<p dir="ltr">Eric<br>
Independent and has potential for increased risk after transition.</p>
<p dir="ltr">Rudi Daniel<br>
ICT consulting & LED lighting <br>
784 430 9235</p>
<div class="gmail_quote">On Dec 18, 2014 2:46 PM, "Eric Brunner-Williams" <<a href="mailto:ebw@abenaki.wabanaki.net">ebw@abenaki.wabanaki.net</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Rudi,<br>
<br>
Fine. That's a known threat with a process in place. Can you tie
that into any specific accountability process involved with the
hypothetical transfer of authority from the NTIA to some successor
entity or is this a threat that is independent of contract renewal
and/or a transfer of the contracting authority?<br>
<br>
Eric<br>
<br>
On 12/18/14 10:08 AM, Rudolph Daniel wrote:<br>
</div>
<blockquote type="cite">
<p dir="ltr">Or/and, I would suggest, the breaking of the rootzone
cryptographic keys by some entity, individual or agency.<br>
I am not aware of how unbreakable the current system is.</p>
<p dir="ltr">Rudi Daniel<br>
ICT consulting & LED lighting<br>
<a href="tel:784%20430%209235" value="+17844309235" target="_blank">784 430 9235</a></p>
<div class="gmail_quote">On Dec 18, 2014 1:57 PM, "Eric
Brunner-Williams" <<a href="mailto:ebw@abenaki.wabanaki.net" target="_blank">ebw@abenaki.wabanaki.net</a>>
wrote:<br type="attribution">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Dear Colleagues,<br>
<br>
ICANN has disclosed that the email credentials of several
members of staff have been compromised. [1]<br>
<br>
I suggest that a credible scenario is the compromise of some
resource critical to some accountability process. The form
of compromise may be loss of the resource, such as the loss
of a cryptographic key, or the disclosure of the resource,
such as email credentials.<br>
<br>
The accountability process compromised could be any one or
more of the Corporation's ByLaws Redress Mechanisms [2], or
those which are external to the Corporation [3].<br>
<br>
I will follow up with Staff on the existing Business
Continuity Plan of Record, as credential loss and/or
disclosure should fall within the Corporation's BC PoR, and
it may be somewhat pertinent at the moment.<br>
<br>
Regards,<br>
Eric Brunner-Williams<br>
Eugene, Oregon<br>
<br>
<br>
[1] <a href="https://www.icann.org/news/announcement-2-2014-12-16-en" target="_blank">https://www.icann.org/news/announcement-2-2014-12-16-en</a><br>
[2] (a) Reconsideration, (b) Independent third-party review,
(c) Periodic review, and (d) Ombudsman.<br>
[3] (a) Affirmation of Commitments, (b) Jurisdiction of
California and the United States, (c) Other Jurisdictions,
and (d) Contractual requirements.<br>
</div>
<br>
_______________________________________________<br>
Ccwg-accountability4 mailing list<br>
<a href="mailto:Ccwg-accountability4@icann.org" target="_blank">Ccwg-accountability4@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/ccwg-accountability4" target="_blank">https://mm.icann.org/mailman/listinfo/ccwg-accountability4</a><br>
<br>
</blockquote>
</div>
</blockquote>
<br>
</div>
</blockquote></div>