[Area 4] Compromise of a resource critical to some accountability process as a candidate scenario

Eric Brunner-Williams ebw at abenaki.wabanaki.net
Thu Dec 18 18:46:42 UTC 2014 

Rudi,

Fine. That's a known threat with a process in place. Can you tie that 
into any specific accountability process involved with the hypothetical 
transfer of authority from the NTIA to some successor entity or is this 
a threat that is independent of contract renewal and/or a transfer of 
the contracting authority?

Eric

On 12/18/14 10:08 AM, Rudolph Daniel wrote:
>
> Or/and, I would suggest, the breaking of the rootzone cryptographic 
> keys by some entity, individual or agency.
> I am not aware of how unbreakable the current system is.
>
> Rudi Daniel
> ICT consulting & LED lighting
> 784 430 9235
>
> On Dec 18, 2014 1:57 PM, "Eric Brunner-Williams" 
> <ebw at abenaki.wabanaki.net <mailto:ebw at abenaki.wabanaki.net>> wrote:
>
>     Dear Colleagues,
>
>     ICANN has disclosed that the email credentials of several members
>     of staff have been compromised. [1]
>
>     I suggest that a credible scenario is the compromise of some
>     resource critical to some accountability process. The form of
>     compromise may be loss of the resource, such as the loss of a
>     cryptographic key, or the disclosure of the resource, such as
>     email credentials.
>
>     The accountability process compromised could be any one or more of
>     the Corporation's ByLaws Redress Mechanisms [2], or those which
>     are external to the Corporation [3].
>
>     I will follow up with Staff on the existing Business Continuity
>     Plan of Record, as credential loss and/or disclosure should fall
>     within the Corporation's BC PoR, and it may be somewhat pertinent
>     at the moment.
>
>     Regards,
>     Eric Brunner-Williams
>     Eugene, Oregon
>
>
>     [1] https://www.icann.org/news/announcement-2-2014-12-16-en
>     [2] (a) Reconsideration, (b) Independent third-party review, (c)
>     Periodic review, and (d) Ombudsman.
>     [3] (a) Affirmation of Commitments, (b) Jurisdiction of California
>     and the United States, (c) Other Jurisdictions, and (d)
>     Contractual requirements.
>
>     _______________________________________________
>     Ccwg-accountability4 mailing list
>     Ccwg-accountability4 at icann.org <mailto:Ccwg-accountability4 at icann.org>
>     https://mm.icann.org/mailman/listinfo/ccwg-accountability4
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ccwg-accountability4/attachments/20141218/5f1e6b11/attachment-0001.html>

More information about the Ccwg-accountability4 mailing list