         Commercial Stakeholder Group (CSG) - 1

         Non-Commercial Stakeholder Group (NCSG) - 1

         Government Advisory Committee (GAC) - 1

         Security and Stability Advisory Committee (SSAC) - 1

         Root Server Operators Advisory Committee (RSSAC) - 1

         At-Large Advisory Committee (ALAC) - 1

         CSC Liaison (selected by CSC) - 1

         Special IFR Team Liaison (selected by IFR Team) - 1

         Liaison from Protocol operational community - 1 (TBD with their approval)

         Liaison from Numbers operational community - 1 (TBD with their approval)

394                 Each group will be responsible for appointing its own representative to the SCWG. In the case of the non-ccNSO ccTLD representative, the ccNSO will be the appointing body; in appointing the non-ccNSO representative it is strongly recommended that the ccNSO also consult with the Regional ccTLD Organizations, namely AfTLD, APTLD, LACTLD, and CENTR.

395                 It is strongly recommended that the representatives appointed to the SCWG be different representatives than those that participated in the Special IFR (with the exception of the liaison to the IANA Function Review Team appointed by the CSC). This will provide an additional check, accounting for the fact that different skill sets may be required for the two processes, and provide for broader community representation in the IANA oversight process.

396                 To the extent possible, it is recommended that individuals with experience managing an RFP process be appointed to the SCWG. For communities appointing more than one representative to the SCWG it is strongly advised that, to the extent possible, the appointed representatives come from different ICANN geographic regions, to provide for diversity on the SCWG. [60]

397                 Responsibilities

398                 The SCWG will be responsible for:

         Determine how to resolve the issue(s) which triggered formation of the SCWG; and

         If the decision is to issue an RFP:

         Developing RFP Guidelines and Requirements for the performance of the IANA Naming Functions;

         Soliciting input on requirements to plan, and participation in, the RFP Process;

         Reviewing responses to the RFP [61] ;

         Selecting the entity that will perform the IANA Naming Functions; and

         Managing any other Separation Process.

         If a different process such as PTI divestiture or other reorganization is to be recommended, develop recommendations for that process.

399                 The selection of a new   operator to perform the IANA Naming Functions or other separation process will be subject to approval by the ICANN Board, and a community mechanism derived from the CCWG-Accountability process. [62] A determination by the ICANN Board to not approve a recommendation by the SCWG that had been supported by a supermajority of the ccNSO and GNSO Councils will need to follow the same supermajority thresholds and consultation procedures as ICANN Board rejection (by a supermajority vote) of a PDP recommendation that is supported by a supermajority of the GNSO.

The entity prevailing in the RFP will carry out the role currently performed by PTI for the IANA naming functions. ICANN   will remain the contracting party for the performance of the IANA   naming functions and would enter into a contract, including a   statement of work, with this entity. If PTI were selected to continue performance of the IANA Functions, it would remain an affiliate of ICANN (unless a structural change was a condition of the bid proposal or of the selection). Otherwise, the new entity   would be a subcontractor for the performance of the IANA Functions.   It should be noted that this does not address the way   that non-naming IANA functions would be provided; depending on the   arrangements with other communities, it is possible that those   functions would move in concert with the naming functions; it is   equally possible that they would not .

400                 CCWG Accountability Dependencies

401                 Enumeration of the relevant accountability mechanisms that could or must be exhausted before a separation process could be triggered:

         Creation of an ICANN fundamental bylaw to describe the IANA Function Review (IFR) and establish the above voting thresholds for triggering a Special IFR and approving the outcomes of an IFR.

         Creation of an ICANN fundamental bylaw to describe the procedure for creating the SCWG and its functions and establish the voting thresholds for approval of a new operator for the performance of the IANA Functions or other end-result of the SCWG process.

         Approval by a community mechanism derived from the CCWG-Accountability process to approve the final selection of the SCWG (if this tenet of the CCWG-Accountability proposal is not implemented a new approval mechanism will have to be put in place.

         Per the above separation process the selection of the entity that would perform the IANA naming functions following a separation process will require community approval through the established mechanism derived from the CCWG-Accountability process.

 


Annex M – Framework for Transition to Successor IANA Functions Operator

402                 Framework principles

         The integrity, stability, and availability of the IANA Functions must be the core concern during any transition of the IANA Functions.

         Both the incumbent and any possible future IANA Functions Operator will be required to fully engage in the transition plan.

         All involved parties will be required to provide appropriate transition staff and expertise to facilitate a stable transition of the IANA operations.

403                 Framework recommendations

1)       The transition framework outlined in this document must be further developed into a detailed, fully functional, transition plan within 18 months of the date of implementation of the overall IANA Stewardship Transition.

2)       The budget for IANA operations should be augmented with specific funding for the detailed transition plan development referred to in 1 (see above).

3)       The process established for the potential transitioning of the IANA Functions to an operator other than the incumbent operator should specifically recognize that the detailed transition plan referred to in 1 (see above) must be in place before the commencement of the transitioning process.

4)       Once developed, the full Transition to Successor IANA Functions Operator Plan should be reviewed every year to ensure that it remains up to date and every five years to ensure that it remains fit for purpose.

 

404                 Dependencies

405                 Some elements of this framework may have to be adapted further depending on the CWG-Stewardship names model selected and the final transition proposal from the ICG to NTIA.

406                 Additionally, part of the final proposal development work will need to identify those elements/clauses of the CWG-Stewardship’s proposal that are relevant to the transition framework (using the NTIA-ICANN Functions Contract clauses table in C.7.3 for guidance).

407                 Note on terminology : While the current plan is based on a contractual relationship between the NTIA and ICANN, the CWG-Stewardship has elected to refer to the “operator” of the IANA Functions rather than “contractor” for the purposes of this annex.  So ICANN as the current operator is referred to as the Incumbent IANA Functions Operator (IIFO) and the successor operator is referred to as the Successor IANA Functions Operator (SIFO) in this Annex M.

 

408                 (Revised) plan: framework for transition to Successor IANA Operator                                                    

409                 This framework plan outlines key actions that will allow the incumbent IANA Functions Operator (IIFO) to ensure an orderly transition of the IANA Functions to a successor IANA Functions Operator (SIFO) while maintaining continuity and security of operations.

410                 Document structure

411                 This document identifies those functions, systems, processes and documents that might need to be transitioned by the incumbent IANA Functions Operator, including actions that would be required to allow a successor operator to perform the IANA Functions.

412                 Additional documents of importance to a transition include: [63]

         Current KSK Operator Function Termination Plan.

         Current CCOP (DIDP was not able to be released as requested through the DIDP process due to security and stability related concerns).

         Current ICANN Plan for Transition to Successor Contractor.

 

413                 Transition actions

1)       IANA website: The Incumbent IANA Functions Operator will transfer the content of the IANA website and provide copies of, or links to, the publicly available text for all processes, performance standards, request templates, and other pages used to support operations or provide context to reporting. Intellectual property rights related to the IANA website and published documents will need to be assigned or licensed to the successor operator.

2)       IANA Functions registry data : Data held by IANA Functions Operator will also need to transition, and some of that data will affect other communities; details of the data that is being transitioned will be determined when the full transition plan is produced.

3)       Root Zone automation system: The Incumbent IANA Functions Operator will transfer relevant information and management software, as appropriate and as determined by the transition plan.

4)       Request history data: The Incumbent IANA Functions Operator will provide a copy of the databases it has used to store requests data, including ticketing systems and workflow management systems used for protocol parameter registries and the maintenance of the DNS Root Zone. The Incumbent IANA Functions Operator will also provide copies of any published reports and paper records it holds supporting these request histories.

5)       Documentation and knowledge: The Incumbent IANA Functions Operator will provide a copy of all documentation that captures formalized processes, institutional knowledge and experience related to the operation of the IANA Functions. The IIFO is also encouraged to provide documentation related to Monthly Performance Progress reports, Customer Satisfaction Surveys, External Auditor reports, Conflicts of Interest processes established by the IIFO, and the IIFO’s Contingency and Continuity of Operations Plan.

6)       Secure notification system data The Incumbent IANA Functions Operator will provide details of the notification categories, the subscribers to those categories and a history of notifications.

7)       Root KSK transition In 2010, ICANN developed a Root Zone KSK Operator Function Termination Plan that sets out the steps ICANN will take if required to transition its duties and responsibilities as the Root Zone Key Signing Key (KSK) operator to another entity. This plan was provided to NTIA in 2010. [64] That plan requires that a full KSK rollover be done so the successor starts fresh. [65]

8)       Transition assistance : The Incumbent IANA Functions Operator will assist the successor IANA Functions Operator during the transition period until the time the requisite service levels, security and stability are achieved. Such assistance would include training the employees of the successor IANA Functions Operator and developing training material.

9)       Security for data retention : The Incumbent IANA Functions Operator will continue to provide security for any data retained by it after transferring such data to the successor IANA Functions Operator.

 


Annex O - ccTLD Appeals Mechanism Background and Supporting Findings

414                 While the CWG-Stewardship’s 1 December, 2014 draft proposal contained an appeal mechanism that would have applied to ccTLD delegation and redelegations, some question arose as to the level of support within the ccTLD community on aspects of this proposal (see below). Design Team B was formed to assess whether there might be sufficient consensus within the ccTLD community on such an appeal mechanism.  DT-B decided to undertake a survey of the ccTLD community to assess this (see the survey and the results summarized below). 

415                 After informing the ccTLD community about the upcoming survey, it was sent to the ‘ccTLD World’ list, the most comprehensive list of the managers of the 248 ccTLDs on March 23, 2015 with responses accepted to 3 April 2015. Overall, responses on behalf of just 28 managers were received (see below). Such a low level of response was judged to be an insufficient basis to provide a mandate for the inclusion of an appeal mechanism in the CWG-Stewardship’s proposal. While acknowledging the limitations of drawing any conclusions from a survey with such a low response rate, it is nevertheless worthwhile pointing out that these limited responses tended to reinforce the overall recommendation.

416                 While 93% of respondents (Q.1) believe there is a need for an appeal mechanism, only 58% (Q.2) believe that it should be developed and introduced now as part of the IANA Stewardship Transition and 73% (Q.3) agreed that it should be developed and introduced after the IANA Stewardship Transition has taken place. Questions designed to probe the level of consensus on the parameters of such an appeal mechanism (see Q.5 – Q.9) elicited no consensus suggesting that it would take considerable time for the ccTLD community to come to a consensus view on the details of an appeal mechanism. Some 71% of respondents (Q.3) indicated that they would not wish to see the design of such a mechanism delay the finalization of the IANA Stewardship Transition.

417                 Survey of ccTLD Managers on Need for Appeal Mechanism for ccTLD Delegations and Redelegations

418                 On 1 December 2014, the Cross Community Working Group on NTIA Stewardship Transition issued a draft proposal which contained a proposal for an “independent appeals panel”:

419                                          “Independent Appeals Panel (IAP) - The CWG-Stewardship recommends that all IANA actions which affect the Root Zone or Root Zone WHOIS database be subject to an independent and binding appeals panel. The Appeals Mechanism should also cover any policy implementation actions that affect the execution of changes to the Root Zone File or Root Zone WHOIS and how relevant policies are applied. This need not be a permanent body, but rather could be handled the same way as commercial disputes are often resolved, through the use of a binding arbitration process using an independent arbitration organization (e.g., ICDR, ICC, AAA) or a standing list of qualified people under rules promulgated by such an organization.”

420                 There exists in the ccTLD community an apparent lack of consensus on the question of the introduction of an ‘appeals mechanism’ in respect of ccTLD delegations and redelegations.  At  ICANN 51  in Los Angeles  an overwhelming majority of ccTLD representatives at the 15 October 2014 ccNSO meeting indicated their wish for an ‘appeal mechanism’ as part of the IANA transition, though what was meant by ‘an appeal mechanism’ was not defined.  In a survey of all ccTLD managers undertaken in November 2014, 94% of respondents agreed that ‘if the IANA operator does not perform well or abuses its position, the affected ccTLD should have the opportunity to (have access to) an independent and binding appeal process’.  The expression of need resulted in the appeal mechanism proposal that the CWG-Stewardship released on 1 December 2014. The proposal indicates that such a mechanism could be used in disputes over the consistency of ccTLD delegation or redelegation decisions.

421                 A survey was undertaken in January of this year of CWG-Stewardship members and participants (this includes representation from many communities, not just ccTLD managers) on many aspects of the CWG-Stewardship’s 1 December proposal.  It found that 97% of respondents agreed that, “ ccTLD registry operators should have standing to appeal delegation and re-delegation decisions to which they are a party that they believe are contrary to applicable laws and/or applicable approved ccTLD policy ”.  However when questions were posed about potential specific parameters of such an appeal mechanism support for it was reduced.  For example, only 54% of respondents agreed that “ ccTLD registry operators should have standing to appeal delegation and redelegation decisions to which they are a party that they believe are contrary to applicable laws and/or applicable approved ccTLD policy, even if the operator is not a party involved in the delegation or redelegation”. In addition, only 60% of respondents agreed that, “ Governments should have standing to appeal any ccTLD delegation or redelegation decisions that they believe are contrary to applicable laws ”.

422                 This information suggests that while there may be support for an appeal mechanism in general, consensus may be difficult to achieve on some of the important aspects of such a mechanism, including:

         Who would ‘have standing’ to appeal decisions,

         What aspects of decisions might be subject to an appeal,

         Whether the scope should be limited to determining whether the process followed was complete and fair,

         Whether the dispute resolution panel would have the authority to substitute its own view on a delegation, for example, direct that the incumbent manager be retained rather than a proposed new manager, or

         Be limited to requiring that the delegation process be repeated.  

 

423                 As a consequence, this survey is intended to determine whether they might be sufficient consensus within the ccTLD community as a whole to seek a binding appeal mechanism and if so, whether this should be sought as part of the IANA Stewardship Transition process. 

424                 Questions

425                 Overall Need for an Appeal Mechanism

1)       Do you as a ccTLD manager believe that there is a need for an appeal mechanism on ccTLD (re)delegation decisions?

2)       If you answered ‘yes’ should such a mechanism be

a)        Developed now and introduced as part of the IANA Stewardship Transition, or

b)        Developed later, likely by the ccNSO, and introduced after the IANA transition has taken place.

3)       If the design of this appeal mechanism were preventing the finalization of the IANA Stewardship Transition, would you agree to defer finalizing it so that the IANA process could be completed (this would likely entail the ccNSO proceeding with a separate process).
 

426                 Form of Appeal Mechanism and Composition of Panel

4)       The CWG-Stewardship indicated it believes that an appeal need not be a permanent body, but rather could be handled the same way as commercial disputes are often resolved, through the use of a binding arbitration process, an independent arbitration organization, such as the ICC, ICDR or AAA, or a standing list of qualified panelists under established rules promulgated by such an organization.  The CWG-Stewardship recommended that a three-person panel be used, with each party to a dispute choosing one of the three panelists, with these two panelists choosing the third panelist. Do you agree with this overall approach to establishing an appeal mechanism? Do you have another idea – please indicate.

5)       Where there is a panel of individuals, should they be chosen:

a)        From a list of recognized international experts regardless of country, or

b)        From individuals the country that the ccTLD represents.

c)        In another manner (please specify).

 

427                 Eligibility to Appeal a (re)delegation decision.

6)       Who do you believe should be permitted to appeal a ccTLD (re)delegation decision?

a)        The governmental or territorial authority referred to in a. above?

b)        The incumbent ccTLD manager?

c)        Other individuals, organizations, companies, associations, educational institutions, or others that have a direct, material, substantial, legitimate and demonstrable interest in the operation?

7)       Should any of the parties referenced above be excluded from the appeals process? If yes, please indicate.

 

Scope and Authority of the Appellant Organization

8)       Should there be any limit on the scope of the appeal?

a)        Should the scope be limited to questions about whether procedures have been followed properly?

b)        Should a panel have the authority to order that an existing delegation process be done again?

c)        Should it have the authority to suspend a pending delegation?

d)       Should it have authority to order to revoke and existing delegation?

e)        Should it have the authority to order that another party be delegated the ccTLD?

428                 Survey Results

Question

Data

Percentage

 

Yes

No

Total

Yes

No

1.    Do you as a ccTLD manager believe that there is a need for an appeal mechanism on ccTLD (re)delegation decisions?

26

2

28

93

7

2.   If you answered ‘yes’ should such a mechanism be -

 

 

 

 

 

a.

Developed now and introduced as part of the IANA Stewardship Transition

14

10

24

58

42

b.

Developed later and introduced after the IANA transition has taken place.

11

4

15

73

27

3.   If the design of this appeal mechanism were preventing the finalization of the IANA Stewardship Transition, would you agree to defer finalizing it so that the IANA process could be completed (this would likely entail the ccNSO proceeding with a separate process).

20

8

28

71

29

4.   The CWG-Stewardship indicated it believes that an appeal mechanism need not include a permanent body. It suggested that disputes could be handled the same way as many commercial disputes, through the use of a binding arbitration process, using an independent arbitration organization, such as the ICC, ICDR or AAA, or a standing list of qualified panelists under established rules promulgated by such an organization.

The CWG-Stewardship recommended using this approach and that it use a three person panel, with each party to a dispute choosing one of the three panelists, with these two panelists choosing the third panelist. Do you agree with this overall approach to establishing an appeal mechanism?

13

8

21

62

38

 

Do you have another idea – please indicate.

 

The approach should not be designed now.

However I do not see any reason to decide on how it will be set now

An "as and when" appeal panel is good because it allows panelist rotation which is an important safeguard against (permanent) panelist that may be lobbied or influenced by parties to a delegation dispute. One can have more confidence in a decision taken by a jointly agreed panel which is only convened for a specific dispute. The only potential challenging area is the choice of a 3rd panelist by the 2 appointed panelists. It may be more plausible to leave the appointment of the 3rd panelist to an arbitration organisation instead of the individual panelists themselves.

I think ALL panelist should be chosen independently from each other, from an approved list of panelists, similar to a jury selection process.

Let the ccs develop their own mechanism

I do not think a central appeals mechanism is workable for ccTLD del/redel appeals but would think that every ccTLD designs its own appeals mechanisms together with its own local internet community (including the relevant government(s).

The ccTLD community should be empowered enough to seek redress at an international independent court  in case of unfair treatment by IANA functions Operator. Since national laws are respected in ccTLD policies processes and development, disputes involving Governments with the IANA Functions Operator requires a mechanism that would be acceptable to such sovereign nations. I will suggest Court of Arbitration for IANA functions at the International Court of Appeal at the Hague, similar to Court of Arbitration for Sports put in place by FIFA.

The issues are either much more complicated (for example, contested re-delegations) than could be sensibly dealt with by an independent appeals group, or are much simpler in that they just look to see whether due process has been followed and documented.  In the first case, I would oppose the creation of such a group.  In the second, it would work, but would not necessarily need a complex solution as is proposed.  2.  There will be issues for ccTLDs of an organisation in another jurisdiction having a say over the national ccTLD.  This is not an acceptable position.

ce qui importe, c'est surtout la base sur laquelle ce panel doit se prononcer. Concernant les CCTLD, le cadre légal et réglementaire national doit être la base de la décision prise sur un recours, en même temps que le respect des procédures techniques de délégation - redélégation

5.   Where the appeal mechanism uses a panel of individuals, should they be chosen:

 

 

 

 

 

a.

From a list of recognized international experts regardless of country

11

13

24

46

54

b.

From individuals the country that the ccTLD represents.

11

10

21

52

48

c.

In another manner (please specify)

(no responses)

6.   Who do you believe should be permitted to launch an appeal a ccTLD (re)delegation decision?

 

 

 

 

 

a.

The governmental or territorial authority associated with the ccTLD?

23

3

26

88

12

b.

The incumbent ccTLD manager?

24

0

24

100

0

c.

Other individuals, organizations, companies, associations, educational institutions, or others that have a direct, material, substantial, legitimate and demonstrable interest in the operation?

5

16

21

24

76

7 .  Should any of the parties referenced above be excluded from the appeals process? If yes, please indicate.

 

The FOI recommends only that the incumbent manager should have the right to appeal a non-consented revocation decision.

As already mentioned, my understanding was that the goal of the survey was to learn if the appeal mechanism is needed in general; than decide if it is mandatory at this stage of project to enable its completion within planned time frame. So my preliminary answer to all the questions here was YES, however as already pointed out the detail design of the mechanism may be agreed and completed later on.

"Other individuals, organisations...." should be excluded because their interest will be very hard to define & quantify. For example, if the ccTLD in dispute accredits foreign registrars, then foreign registrars have interest in the ccTLD operation even though they may not be from the concerned ccTLD country. Rather, let us keep the appeal process to the concerned government & to the incumbent ccTLD manager.

No, but there should be clear guidelines on what issues can trigger a valid appeal to prevent appeals tying up the process of running a ccTLD and wasting time and money.

Let the ccs develop their own process...who can appeal and the scope will depend on the development of that

anyone with a relevant interest (to be determined locally per ccTLD)

There might be good reason for the third category, but it would be in limited cases where the role of these organisations was already defined.

dans une décision de délégation -redélégation, on peut s'attendre à ce que l'autorité territoriale soit celle qui effectue la demande, et que le conflit se situe entre elle et le gestionnaire du CCTLD. Les autres parties, qui doivent être consultées (consensus de la communauté internet locale) ne devraient pas pouvoir interjeter appel d'une décision, sauf à rendre le processus extrêmement instable.

8.  Should there be any limit on the scope of the appeal?

19

7

26

73

27

9.  Should the scope be limited to questions about whether procedures have been followed properly

18

8

26

69

31

a.

Should a panel have the authority to order that an existing delegation process be done again?

17

8

25

69

31

b.

Should it have the authority to suspend a pending delegation?

14

6

20

70

30

c.

Should it have authority to order to revoke and existing delegation?

4

21

25

16

84

d.

Should it have the authority to order that another party be delegated the ccTLD?

2

22

24

8

92

 


Annex P – IANA Operations Cost Analysis

429                 Preamble:

430                 The cost estimate below corresponds to a "fully absorbed" IANA Functions operations cost for ICANN. It therefore reflects the benefit of leveraging economies of scale from ICANN's infrastructure and expertise of other functions. The fully absorbed IANA Functions operations cost within another entity would be different, as would be a "standalone" cost estimate as the cost of a fully operational and mature IT infrastructure would be higher, economies of scale would not exist, and additional costs of operating a separate organization would be created (relative for example to governance, communication, reporting...).

431                 The below analysis includes a placeholder estimate for the annual depreciation of assets, but does not include any capital costs, or representation of the value of the capital assets that are currently supporting the IANA Functions as operated by ICANN.

9)       US Dollars in millions

Using the FY15 Budget basis

10)    Description

11)    [A]

12)    Direct Costs (IANA department)

$2.4

These costs cover direct and dedicated personnel (12 employees) and associated costs assigned to delivering the

IANA functions: registration and maintenance of protocol parameter registries; allocation of Internet numbers and the maintenance of the Internet number registries; validation and processing of root zone change requests as well as maintenance of the root zone registry; management of the .int and .arpa domains; and holder of the root zone key signing key for the security of the DNS root zone.

13)    [B]

14)    Direct Costs (Shared resources)

$1.9

Within ICANN departments other than the IANA department perform or participate in processes directly related to the delivery of the IANA functions.

The costs of the activities carried out by other departments to perform the IANA Functions were evaluated by each department's budget owners by identifying the direct external costs (professional services, infrastructure,...), and estimating the time spent by personnel from the department on the identified activities valued at the annual cost of each employee (base+benefits).

The full description of the activities that are carried out by those departments are summarized below:

-   Request processing - IT

-   Root Key Signing - IT, Registry technical Services, SSR, GSE

-   IANA Website - IT, Legal, Web-admin

-   Protection of data and systems - IT, Security, Legal

-   Continuity and Contingency of service - IT

-   Conflict of Interest assertions - IT, Legal

-   Monthly reporting of performance - IT, Legal, Gov. Engagement

-   Administrative support (shared with Compliance)

-   Annual updates to Agreements - Legal

15)                The Direct costs of shared resources also include a placeholder estimate for the depreciation costs of capital assets of 0.5m.

16)    [C]

17)    Support functions allocation

$2.0

18)    Support functions which organize the ability for operational activities to be carried out.

The total costs of these functions [D], after excluding the shared from those functions included in [B], were divided by the total costs of operational functions [E], to determine a percentage of support functions ([D]+[E]= total costs of ICANN Operations).

19)    This percentage was then applied to the total costs of IANA (both IANA department direct costs and shared resources direct costs as defined above), to determine a cost of support function allocated to IANA. This cost [C] is additive to [A] and [B].

20)    List of functions included:

-   Executive

-   Communications

-   Operations (HR, Finance, Procurement, ERM, PMO/BI, HR development, Operations Executive, Administrative / Real Estate)

-   IT (cyber-security, admin, infrastructure, PMO, Staff facing solutions)

-   Governance support (Legal, Board support, NomCom)

Total Functional costs of IANA Functions operations

$6.3

 

 

432                 [B] Direct costs (shared resources), associated with operations of the IANA Functions and dependencies on other ICANN departments:

21)    Request processing

a)        RT trouble ticketing system supported and provided by IT

b)        RZMS software development, support and maintenance by IT

c)        Email system provided and supported by IT

d)       Online connectivity provided and supported by IT

e)        OFAC checks supported by Legal

f)         Board resolutions reviewed by Legal/sometimes drafted by Legal.  Delegation/Redelegation Reports reviewed by Legal on an as- ­ needed basis

g)        All hardware and infrastructure provided and supported by IT

h)       Support from GSE to gather information for ccTLD requests

22)    Root Key Signing

a)        Roles in ceremonies by IT, Registry Technical Services, SSR, Strategy, GSE, and program department

b)        Suite of Security documents reviewed and adopted by SSR and IT departments

c)        Facility rent and connectivity to the Key Management Facility (KMF) provided by IT

d)       DNSSEC SysTrust Audit requires work samples from IT, Legal, and SSR

e)        Third Party Contract/RFP prepared by Procurement and reviewed by Legal

23)    IANA Website

a)        Hardware provided, administered, and supported by IT

b)        Contract compliance requirements reviewed by Legal

c)        Web- ­ admin support to post reports and documents on ICANN website

24)    Security to protect data and systems

a)        Security plan reviewed and accepted by IT and SSR

b)        Reviewed by Legal prior to submission to NTIA

25)    Continuity and Contingency of service

a)        Dependent on IT and Finance

b)        Plan reviewed by IT, SSR, HR, Legal, and Finance prior adoption

26)    Conflict of Interest compliance

a)        Annual report prepared by HR and Legal

27)    Monthly reporting of performance

a)        Posted on hardware maintained and administered by IT

b)        Contract compliance requirements reviewed by Legal

28)    Customer Service Survey

a)        RFP prepared by Procurement

b)        Final report from 3rd party reviewed by Legal prior to posting

29)    Administrative support

a)        Share Administrative Assistant with Contractual Compliance 50% dedicated to supporting IANA department

30)    Annual updates to Agreements

a)        Legal review of annual Supplemental Agreement to the IETF MOU


Annex Q – IANA Budget

433                 The costs of providing the IANA services by ICANN under its agreement with the NTIA are currently not sufficiently separated from other ICANN expenses in the ICANN operating plans and budgets to determine reasonable estimates of projected costs after the IANA stewardship is transferred away from NTIA. The need for clearer itemization and identification of IANA Functions operations costs is consistent with current expectations of the interested and affected parties of the IANA Functions, and the broader community as expressed in ATRT1 and ATRT2, to separate policy development and IANA Functions operations. As a result, the CWG-Stewardship has provided recommendations with regard to the information and level of detail it expects to receive from ICANN in relation to the IANA budget in the future (see Section III.A, paragraph 161).

434                 In addition, the CWG-Stewardship recommends three areas of future work that can be addressed once the CWG-Stewardship proposal is finalized for SO/AC approval and again after the ICG has approved a proposal for IANA Stewardship Transition:

1)       Identification of any existing IANA naming services related cost elements that may not be needed after the IANA Stewardship Transition, if any.

2)       Projection of any new cost elements that may be incurred as a result of the IANA Stewardship Transition and in order to provide the ongoing services after the transition.

3)       A review of the projected IANA Stewardship Transition costs in the FY16 budget to ensure that there are adequate funds to address significant cost increases if needed to implement the transition plan without unduly impacting other areas of the budget.

CCWG Accountability Dependencies

Enumeration of the relevant accountability mechanisms relating to the IANA Budget:

  • The ability for the community to approve or veto the ICANN budget after it has been approved by the ICANN Board but before it comes into effect.  The community may reject the ICANN Budget based on perceived inconsistency with the purpose, mission and role set forth in ICANN’s Articles and Bylaws, the global public interest, the needs of ICANN stakeholders, financial stability or other matters of concern to the community.  The CWG-Stewardship recommends that the IFO’s comprehensive costs should be transparent and ICANN’s operating plans and budget should include itemization of all IANA operations costs to the project level and below as needed. An itemization of IANA costs would include “Direct Costs for the IANA department”, “Direct Costs for shared resources” and “Support functions allocation”.  Furthermore, these costs should be itemized into more specific costs related to each specific function to the project level and below as needed .  PTI should also have a yearly budget that is reviewed and approved by the ICANN community on an annual basis. PTI should submit a budget to ICANN at least nine months in advance of the fiscal year to ensure the stability of the IANA services. It is the view of the CWG-Stewardship that the IANA budget should be approved by the ICANN Board in a much earlier timeframe than the overall ICANN budget. The CWG (or a successor implementation group) will need to develop a proposed process for the IANA-specific budget review, which may become a component of the overall budget review.


Annex R : Evaluation Method for Implications

435                 For the purposes of this document “workability” will be defined as per the following methodology:

         Criteria to be evaluated:

         Complexity of the new method.

         Implementation requirements for the new method.

         Impact on the IFO for working with the new method.

         Impact on the IFO customers resulting from using the new method.

         Potential impact on the security, stability and resiliency of the DNS.

         Classification of evaluation of criteria:

         0 - signifies significant requirements or negative impact.

         1 - signifies moderate requirements or negative impact.

         2 - signifies minor requirements or impact.

         3 - signifies no requirements or impact.

 

436                 Scoring method: Add the score of all the criteria to generate a workability evaluation. The best possible score is 15 = 100% which would be judged very workable. The worst score possible would be 0 = 0% and should be considered completely unworkable. Beyond the total score other factors may influence the final workability assessment, such as considering changes which are evaluated as having a significant negative impact on the security, stability, and resiliency of the DNS, as being automatically unworkable. Overall unless there are special factors being considered, a score of 50% or above would be considered workable.

 

Summary of evaluations:

Element Being Analysed

Score

Evaluation

PTI as an affiliate of ICANN

score = 8/15 = 53%

workable