[CCWG-ACCT] Fwd: Re: regulatory/mission issue WS2

Russ Mundy mundy at tislabs.com
Tue Nov 10 00:17:31 UTC 2015 

Eric, Becky,

Speaking only for myself but from the perspective of an active SSAC member, I can say that my understanding of SAC032 is very much in line with Becky’s.  

As someone who’s tried to develop helpful advice, it is rewarding to see when SSAC advice is found useful by others and implemented by various parts of the Internet community.  However, the advice itself does not have to be followed by anyone - the ‘power' of the advice comes only from the technical merit of the advice _not_ from any regulatory or authority perspective.  

Although this might not have been clear in SAC032 (and some other SSAC publications), SSAC has tried to be more clear in recently - to quote from most of the Preface of most recent SSAC publications:

The SSAC has no authority to regulate, enforce, or adjudicate. Those functions belong to others, and the advice offered here should be evaluated on its merits.

As one who was an original member, I firmly believe that SSAC advice has always been just that - advice that could be accepted, rejected or simply ignored.   When people cite an SSAC publication as 'a source of authority’ for some action (past or future), that does not correctly represent SSAC advice.  However, if some activity that does have authority for making relevant decisions chooses to follow SSAC advice, then the one with the authority is making the decision (but the authority is _never_ that of SSAC).

Russ Mundy

On Nov 9, 2015, at 1:19 PM, Burr, Becky <Becky.Burr at neustar.biz> wrote:

> Eric,
> 
> I have a different recollection of the Wildcard issue, and a different understanding of SSAC 032.  
> 
> My clear recollection was that the Board challenged the Verisign Wildcard proposal on stability and security grounds, prohibited its use – BY gTLD REGISTRY OPERATORS – on those grounds, and issued the New Registry Services review review process (found in registry agreements) in response.  
> 
> SSAC 032 on Redirection does not appear to me to regulate anyone.  In SSAC 032, the advisory committee “encourages the community to consider the broad implications of turning negative responses into revenue opportunities without consideration of the operational consequences and without consideration for the wishes of either registrants or clients of DNS data.”  While conveying the reasoned views of DNS security experts, nothing about the report amounts to “regulation” by my read.  It does not regulate down stream DNS server operators either directly (how could it?) or indirectly through registry operators.  Nor am I aware that ICANN has attempted to use SSAC 032 for that purpose.
> 
> So, as I read this, ICANN’s opposition to the Verisign Wildcard program on stability and security grounds falls squarely within ICANN’s Mission as stated in the current CCWG proposed text, and nothing about ICANN’s actions in this regard would appear to be in conflict with the proposed language precluding regulation of services that use the Internet’s unique identifiers to enable or facilitate their reachability over the Internet or the content such services provide.
> 
> Becky
> 
> 
> J. Beckwith Burr 
> Neustar, Inc. / Deputy General Counsel & Chief Privacy Officer
> 1775 Pennsylvania Avenue NW, Washington D.C. 20006
> Office: +1.202.533.2932  Mobile: +1.202.352.6367 / neustar.biz
> 
> 
> From: Eric Brunner-Williams <ebw at abenaki.wabanaki.net>
> Date: Sunday, November 8, 2015 at 9:21 PM
> To: Accountability Community <accountability-cross-community at icann.org>
> Subject: [CCWG-ACCT] Fwd: Re: regulatory/mission issue WS2
> 
> Colleagues,
> 
> Correspondence which inadvertently didn't go to the archived ccwg-acct list. My response to Malcolm, followed by Malcolm's query.
> 
> Eric Brunner-Williams
> Eugene, Oregon
> 
> 
> -------- Forwarded Message --------
> Subject:	Re: [CCWG-ACCT] regulatory/mission issue WS2
> Date:	Sun, 8 Nov 2015 10:43:36 -0800
> From:	Eric Brunner-Williams <ebw at abenaki.wabanaki.net>
> To:	Malcolm Hutty <malcolm at linx.net>
> CC:	accountability-cross-community-bounces at icann.org
> 
> 
> Malcolm,
> 
> That bell has already rung. SSAC 032 has been published. The Board took 
> note of SiteFinder. More generally, the Corporation acted to prevent 
> correct resolutions causing harm in the case of the Conficker.C variant.
> 
> Still more generally, "we" (the "community") routinely produce 
> informational RFCs and Best Current Practices documents addressing 
> resolver operators, as well as others.
> 
> The "means to ensure continuous correct resolution" is not limited to 
> "the authority to direct, in a compulsory sense, the operators".
> 
> I suggest that this detour into my opinion on the rights of ISPs doesn't 
> illuminate the "what's a service?" question Becky and others are 
> struggling with. My point was we could be specific about what we're not 
> regulating, which I suspect means "content", not ASN filtering, not 
> route filtering, and not filtering forward and backwards name-to-address 
> resolution.
> 
> Finally, the issue is not what our work product has been, and to what 
> effect, but what it will be, after some transition. As I observed in the 
> conclusion of the note from which you picked the quote below, the 
> possibility of future work on resolution is obsoleted by the sweeping 
> prohibition language, with the exception as others have mentioned, 
> through contracts.
> 
> Cheers,
> Eric Brunner-Williams
> Eugene, Oregon
> 
> 
> 
> On 11/6/15 4:30 PM, Malcolm Hutty wrote:
> > On 2015-11-06 22:09, Eric Brunner-Williams wrote:
> >>
> >>  First, could we narrow what it is we're not regulating, ISPs do a lot
> >> of things, but one thing they can do is operate recursive resolvers,
> >> so in particular, the "no authority to regulate" means no means to
> >> ensure continuous correct resolution of domain names by ISPs.
> >
> > Eric,
> >
> > Are you of the opinion that ICANN does in fact have the authority to 
> > direct,
> > in a compulsory sense, the operators of name resolvers such as ISPs in
> > how to operate them?
> >
> > Malcolm.
> 
> 
> 
> _______________________________________________
> Accountability-Cross-Community mailing list
> Accountability-Cross-Community at icann.org
> https://mm.icann.org/mailman/listinfo/accountability-cross-community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/accountability-cross-community/attachments/20151109/e41a7e99/attachment.html>

More information about the Accountability-Cross-Community mailing list