FINAL VERSION TO BE SUBMITTED IF RATIFIED
The final version to be submitted, if the draft is ratified, will be placed here by upon completion of the vote.
FINAL DRAFT VERSION TO BE VOTED UPON BY THE ALAC
The final draft version to be voted upon by the ALAC will be placed here before the vote is to begin.
As the principle voice of end users within the ICANN community, the At-large Advisory Committee (ALAC) supports the Security and Stability Advisory Committee (SSAC) in its efforts to address the issue of Name Collisions as it remains an area of some uncertainty. The ALAC urges the SSAC to proceed with the Name Collision Analysis Project (NCAP) Work Party's project plan and allocate enough time to do it right. We believe it is important to minimize the unintended consequences for end users. Name Collision occurs when a user, attempting to reach a private domain name, unintentionally reaches a public domain name and, as such, cut to the core of end user trust of the internet and could pose potential security issues.
The NCAP Work Party's project plan, as it currently stands, seems adequate without being excessive. We urge the SSAC to stay the course and not expedite the process for the benefit of any subsequent procedures. There is great anticipation, from parts of the community, for new applications but not only is a specific delay unlikely, given other factors, we believe it would be prudent for the SSAC to execute the project plan as submitted to provide the ICANN community with a holistic assessment of the risks.
Additionally, the ALAC seeks clarity on the SSAC's bidding process for work contemplated under this Draft Project Plan, as touched upon in sections 3.1 and 3.2. First, we appreciate the SSAC’s candour in disclosing that it will consider NCAP Work Party members’ bids (and that of their affiliates), but it remains unclear as to their overall status as compared to invited guests of the SSAC. Moreover, we see a potential issue with having only a select group of the SSAC community choosing with whom they will contract. The ALAC recommends that any decision with respect to contracting with either NCAP Work Party members and their affiliates or independent third-party contracting agents be taken by the whole SSAC (and excluding invited guests), and for SSAC to provide the ICANN community with adequate amount of notice with respect to any party with whom they wish to contract.
We believe that this recommendation will ameliorate concerns related to potential conflicts of interest that may arise.
FIRST DRAFT SUBMITTED
The first draft submitted will be placed here before the call for comments begins.
As the principle voice of end users within the ICANN community, the At-large Advisory Committee (ALAC) supports the Security and Stability Advisory Committee (SSAC) in its efforts to address the issue of Name Collisions as it remains an area of some uncertainty. The ALAC urges the SSAC to proceed with the Name Collision Analysis Project (NCAP) Work Party's project plan and allocate enough time to do it right. We believe it is important to minimize the unintended consequences for end users. Name Collision occurs when a user, attempting to reach a private domain name, unintentionally reaches a public domain name and, as such, cut to the core of end user trust of the internet.
The NCAP Work Party's project plan, as it currently stands, seems adequate without being excessive. We urge the SSAC to stay the course and not expedite the process for the benefit of any subsequent procedures. There is great anticipation, from parts of the community, for new applications but not only is a specific delay unlikely, given other factors, we believe it would be prudent for the SSAC to execute the project plan as submitted to provide the ICANN community with a holistic assessment of the risks.
We appreciate the opportunity to share our views on this matter. Thank you in advance for your time and consideration on this important issue.
17 Comments
Krishna Seeburn
I understand SSAC willingness to try and understand the name space collision rate. Please clear my mindset here. Apart from what i read IETF and a report on DNS name space report was produced 4 years back. I would like to understand the trigger here. Is it the problem that the new namespace out is generating which is really the problem. I hope someone can really make me understand. I look at new namespace that is mentioned within the draft. ..corp, .home, .mail. Will the not be handled the same original way as per reference above. Then every four years or two years the need to send some more money on reports? Sorry but i am trying to fit those in my mind but i can't understand the urgent need to do so. Also i want to know how the SSAC plans to get this reporting done. Is it that SSAC will send out survey material to be filled or hire a company to do the job?
Abdulkarim Ayopo Oloyede
I think they outlined how they would get the reporting done in different ways in the proposal and Its not SSAC that wants this done its the board resolution and not sure of the report you are referring too. Apologies if am not to respond to this, just trying to help since you need to clear your mindset.
Hadia Elminiawi
ICANN has deferred delegating .corp, .mail and .home as these gTLDs are commonly used in private networks, however this deferral is not forever, therefore there is a current need for such a project
Krishna Seeburn
Thanks...ok
I saw some of the updates and i'm in support of the updated draft. But i am part of those people who is not reluctant to reports or surveys.But if it brings a positive though-put then fine. As Alan says short and sweet and gets to the point.
Alan Greenberg
I strongly support the draft statement. It is short and to the point and may help counter those who are saying that it must not delay the new gTLD process.
Abdulkarim Ayopo Oloyede
I think the this WP has done a lot of good work and provided a lot of information, especially with the risk management. My concern is the rationale behind the 3 workshops. My thinking is that each workshop should be dedicated to addressing issues with each of the three studies. Having the workshops during ICANN meetings might be attractive but I think it might not meet up with the timeline except if the timeline is not concurrent. For the workshops to be during ICANN meetings might lead to a significant overlap of the three proposed studies.
Looking at the risks involved I would also think that there is a need to allocate more time (or change the approach)to study 1 despite the fact that it was stated that a lot of work has been done in this area. Bringing everyone up to speed might require more time than anticipated with the proposed approach. More importantly that the work is expected to start with volunteers while others are brought in later. Therefore, I would suggest that the membership of NCAP WP should be better defined from the unset rather than starting with volunteers and then bring in experts later.
I agree with the transparency fact and that views should be accepted from outside of the WP but this must be done within a timeframe that should also be set in the plan for the views of NCAP DG to be reflected.
The way the COI is structured is a bit not clear. On one hand, it says you can reject membership based on significant COI, on the other hand, there is an acknowledgement of the potential of involving members companies because it is a niche area. I agree its a niche area but there would be significant COI. I don't know what to suggest in this case as its a difficult situation and there has to be a balance. Maybe more taught should be put into how this can be solved.
Thank you
Thank you rea
Justine Chew
I too support the draft statement, and although I have one point to raise in respect of the SSAC Draft Project Plan, I am indifferent as to whether it needs to be raised within ALAC's draft statement at present.
The point being:
I appreciate SSAC's upfront disclosure regarding the possibility of not excluding members of the NCAP Work Party or their affiliated companies from bidding for the work summarily scoped out in the Draft Project Plan. It would be useful however for the Community to have adequate notice of any interest by such members or their affiliates to bid for such work so that reasonable steps can be (mooted and) applied beyond the existing COI policy cited in order to minimize not only the actual conflict of interest but also to manage any perception of conflict of interest thereof.
Hadia Elminiawi
Thank you Jonathan for submitting the final draft, i agree with Alan that it is to the point.
I would just like to emphasis in the first paragraph that it is not only about users trust but that Name collision could lead to security risks
"Name Collision occurs when a user, attempting to reach a private domain name, unintentionally reaches a public domain name and, as such, cut to the core of end user trust of the internet and could impose potential security issues"
I also have a comment with regard to contracting and engagement of independent third parties mentioned under bullet point membership under section 3.1 Project Teams – It is stated that "Contracting and engagement of independent third parties will be performed by full SSAC Members only and not Invited Guests." which means that SSAC members will have a different status than the invited guests and that only full SSAC members, who are basically volunteers from the SSAC will have the right to contract parties: that is basically a small group of the entire team therefore I would suggest that contracting and engagement of independent third parties be approved by the whole SSAC in order to have the input of a wider team
I agree with Justine's comment and I would like to add that since the WP and their affiliated companies will have the right to bid for the work ( for reasons that I agree with) I would suggest having some examples of what would be considered a potential conflict of interest in addition to what is not considered a potential conflict of interest, it is understandable that it is impossible to define all the situations where a potential conflict of interest might arise however, the examples will serve as guide lines.
Jonathan Zuck
Hey folks, thanks for the comments. Here's a revised draft. Look good?
As the principle voice of end users within the ICANN community, the At-large Advisory Committee (ALAC) supports the Security and Stability Advisory Committee (SSAC) in its efforts to address the issue of Name Collisions as it remains an area of some uncertainty. The ALAC urges the SSAC to proceed with the Name Collision Analysis Project (NCAP) Work Party's project plan and allocate enough time to do it right. We believe it is important to minimize the unintended consequences for end users. Name Collision occurs when a user, attempting to reach a private domain name, unintentionally reaches a public domain name and, as such, cut to the core of end user trust of the internet and could impose potential security issues.
The NCAP Work Party's project plan, as it currently stands, seems adequate without being excessive. We urge the SSAC to stay the course and not expedite the process for the benefit of any subsequent procedures. There is great anticipation, from parts of the community, for new applications but not only is a specific delay unlikely, given other factors, we believe it would be prudent for the SSAC to execute the project plan as submitted to provide the ICANN community with a holistic assessment of the risks.
Additionally, the ALAC seeks clarity on the Draft Project Plan’s bidding process as it related to section 3.1. First, we appreciate the SSAC’s candidness in disclosing that it will consider NCAP Work Party members’ bids, but it remains unclear as to their overall status as compared to invited guests of the SSAC. Moreover, we see a potential issue with having only a select group of the SSAC community choosing with whom they will contract. The ALAC recommends that the voting pool of those deciding independent third-party contracting agents should be open to the whole SSAC for input and provide the ICANN community with adequate amount of notice for any parties with whom they wish to contract. We believe that this will ameliorate these and other concerns related to potential conflicts of interest that may arise.
We appreciate the opportunity to share our views on this matter. Thank you in advance for your time and consideration on this important issue.
Hadia Elminiawi
Thanks Jonathan - looks good to me
Justine Chew
Jonathan,
Thanks for inserting an additional paragraph. May I propose the ensuing edited copy to provide greater clarity in raising the COI element:
Additionally, the ALAC seeks clarity on the SSAC's bidding process for work contemplated under this Draft Project Plan, as touched upon in sections 3.1 and 3.2. First, we appreciate the SSAC’s candour in disclosing that it will consider NCAP Work Party members’ bids (and that of their affiliates), but it remains unclear as to their overall status as compared to invited guests of the SSAC. Moreover, we see a potential issue with having only a select group of the SSAC community choosing with whom they will contract. The ALAC recommends that any decision with respect to contracting with either NCAP Work Party members and their affiliates or independent third-party contracting agents be taken by the whole SSAC (and excluding invited guests), and for SSAC to provide the ICANN community with adequate amount of notice with respect to any party with whom they wish to contract. We believe that this recommendation will ameliorate concerns related to potential conflicts of interest that may arise.
Hadia Elminiawi
Possibly not an issue but what does not look good is that you have SSAC members volunteering to be members of the NCAP WP, then this group will set a criteria for the invitation of technical experts, then they will invite the technical experts and finally this same group will contract third parties possibly including technical experts previously invited by them. That is why I believe that the vote of the wider SSAC community is recommended.
Justine Chew
Agreed. Which is why I referred to the need for managing perceived conflicts of interest.
Hadia Elminiawi
Jonathan, if you are going to edit again then i think the last sentence of the first paragraph reads better if we change could impose with threatens to
cut to the core of end user trust of the internet and threatens to impose potential security issues.
Abdulkarim Ayopo Oloyede
thanks. the statements seams fine
Hadia Elminiawi
Thank You Jonathan - The statement looks good, I believe we should proceed as the public comments period closes tomorrow
Justine Chew
Thanks Jonathan. Looks good. Let's proceed then.